[Secure-testing-commits] r56687 - data/CVE

Salvatore Bonaccorso Sat, 14 Oct 2017 02:49:04 -0700

Author: carnil
Date: 2017-10-14 09:48:12 +0000 (Sat, 14 Oct 2017)
New Revision: 56687


Modified:
   data/CVE/list
Log:
Mark CVE-2017-14137/imagemagick as unimportant

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-10-14 09:27:28 UTC (rev 56686)
+++ data/CVE/list       2017-10-14 09:48:12 UTC (rev 56687)
@@ -3284,11 +3284,12 @@
        - imagemagick <unfixed> (unimportant)
        NOTE: https://github.com/ImageMagick/ImageMagick/issues/639
 CVE-2017-14137 (ReadWEBPImage in coders/webp.c in ImageMagick 7.0.6-5 has an 
issue ...)
-       - imagemagick <unfixed> (low)
+       - imagemagick <unfixed> (unimportant)
        [wheezy] - imagemagick <not-affected> (Vulnerable code not present)
        NOTE: https://github.com/ImageMagick/ImageMagick/issues/641
        NOTE: 
https://github.com/ImageMagick/ImageMagick/commit/cb63560ba25e4a6c51ab282538c24877fff7d471
        NOTE: ImageMagick-6: 
https://github.com/ImageMagick/ImageMagick/commit/cfc2bd4c87481d4cf60308cc6ffd3c61288ff004
+       NOTE: ImageMagick in Debian not compiled with webp support 
(--with-webp=yes)
 CVE-2017-14136 (OpenCV (Open Source Computer Vision Library) 3.3 has an 
out-of-bounds ...)
        {DLA-1117-1}
        - opencv <unfixed>


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r56687 - data/CVE

Reply via email to