[Secure-testing-commits] r12954 - data/CVE
Joey Hess
joeyh at alioth.debian.org
Wed Oct 7 21:14:20 UTC 2009
Author: joeyh
Date: 2009-10-07 21:14:20 +0000 (Wed, 07 Oct 2009)
New Revision: 12954
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-10-07 20:49:53 UTC (rev 12953)
+++ data/CVE/list 2009-10-07 21:14:20 UTC (rev 12954)
@@ -5120,7 +5120,7 @@
- linux-2.6.24 <not-affected> (problem was fixed before first upload, 2.6.19)
NOTE: See Solar Designer's posting to oss-security
CVE-2009-1882 (Integer overflow in the XMakeImage function in magick/xwindow.c in ...)
- {DSA-1858-1}
+ {DSA-1903-1 DSA-1858-1}
- imagemagick 7:6.5.1.0-1.1 (medium; bug #530838)
- graphicsmagick 1.3.5-5.1 (medium; bug #530946)
CVE-2009-1881 (Cross-site scripting (XSS) vulnerability in MT312 IMG-BBS allows ...)
@@ -7231,6 +7231,7 @@
CVE-2008-6622 (SQL injection vulnerability in choosecard.php in WEBBDOMAIN Post Card ...)
NOT-FOR-US: WEBBDOMAIN Multi Languages WebShop Online
CVE-2008-6621 (Unspecified vulnerability in GraphicsMagick before 1.2.3 allows remote ...)
+ {DSA-1903-1}
- graphicsmagick 1.2.3-1
CVE-2008-6620 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
NOT-FOR-US: GraFX miniCWB
@@ -10434,10 +10435,13 @@
CVE-2008-6073 (StorageCrypt 2.0.1 does not properly encrypt disks, which allows local ...)
NOT-FOR-US: StorageCrypt
CVE-2008-6072 (Multiple unspecified vulnerabilities in GraphicsMagick before 1.1.14, ...)
+ {DSA-1903-1}
- graphicsmagick 1.2.3-1
CVE-2008-6071 (Heap-based buffer overflow in the DecodeImage function in ...)
+ {DSA-1903-1}
- graphicsmagick 1.2.3-1
CVE-2008-6070 (Multiple heap-based buffer underflows in the ReadPALMImage function in ...)
+ {DSA-1903-1}
- graphicsmagick 1.2.3-1
CVE-2008-6069 (SQL injection vulnerability in e107chat.php in the eChat plugin 4.2 ...)
NOT-FOR-US: eChat plugin
@@ -18679,6 +18683,7 @@
CVE-2008-3135 (Soldner Secret Wars 33724 and earlier allows remote attackers to cause ...)
NOT-FOR-US: Soldner Secret Wars
CVE-2008-3134 (Multiple unspecified vulnerabilities in GraphicsMagick before 1.2.4 ...)
+ {DSA-1903-1}
- graphicsmagick 1.2.4-1 (unimportant; bug #491439)
NOTE: several DoS fixed in 1.2.4 according to upstream
NOTE: http://sourceforge.net/project/shownotes.php?release_id=610253
@@ -23594,7 +23599,7 @@
- graphicsmagick 1.1.7-13
- imagemagick 7:6.2.4.5.dfsg1-1
CVE-2008-1096 (The load_tile function in the XCF coder in coders/xcf.c in (1) ...)
- {DSA-1858-1}
+ {DSA-1903-1 DSA-1858-1}
- imagemagick 7:6.3.7.9.dfsg1-2.1 (medium; bug #414370)
[lenny] - imagemagick 7:6.3.7.9.dfsg1-2.1+lenny1
- graphicsmagick 1.1.11-3.2 (medium; bug #414370)
@@ -31236,18 +31241,18 @@
CVE-2007-4989
REJECTED
CVE-2007-4988 (Sign extension error in the ReadDIBImage function in ImageMagick ...)
- {DSA-1858-1 DTSA-63-1}
+ {DSA-1903-1 DSA-1858-1 DTSA-63-1}
- imagemagick 7:6.2.4.5.dfsg1-2 (medium; bug #444267)
- graphicsmagick 1.1.11-1 (medium; bug #444266)
CVE-2007-4987 (Off-by-one error in the ReadBlobString function in blob.c in ...)
{DSA-1858-1 DTSA-63-1}
- imagemagick 7:6.2.4.5.dfsg1-2 (medium; bug #444267)
CVE-2007-4986 (Multiple integer overflows in ImageMagick before 6.3.5-9 allow ...)
- {DSA-1858-1 DTSA-63-1}
+ {DSA-1903-1 DSA-1858-1 DTSA-63-1}
- imagemagick 7:6.2.4.5.dfsg1-2 (medium; bug #444267)
- graphicsmagick 1.1.11-1 (medium; bug #444266)
CVE-2007-4985 (ImageMagick before 6.3.5-9 allows context-dependent attackers to cause ...)
- {DSA-1858-1 DTSA-63-1}
+ {DSA-1903-1 DSA-1858-1 DTSA-63-1}
- imagemagick 7:6.2.4.5.dfsg1-2 (medium; bug #444267)
- graphicsmagick 1.1.11-1 (medium; bug #444266)
CVE-2007-4984 (SQL injection vulnerability in index.php in the Ktauber.com StylesDemo ...)
@@ -38884,7 +38889,7 @@
CVE-2007-1798 (Buffer overflow in the drmgr command in IBM AIX 5.2 and 5.3 allows ...)
NOT-FOR-US: IBM AIX
CVE-2007-1797 (Multiple integer overflows in ImageMagick before 6.3.3-5 allow remote ...)
- {DSA-1858-1}
+ {DSA-1903-1 DSA-1858-1}
- imagemagick 7:6.2.4.5.dfsg1-1 (medium)
- graphicsmagick 1.1.7-15 (medium)
CVE-2007-1796 (Multiple unspecified vulnerabilities in JCcorp URLshrink before 1.3.2 ...)
@@ -41849,7 +41854,7 @@
- graphicsmagick 1.1.7-12
- imagemagick 7:6.2.4.5.dfsg1-0.14 (bug #410435)
CVE-2007-1667 (Multiple integer overflows in (1) the XGetPixel function in ImUtil.c ...)
- {DSA-1858-1 DSA-1294-1}
+ {DSA-1903-1 DSA-1858-1 DSA-1294-1}
- xfree86 <removed> (bug #414046; medium)
- libx11 2:1.0.3-7 (bug #414045; medium)
- graphicsmagick 1.1.7-14 (bug #417862; medium)
More information about the Secure-testing-commits
mailing list