[Secure-testing-commits] r26131 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Sat Mar 15 14:33:08 UTC 2014


Author: carnil
Date: 2014-03-15 14:33:08 +0000 (Sat, 15 Mar 2014)
New Revision: 26131

Modified:
   data/CVE/list
Log:
Update CVE-2014-2030/imagemagick

CVE assignment is a bit tricky: CVE-2014-2030 for versions of
imagemagick which have already r1448 applied. Squeeze not affected, so
only CVE-2014-1947 for this vulnerability.

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-03-15 12:13:29 UTC (rev 26130)
+++ data/CVE/list	2014-03-15 14:33:08 UTC (rev 26131)
@@ -1280,7 +1280,9 @@
 CVE-2014-2030
 	RESERVED
 	- imagemagick 8:6.7.7.10+dfsg-1 (bug #740250)
+	[squeeze] - imagemagick <not-affected> (CVE only for versions with r1448 applied)
 	NOTE: for the issue in newer imagemagick versions using "L%06ld" string.
+	NOTE: http://trac.imagemagick.org/changeset/1448
 CVE-2014-2029 [remote code execution / information leak]
 	RESERVED
 	- percona-toolkit 2.2.7-1~dfsg1 (bug #740846)




More information about the Secure-testing-commits mailing list