[Secure-testing-commits] r37940 - data/CVE

Raphaël Hertzog hertzog at moszumanska.debian.org
Fri Nov 27 10:49:03 UTC 2015


Author: hertzog
Date: 2015-11-27 10:49:02 +0000 (Fri, 27 Nov 2015)
New Revision: 37940

Modified:
   data/CVE/list
Log:
Investigate and confirm first imagemagick issue in icon parsing code

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-11-27 10:48:53 UTC (rev 37939)
+++ data/CVE/list	2015-11-27 10:49:02 UTC (rev 37940)
@@ -1799,7 +1799,7 @@
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1459747
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/0f6fc2d5bf8f500820c3dbcf0d23ee14f2d9f734
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/10/07/2
-	TODO: check
+	NOTE: The issue is only exploitable on 32 bit architectures.
 CVE-2015-XXXX [EncryptedType uses static IV per key]
 	- python-sqlalchemy-utils <unfixed>
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/10/06/7




More information about the Secure-testing-commits mailing list