Author: jmm
Date: 2017-07-14 14:01:28 +0000 (Fri, 14 Jul 2017)
New Revision: 53491
Modified:
data/CVE/list
Log:
imagemagick fixed
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-07-14 13:56:41 UTC (rev 53490)
+++ data/CVE/list 2017-07-14 14:01:28 UTC (rev 53491)
@@ -370,7 +370,7 @@
CVE-2017-11171 (Bad reference counting in the context of
accept_ice_connection() in ...)
- gnome-session 2.30.0-1
CVE-2017-11170 (The ReadTGAImage function in coders\tga.c in ImageMagick
7.0.5-6 has a ...)
- - imagemagick <unfixed> (low; bug #868184)
+ - imagemagick 8:6.9.7.4+dfsg-12 (low; bug #868184)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/472
CVE-2017-11169
RESERVED
@@ -601,7 +601,7 @@
CVE-2017-1000001 (FedMsg 0.18.1 and older is vulnerable to a message
validation flaw ...)
TODO: check
CVE-2017-11141 (The ReadMATImage function in coders\mat.c in ImageMagick
7.0.5-6 has a ...)
- - imagemagick <unfixed> (low; bug #868184)
+ - imagemagick 8:6.9.7.4+dfsg-12 (low; bug #868184)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/469
NOTE:
https://github.com/ImageMagick/ImageMagick/commit/353b942bd83da7e1356ba99c942848bd1871ee9f
CVE-2017-11140 (The ReadJPEGImage function in coders/jpeg.c in GraphicsMagick
1.3.26 ...)
@@ -662,20 +662,20 @@
CVE-2017-11114
RESERVED
CVE-2017-XXXX [memory exhaustion in ReadDPXImage in dpx.c]
- - imagemagick <unfixed> (bug #867812)
+ - imagemagick 8:6.9.7.4+dfsg-12 (bug #867812)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/523
CVE-2017-XXXX [memory leak in ReadDIBImage in dib.c]
- - imagemagick <unfixed> (bug #867811)
+ - imagemagick 8:6.9.7.4+dfsg-12 (bug #867811)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/522
CVE-2017-XXXX [memory exhaustion in ReadCINImage]
- - imagemagick <unfixed> (bug #867810)
+ - imagemagick 8:6.9.7.4+dfsg-12 (bug #867810)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/519
CVE-2017-XXXX [CPU exhaustion in ReadRLEImage]
- - imagemagick <unfixed> (bug #867808)
+ - imagemagick 8:6.9.7.4+dfsg-12 (bug #867808)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/518
NOTE: Fixed by:
https://github.com/ImageMagick/ImageMagick/commit/224bc946b24824a77e8e8c52ee07e9bc65796e30
CVE-2017-11188 (The ReadDPXImage function in coders\dpx.c in ImageMagick
7.0.6-0 has a ...)
- - imagemagick <unfixed> (bug #867806; bug #868184)
+ - imagemagick 8:6.9.7.4+dfsg-12 (bug #867806; bug #868184)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/509
CVE-2017-11113 (In ncurses 6.0, there is a NULL Pointer Dereference in the ...)
- ncurses 6.0+20170701-1
@@ -1191,7 +1191,7 @@
NOTE: https://github.com/radare/radare2/issues/7855
NOTE:
https://github.com/radare/radare2/commit/c57997e76ec70862174a1b3b3aeb62a6f8570e85
CVE-2017-10928 (In ImageMagick 7.0.6-0, a heap-based buffer over-read in the
...)
- - imagemagick <unfixed> (bug #867367)
+ - imagemagick 8:6.9.7.4+dfsg-12 (bug #867367)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/539
CVE-2017-10927
RESERVED
@@ -4514,14 +4514,14 @@
- curl <not-affected> (Windows only)
CVE-2017-9501 (In ImageMagick 7.0.5-7 Q16, an assertion failure was found in
the ...)
{DLA-1000-1}
- - imagemagick <unfixed> (low; bug #867721)
+ - imagemagick 8:6.9.7.4+dfsg-12 (low; bug #867721)
[stretch] - imagemagick <no-dsa> (Minor issue, wait until more severe
issues arise)
[jessie] - imagemagick <no-dsa> (Minor issue, wait until more severe
issues arise)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/491
NOTE: Fixed by:
https://github.com/ImageMagick/ImageMagick/commit/01843366d6a7b96e22ad7bb67f3df7d9fd4d5d74
CVE-2017-9500 (In ImageMagick 7.0.5-8 Q16, an assertion failure was found in
the ...)
{DLA-1000-1}
- - imagemagick <unfixed> (low; bug #867778)
+ - imagemagick 8:6.9.7.4+dfsg-12 (low; bug #867778)
[stretch] - imagemagick <no-dsa> (Minor issue, wait until more severe
issues arise)
[jessie] - imagemagick <no-dsa> (Minor issue, wait until more severe
issues arise)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/500
@@ -4682,7 +4682,7 @@
CVE-2017-9441 (** DISPUTED ** Multiple cross-site scripting (XSS)
vulnerabilities in ...)
NOT-FOR-US: BigTree CMS
CVE-2017-9440 (In ImageMagick 7.0.5-5, a memory leak was found in the function
...)
- - imagemagick <unfixed> (low; bug #864273)
+ - imagemagick 8:6.9.7.4+dfsg-12 (low; bug #864273)
[stretch] - imagemagick <no-dsa> (Minor issue, wait until more severe
issues arise)
[jessie] - imagemagick <no-dsa> (Minor issue, wait until more severe
issues arise)
[wheezy] - imagemagick <not-affected> (vulnerable code not present)
@@ -4690,7 +4690,7 @@
NOTE: Fixed by:
https://github.com/ImageMagick/ImageMagick/commit/c2be129c25763680afeca59f4de5d6d4240ca2cf
CVE-2017-9439 (In ImageMagick 7.0.5-5, a memory leak was found in the function
...)
{DLA-1000-1}
- - imagemagick <unfixed> (low; bug #864274)
+ - imagemagick 8:6.9.7.4+dfsg-12 (low; bug #864274)
[stretch] - imagemagick <no-dsa> (Minor issue, wait until more severe
issues arise)
[jessie] - imagemagick <no-dsa> (Minor issue, wait until more severe
issues arise)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/460
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
