[Secure-testing-commits] r53823 - data/CVE

security tracker role Sun, 23 Jul 2017 02:11:09 -0700

Author: sectracker
Date: 2017-07-23 09:10:15 +0000 (Sun, 23 Jul 2017)
New Revision: 53823


Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-07-23 06:24:55 UTC (rev 53822)
+++ data/CVE/list       2017-07-23 09:10:15 UTC (rev 53823)
@@ -1,41 +1,89 @@
-CVE-2017-11540
+CVE-2017-11564
+       RESERVED
+CVE-2017-11563
+       RESERVED
+CVE-2017-11562
+       RESERVED
+CVE-2017-11561
+       RESERVED
+CVE-2017-11560
+       RESERVED
+CVE-2017-11559
+       RESERVED
+CVE-2017-11558
+       RESERVED
+CVE-2017-11557
+       RESERVED
+CVE-2017-11556 (There is a stack consumption vulnerability in the ...)
+       TODO: check
+CVE-2017-11555 (There is an illegal address access in the Eval::operator 
function in ...)
+       TODO: check
+CVE-2017-11554 (There is a stack consumption vulnerability in the lex function 
in ...)
+       TODO: check
+CVE-2017-11553 (There is an illegal address access in the extend_alias_table 
function ...)
+       TODO: check
+CVE-2017-11552
+       RESERVED
+CVE-2017-11551
+       RESERVED
+CVE-2017-11550
+       RESERVED
+CVE-2017-11549
+       RESERVED
+CVE-2017-11548
+       RESERVED
+CVE-2017-11547
+       RESERVED
+CVE-2017-11546
+       RESERVED
+CVE-2017-11545 (tcpdump 4.9.0 has a Segmentation Violation in the 
compressed_sl_print ...)
+       TODO: check
+CVE-2017-11544 (tcpdump 4.9.0 has a Segmentation Violation in the 
compressed_sl_print ...)
+       TODO: check
+CVE-2017-11543 (tcpdump 4.9.0 has a buffer overflow in the sliplink_print 
function in ...)
+       TODO: check
+CVE-2017-11542 (tcpdump 4.9.0 has a heap-based buffer over-read in the 
pimv1_print ...)
+       TODO: check
+CVE-2017-11541 (tcpdump 4.9.0 has a heap-based buffer over-read in the 
lldp_print ...)
+       TODO: check
+CVE-2017-11540 (When ImageMagick 7.0.6-1 processes a crafted file in convert, 
it can ...)
        - imagemagick <unfixed>
        NOTE: https://github.com/ImageMagick/ImageMagick/issues/581
-CVE-2017-11539
+CVE-2017-11539 (When ImageMagick 7.0.6-1 processes a crafted file in convert, 
it can ...)
        - imagemagick <unfixed>
        NOTE: https://github.com/ImageMagick/ImageMagick/issues/582
-CVE-2017-11538
+CVE-2017-11538 (When ImageMagick 7.0.6-1 processes a crafted file in convert, 
it can ...)
        - imagemagick <unfixed>
        NOTE: https://github.com/ImageMagick/ImageMagick/issues/569
        NOTE: 
https://github.com/ImageMagick/ImageMagick/commit/0a80c9e5f293a8de51011ac784ac52b96932c08f
-CVE-2017-11537
+CVE-2017-11537 (When ImageMagick 7.0.6-1 processes a crafted file in convert, 
it can ...)
        - imagemagick <unfixed>
        NOTE: https://github.com/ImageMagick/ImageMagick/issues/560
        NOTE: 
https://github.com/ImageMagick/ImageMagick/commit/2bbc1b96f0d9371df675fdf7b8fc9bd4a42ae9cd
        NOTE: ImageMagick-6: 
https://github.com/ImageMagick/ImageMagick/commit/bac384563f557d1ac7413d2eaec00dd59c3cc29b
-CVE-2017-11536
+CVE-2017-11536 (When ImageMagick 7.0.6-1 processes a crafted file in convert, 
it can ...)
        - imagemagick <unfixed>
        NOTE: https://github.com/ImageMagick/ImageMagick/issues/567
        NOTE: 
