Author: carnil
Date: 2017-10-11 09:17:30 +0000 (Wed, 11 Oct 2017)
New Revision: 56599
Modified:
data/CVE/list
Log:
Add two imagemagick issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-10-11 09:14:53 UTC (rev 56598)
+++ data/CVE/list 2017-10-11 09:17:30 UTC (rev 56599)
@@ -100,9 +100,15 @@
CVE-2017-15219 (The dotCMS 4.1.1 application is vulnerable to Stored
Cross-Site ...)
TODO: check
CVE-2017-15218 (ImageMagick 7.0.7-2 has a memory leak in ReadOneJNGImage in
...)
- TODO: check
+ - imagemagick <unfixed> (unimportant)
+ NOTE: https://github.com/ImageMagick/ImageMagick/issues/760
+ NOTE: ImageMagick-6:
https://github.com/ImageMagick/ImageMagick/commit/698c09d05a749664288281012f319cd51da664ee
+ NOTE:
https://github.com/ImageMagick/ImageMagick/commit/6387479aa974709d5c329c8efbde38175f386844
CVE-2017-15217 (ImageMagick 7.0.7-2 has a memory leak in ReadSGIImage in
coders/sgi.c. ...)
- TODO: check
+ - imagemagick <unfixed> (unimportant)
+ NOTE: https://github.com/ImageMagick/ImageMagick/issues/759
+ NOTE: ImageMagick-6:
https://github.com/ImageMagick/ImageMagick/commit/9bad9cd6752bf8dc5825f555fd1117855bd2fc47
+ NOTE:
https://github.com/ImageMagick/ImageMagick/commit/8fa3c10977f668c92688272a4802f4477df61076
CVE-2016-10514 (url_check_format in include/functions.inc.php in Piwigo before
2.8.3 ...)
- piwigo <removed>
CVE-2016-10513 (Cross Site Scripting (XSS) exists in Piwigo before 2.8.3 via a
crafted ...)
_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
