Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
1c752837 by Ola Lundqvist at 2018-04-09T21:08:12+02:00
The CVE was marked as no-dsa for Debian Security and there is no reason to
believe why wheezy should be treated differently. Therefore marking as ignored
and removing the package from dla-needed.txt.
- - - - -
2 changed files:
- data/CVE/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1652,6 +1652,7 @@ CVE-2018-9133 (ImageMagick 7.0.7-26 Q16 has excessive
iteration in the DecodeLab
- imagemagick <unfixed> (low; bug #894848)
[stretch] - imagemagick <ignored> (Minor issue)
[jessie] - imagemagick <ignored> (Minor issue)
+ [wheezy] - imagemagick <ignored> (Minor issue)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/1072
NOTE: IM6:
https://github.com/ImageMagick/ImageMagick/commit/089fca04e0130549fa15f48ace3f56e30a06049a
NOTE: IM7:
https://github.com/ImageMagick/ImageMagick/commit/19b96ba61431914e2ac316b72c0789965f2b7c09
@@ -1905,6 +1906,7 @@ CVE-2017-18252 (An issue was discovered in ImageMagick
7.0.7. The MogrifyImageLi
- imagemagick <unfixed> (low)
[stretch] - imagemagick <ignored> (Minor issue)
[jessie] - imagemagick <ignored> (Minor issue)
+ [wheezy] - imagemagick <ignored> (Minor issue)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/802
NOTE:
https://github.com/ImageMagick/ImageMagick/commit/12f34b60564de1cbec08e23e2413dab5b64daeb7
NOTE: ImageMagick-6:
https://github.com/ImageMagick/ImageMagick/commit/bb04ccb34fd45e9c3020786857fb79b09f44d7db
@@ -2063,6 +2065,7 @@ CVE-2018-8960 (The ReadTIFFImage function in
coders/tiff.c in ImageMagick 7.0.7-
- imagemagick 8:6.9.9.39+dfsg-1 (low)
[stretch] - imagemagick <ignored> (Minor issue)
[jessie] - imagemagick <ignored> (Minor issue)
+ [wheezy] - imagemagick <ignored> (Minor issue)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/1020
NOTE:
https://github.com/ImageMagick/ImageMagick/commit/23f6beef78cfe806cabc090a015e73557d60788e
NOTE: ImageMagick-6:
https://github.com/ImageMagick/ImageMagick/commit/7c0b29f621ebcce1a35c0e6c1992c9043b3bb1bd
@@ -2478,6 +2481,7 @@ CVE-2018-8804 (WriteEPTImage in coders/ept.c in
ImageMagick 7.0.7-25 Q16 allows
- imagemagick 8:6.9.9.39+dfsg-1 (low)
[stretch] - imagemagick <ignored> (Minor issue)
[jessie] - imagemagick <ignored> (Minor issue)
+ [wheezy] - imagemagick <ignored> (Minor issue)
NOTE:
https://github.com/ImageMagick/ImageMagick/commit/f55d3a622d234e940fb99325b92c6d3df578fa9b
NOTE: ImageMagick-6:
https://github.com/ImageMagick/ImageMagick/commit/6355db269e03f879c516cf9d592c72e157bc75d6
NOTE: https://github.com/ImageMagick/ImageMagick/issues/1025
=====================================
data/dla-needed.txt
=====================================
--- a/data/dla-needed.txt
+++ b/data/dla-needed.txt
@@ -36,8 +36,6 @@ gcc-4.7 (Roberto C. Sánchez)
NOTE: Backport the retpoline support for spectre mitigation.
NOTE: Do we want/need it on this gcc version as well?
--
-imagemagick
---
jruby
--
krb5
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/1c7528370d8d96d82ec9f1dadbcf5b49c52d2b64
---
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/1c7528370d8d96d82ec9f1dadbcf5b49c52d2b64
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
