Ola Lundqvist pushed to branch master at Debian Security Tracker / security-tracker
Commits: 1c752837 by Ola Lundqvist at 2018-04-09T21:08:12+02:00 The CVE was marked as no-dsa for Debian Security and there is no reason to believe why wheezy should be treated differently. Therefore marking as ignored and removing the package from dla-needed.txt. - - - - - 2 changed files: - data/CVE/list - data/dla-needed.txt Changes: ===================================== data/CVE/list ===================================== --- a/data/CVE/list +++ b/data/CVE/list @@ -1652,6 +1652,7 @@ CVE-2018-9133 (ImageMagick 7.0.7-26 Q16 has excessive iteration in the DecodeLab - imagemagick <unfixed> (low; bug #894848) [stretch] - imagemagick <ignored> (Minor issue) [jessie] - imagemagick <ignored> (Minor issue) + [wheezy] - imagemagick <ignored> (Minor issue) NOTE: https://github.com/ImageMagick/ImageMagick/issues/1072 NOTE: IM6: https://github.com/ImageMagick/ImageMagick/commit/089fca04e0130549fa15f48ace3f56e30a06049a NOTE: IM7: https://github.com/ImageMagick/ImageMagick/commit/19b96ba61431914e2ac316b72c0789965f2b7c09 @@ -1905,6 +1906,7 @@ CVE-2017-18252 (An issue was discovered in ImageMagick 7.0.7. The MogrifyImageLi - imagemagick <unfixed> (low) [stretch] - imagemagick <ignored> (Minor issue) [jessie] - imagemagick <ignored> (Minor issue) + [wheezy] - imagemagick <ignored> (Minor issue) NOTE: https://github.com/ImageMagick/ImageMagick/issues/802 NOTE: https://github.com/ImageMagick/ImageMagick/commit/12f34b60564de1cbec08e23e2413dab5b64daeb7 NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/bb04ccb34fd45e9c3020786857fb79b09f44d7db @@ -2063,6 +2065,7 @@ CVE-2018-8960 (The ReadTIFFImage function in coders/tiff.c in ImageMagick 7.0.7- - imagemagick 8:6.9.9.39+dfsg-1 (low) [stretch] - imagemagick <ignored> (Minor issue) [jessie] - imagemagick <ignored> (Minor issue) + [wheezy] - imagemagick <ignored> (Minor issue) NOTE: https://github.com/ImageMagick/ImageMagick/issues/1020 NOTE: https://github.com/ImageMagick/ImageMagick/commit/23f6beef78cfe806cabc090a015e73557d60788e NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/7c0b29f621ebcce1a35c0e6c1992c9043b3bb1bd @@ -2478,6 +2481,7 @@ CVE-2018-8804 (WriteEPTImage in coders/ept.c in ImageMagick 7.0.7-25 Q16 allows - imagemagick 8:6.9.9.39+dfsg-1 (low) [stretch] - imagemagick <ignored> (Minor issue) [jessie] - imagemagick <ignored> (Minor issue) + [wheezy] - imagemagick <ignored> (Minor issue) NOTE: https://github.com/ImageMagick/ImageMagick/commit/f55d3a622d234e940fb99325b92c6d3df578fa9b NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/6355db269e03f879c516cf9d592c72e157bc75d6 NOTE: https://github.com/ImageMagick/ImageMagick/issues/1025 ===================================== data/dla-needed.txt ===================================== --- a/data/dla-needed.txt +++ b/data/dla-needed.txt @@ -36,8 +36,6 @@ gcc-4.7 (Roberto C. Sánchez) NOTE: Backport the retpoline support for spectre mitigation. NOTE: Do we want/need it on this gcc version as well? -- -imagemagick --- jruby -- krb5 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/1c7528370d8d96d82ec9f1dadbcf5b49c52d2b64 --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/1c7528370d8d96d82ec9f1dadbcf5b49c52d2b64 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits