Author: carnil
Date: 2017-01-20 19:34:12 +0000 (Fri, 20 Jan 2017)
New Revision: 48235
Modified:
data/CVE/list
Log:
Record imagemagick fixes for unstable upload
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-01-20 19:16:48 UTC (rev 48234)
+++ data/CVE/list 2017-01-20 19:34:12 UTC (rev 48235)
@@ -400,17 +400,17 @@
NOTE: https://github.com/mdadams/jasper/issues/62
CVE-2017-5506 [double free in profile]
RESERVED
- - imagemagick <unfixed> (bug #851383)
+ - imagemagick 8:6.9.7.4+dfsg-1 (bug #851383)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/354
NOTE: http://www.openwall.com/lists/oss-security/2017/01/16/6
CVE-2017-5507 [memory leak in MPC file handling]
RESERVED
- - imagemagick <unfixed> (bug #851382)
+ - imagemagick 8:6.9.7.4+dfsg-1 (bug #851382)
NOTE:
https://github.com/ImageMagick/ImageMagick/commit/4493d9ca1124564da17f9b628ef9d0f1a6be9738
NOTE: http://www.openwall.com/lists/oss-security/2017/01/16/6
CVE-2017-5508 [Crash - PushQuantumPixel - Heap-Buffer-Overflow (TIFF)]
RESERVED
- - imagemagick <unfixed> (bug #851381)
+ - imagemagick 8:6.9.7.4+dfsg-1 (bug #851381)
NOTE:
https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=31161
NOTE: http://www.openwall.com/lists/oss-security/2017/01/16/6
CVE-2016-10146 [memory leak in caption and label handling]
@@ -425,27 +425,27 @@
NOTE:
https://github.com/ZoneMinder/ZoneMinder/commit/aa0a4d1f5ad2c493f2bed175991e92c466ac3dc4
CVE-2017-5509 [out of bound in psd file handling]
RESERVED
- - imagemagick <unfixed> (bug #851377)
+ - imagemagick 8:6.9.7.4+dfsg-1 (bug #851377)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/350
NOTE: http://www.openwall.com/lists/oss-security/2017/01/16/6
CVE-2017-5510 [memory corruption heap overflow, psb file related, another one]
RESERVED
- - imagemagick <unfixed> (bug #851376)
+ - imagemagick 8:6.9.7.4+dfsg-1 (bug #851376)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/348
NOTE: http://www.openwall.com/lists/oss-security/2017/01/16/6
CVE-2017-5511 [memory corruption heap overflow, psb file related]
RESERVED
- - imagemagick <unfixed> (bug #851374)
+ - imagemagick 8:6.9.7.4+dfsg-1 (bug #851374)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/347
NOTE: http://www.openwall.com/lists/oss-security/2017/01/16/6
CVE-2016-10144 [ipl file missing malloc check]
RESERVED
- - imagemagick <unfixed> (bug #851485)
+ - imagemagick 8:6.9.7.4+dfsg-1 (bug #851485)
NOTE: Fixed by:
https://github.com/ImageMagick/ImageMagick/commit/97566cf2806c0a5a86e884c96831a0c3b1ec6c20
NOTE: http://www.openwall.com/lists/oss-security/2017/01/16/6
CVE-2016-10145 [wpg file off by one]
RESERVED
- - imagemagick <unfixed> (bug #851483)
+ - imagemagick 8:6.9.7.4+dfsg-1 (bug #851483)
NOTE: Fixed by:
https://github.com/ImageMagick/ImageMagick/commit/d23beebe7b1179fb75db1e85fbca3100e49593d9
NOTE: http://www.openwall.com/lists/oss-security/2017/01/16/6
CVE-2017-5487
(wp-includes/rest-api/endpoints/class-wp-rest-users-controller.php in ...)
@@ -13327,7 +13327,7 @@
NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
CVE-2016-10062 [fwrite issue in ReadGROUP4Image]
RESERVED
- - imagemagick <unfixed> (bug #849439)
+ - imagemagick 8:6.9.7.4+dfsg-1 (bug #849439)
[jessie] - imagemagick <no-dsa> (Minor issue)
[wheezy] - imagemagick <no-dsa> (Minor issue)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/196
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