https://github.com/ImageMagick/ImageMagick/commit/167e1538ae9818d46c9462a4273082871e35a480
        NOTE: ImageMagick-6: 
https://github.com/ImageMagick/ImageMagick/commit/dba1ccfbcdf61c0eb599c7c308b42ed46dc92be6
-CVE-2017-11535
+CVE-2017-11535 (When ImageMagick 7.0.6-1 processes a crafted file in convert, 
it can ...)
        - imagemagick <unfixed>
        NOTE: https://github.com/ImageMagick/ImageMagick/issues/561
        NOTE: 
https://github.com/ImageMagick/ImageMagick/commit/b8647f11ddfd6f85a6cc39654c7e78c2bc6412e4
        NOTE: Imagemagick-6: 
https://github.com/ImageMagick/ImageMagick/commit/bba95cfcc19fa8a261e12692f31279148ad42441
-CVE-2017-11534
+CVE-2017-11534 (When ImageMagick 7.0.6-1 processes a crafted file in convert, 
it can ...)
        - imagemagick <unfixed>
        NOTE: https://github.com/ImageMagick/ImageMagick/issues/564
-CVE-2017-11533
+CVE-2017-11533 (When ImageMagick 7.0.6-1 processes a crafted file in convert, 
it can ...)
        - imagemagick <unfixed>
        NOTE: https://github.com/ImageMagick/ImageMagick/issues/562
        NOTE: 
https://github.com/ImageMagick/ImageMagick/commit/f0c29cc251578fe0ad8ec7b72f2487a77a1696b8
        NOTE: ImageMagick-6: 
https://github.com/ImageMagick/ImageMagick/commit/ed1fd69231ab21dc540167c63bc3b0fa3282ec59
-CVE-2017-11532
+CVE-2017-11532 (When ImageMagick 7.0.6-1 processes a crafted file in convert, 
it can ...)
        - imagemagick <unfixed>
        NOTE: https://github.com/ImageMagick/ImageMagick/issues/563
        NOTE: ImageMagick-6: 
https://github.com/ImageMagick/ImageMagick/commit/d60d705cddac7fa5d0e6596c183bbb9b46a57161
-CVE-2017-11531
+CVE-2017-11531 (When ImageMagick 7.0.6-1 processes a crafted file in convert, 
it can ...)
        - imagemagick <unfixed>
        NOTE: https://github.com/ImageMagick/ImageMagick/issues/566
        NOTE: ImageMagick-6: 
https://github.com/ImageMagick/ImageMagick/commit/c81594c6ee93581b97e8f8c743200b1366d83989
@@ -84,12 +132,12 @@
        [jessie] - tor <not-affected> (aa-exec in jessie is located in 
/usr/sbin/)
        [wheezy] - tor <not-affected> (aa-exec in jessie is located in 
/usr/sbin/)
        NOTE: https://twitter.com/pissquark/status/888142796414226432
-CVE-2017-11523 [endless loop in ReadTXTImage]
+CVE-2017-11523 (The ReadTXTImage function in coders/txt.c in ImageMagick 
through ...)
        - imagemagick <unfixed> (bug #869210)
        NOTE: https://github.com/ImageMagick/ImageMagick/issues/591
        NOTE: Fixed by: 
https://github.com/ImageMagick/ImageMagick/commit/83e0f8ffd7eeb7661b0ff83257da23d24ca7f078
        NOTE: Fixed by (ImageMagick-6): 
https://github.com/ImageMagick/ImageMagick/commit/a8f9c2aabed37cd6a728532d1aed13ae0f3dfd78
-CVE-2017-11522 [Null-Point reference in WriteOnePNGImage]
+CVE-2017-11522 (The WriteOnePNGImage function in coders/png.c in ImageMagick 
through ...)
        - imagemagick <unfixed> (bug #869209)
        NOTE: https://github.com/ImageMagick/ImageMagick/issues/586
        NOTE: 
https://github.com/ImageMagick/ImageMagick/commit/816ecab6c532ae086ff4186b3eaf4aa7092d536f
@@ -532,24 +580,28 @@
        - tiff3 <removed>
        NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2715
        NOTE: Fixed by: 
https://github.com/vadz/libtiff/commit/69bfeec247899776b1b396651adb47436e5f1556
