[Secure-testing-commits] r37940 - data/CVE
Raphaël Hertzog
hertzog at moszumanska.debian.org
Fri Nov 27 10:49:03 UTC 2015
Author: hertzog
Date: 2015-11-27 10:49:02 +0000 (Fri, 27 Nov 2015)
New Revision: 37940
Modified:
data/CVE/list
Log:
Investigate and confirm first imagemagick issue in icon parsing code
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-11-27 10:48:53 UTC (rev 37939)
+++ data/CVE/list 2015-11-27 10:49:02 UTC (rev 37940)
@@ -1799,7 +1799,7 @@
NOTE: https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1459747
NOTE: https://github.com/ImageMagick/ImageMagick/commit/0f6fc2d5bf8f500820c3dbcf0d23ee14f2d9f734
NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/10/07/2
- TODO: check
+ NOTE: The issue is only exploitable on 32 bit architectures.
CVE-2015-XXXX [EncryptedType uses static IV per key]
- python-sqlalchemy-utils <unfixed>
NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/10/06/7
More information about the Secure-testing-commits
mailing list