[Secure-testing-commits] r3376 - data/DSA

[Florian Weimer]

Author: fw
Date: 2006-01-26 19:17:19 +0000 (Thu, 26 Jan 2006)
New Revision: 3376

Modified:
   data/DSA/list
Log:
DSA-957-1: imagemagick shell injection


Modified: data/DSA/list
===================================================================
--- data/DSA/list	2006-01-26 17:05:57 UTC (rev 3375)
+++ data/DSA/list	2006-01-26 19:17:19 UTC (rev 3376)
@@ -1,3 +1,8 @@
+[26 Jan 2006] DSA-957-1 imagemagick - missing shell meta sanitising
+        {CVE-2005-4601}
+        [woody] - imagemagick 4:5.4.4.5-1woody7
+        [sarge] - imagemagick 6:6.0.6.2-2.5
+	NOTE: fixed in testing at time of DSA 
 [26 Jan 2006] DSA-956-1 lsh-server - filedescriptor leak
         {CVE-2006-0353}
         [sarge] - lsh-utils 2.0.1-3sarge1