-CVE-2017-11529 [memory leak in ReadMATImage in mat.c]
+CVE-2017-11529 (The ReadMATImage function in coders/mat.c in ImageMagick 
before 6.9.9-0 ...)
+       {DSA-3914-1}
        - imagemagick 8:6.9.7.4+dfsg-12 (bug #867823)
        NOTE: https://github.com/ImageMagick/ImageMagick/issues/525
 CVE-2017-11478 (The ReadOneDJVUImage function in coders/djvu.c in ImageMagick 
through ...)
        {DSA-3914-1}
        - imagemagick 8:6.9.7.4+dfsg-12 (bug #867826)
        NOTE: https://github.com/ImageMagick/ImageMagick/issues/528
-CVE-2017-11526 [CPU exhaustion in ReadOneMNGImage]
+CVE-2017-11526 (The ReadOneMNGImage function in coders/png.c in ImageMagick 
before ...)
+       {DSA-3914-1}
        - imagemagick 8:6.9.7.4+dfsg-12 (bug #867825)
        NOTE: https://github.com/ImageMagick/ImageMagick/issues/527
 CVE-2017-11505 (The ReadOneJNGImage function in coders/png.c in ImageMagick 
through ...)
        {DSA-3914-1}
        - imagemagick 8:6.9.7.4+dfsg-12 (bug #867824)
        NOTE: https://github.com/ImageMagick/ImageMagick/issues/526
-CVE-2017-11530 [memory exhaustion in ReadEPTImage in ept.c]
+CVE-2017-11530 (The ReadEPTImage function in coders/ept.c in ImageMagick 
before 6.9.9-0 ...)
+       {DSA-3914-1}
        - imagemagick 8:6.9.7.4+dfsg-12 (bug #867821)
        NOTE: https://github.com/ImageMagick/ImageMagick/issues/524
-CVE-2017-11524 [assertion failed in WriteBlob]
+CVE-2017-11524 (The WriteBlob function in MagickCore/blob.c in ImageMagick 
before ...)
+       {DSA-3914-1}
        - imagemagick 8:6.9.7.4+dfsg-12 (bug #867798)
        NOTE: https://github.com/ImageMagick/ImageMagick/issues/506
 CVE-2017-11334 [exec: oob access during dma operation]
@@ -1266,13 +1318,16 @@
        RESERVED
 CVE-2017-11114
        RESERVED
-CVE-2017-11527 [memory exhaustion in ReadDPXImage in dpx.c]
+CVE-2017-11527 (The ReadDPXImage function in coders/dpx.c in ImageMagick 
before 6.9.9-0 ...)
+       {DSA-3914-1}
        - imagemagick 8:6.9.7.4+dfsg-12 (bug #867812)
        NOTE: https://github.com/ImageMagick/ImageMagick/issues/523
-CVE-2017-11528 [memory leak in ReadDIBImage in dib.c]
+CVE-2017-11528 (The ReadDIBImage function in coders/dib.c in ImageMagick 
before 6.9.9-0 ...)
+       {DSA-3914-1}
        - imagemagick 8:6.9.7.4+dfsg-12 (bug #867811)
        NOTE: https://github.com/ImageMagick/ImageMagick/issues/522
-CVE-2017-11525 [memory exhaustion in ReadCINImage]
+CVE-2017-11525 (The ReadCINImage function in coders/cin.c in ImageMagick 
before 6.9.9-0 ...)
+       {DSA-3914-1}
        - imagemagick 8:6.9.7.4+dfsg-12 (bug #867810)
        NOTE: https://github.com/ImageMagick/ImageMagick/issues/519
 CVE-2017-11188 (The ReadDPXImage function in coders\dpx.c in ImageMagick 
7.0.6-0 has a ...)
@@ -11955,8 +12010,8 @@
        NOT-FOR-US: Fortinet FortiPortal
 CVE-2017-7337 (An improper Access Control vulnerability in Fortinet 
FortiPortal ...)
        NOT-FOR-US: Fortinet FortiPortal
-CVE-2017-7336
-       RESERVED
+CVE-2017-7336 (A hard-coded account named 'upgrade' in Fortinet FortiWLM 8.3.0 
and ...)
+       TODO: check
 CVE-2017-7335
        RESERVED
 CVE-2017-7334


_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r53823 - data/CVE

Reply via email to