[Secure-testing-commits] r29736 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Thu Oct 30 07:21:28 UTC 2014
Author: carnil
Date: 2014-10-30 07:21:28 +0000 (Thu, 30 Oct 2014)
New Revision: 29736
Modified:
data/CVE/list
Log:
Update CVEs for imagemagick, not so transparent ...
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-10-30 05:39:18 UTC (rev 29735)
+++ data/CVE/list 2014-10-30 07:21:28 UTC (rev 29736)
@@ -10,10 +10,12 @@
- imagemagick 8:6.8.9.9-1 (bug #767240)
[wheezy] - imagemagick <not-affected> (Vulnerable code not present)
[squeeze] - imagemagick <not-affected> (Vulnerable code not present)
-CVE-2014-XXXX [Don't clone a 0x0 image breaking some assumption]
+CVE-2014-8355 [buffer overflow in PCX parser]
- imagemagick 8:6.8.9.9-1 (bug #767240)
-CVE-2014-XXXX [buffer overflow in PCX and DCM coder]
+CVE-2014-XXXX [buffer overflow in DCM parser]
- imagemagick 8:6.8.9.9-1 (bug #767240)
+CVE-2014-8354 [out-of-bounds memory access in resize code]
+ - imagemagick 8:6.8.9.9-1
CVE-2014-XXXX [Remotely DOS: convert +profile regression enters infinite loop exhausting memory]
- imagemagick 8:6.8.9.9-1 (bug #764872)
[wheezy] - imagemagick <not-affected> (Vulnerable code introduced later; regression)
@@ -325,10 +327,6 @@
RESERVED
CVE-2014-8356
RESERVED
-CVE-2014-8355
- RESERVED
-CVE-2014-8354
- RESERVED
CVE-2014-8353
RESERVED
CVE-2014-8352
More information about the Secure-testing-commits
mailing list