[Secure-testing-commits] r40719 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sat Apr 2 13:30:18 UTC 2016
Author: carnil
Date: 2016-04-02 13:30:18 +0000 (Sat, 02 Apr 2016)
New Revision: 40719
Modified:
data/CVE/list
Log:
Add fixes for imagemagick from jessie point release
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-04-02 11:45:19 UTC (rev 40718)
+++ data/CVE/list 2016-04-02 13:30:18 UTC (rev 40719)
@@ -5888,6 +5888,7 @@
NOTE: fawour of the C version.
CVE-2016-XXXX [Multiple minor security issues]
- imagemagick 8:6.8.9.9-7 (bug #811308)
+ [jessie] - imagemagick 8:6.8.9.9-5+deb8u1
NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/02/22/4
CVE-2016-1925 [Improper handling of length parameter inconsitency]
RESERVED
@@ -14076,7 +14077,7 @@
TODO: check
CVE-2015-XXXX [Double free in coders/pict.c:2000]
- imagemagick 8:6.8.9.9-7 (bug #806441)
- [jessie] - imagemagick <no-dsa> (Minor issue)
+ [jessie] - imagemagick 8:6.8.9.9-5+deb8u1
[wheezy] - imagemagick <no-dsa> (Minor issue)
[squeeze] - imagemagick 8:6.6.0.4-3+squeeze7
NOTE: workaround entry for DLA-353-1 until/if CVE assigned
@@ -14096,7 +14097,7 @@
NOTE: The problem can only be triggered with recent versions of ImageMagick (8:6.9.1.2-1 in experimental is vulnerable, 8:6.8.9.9-6 in sid is not vulnerable, older versions are not vulnerable)
CVE-2015-XXXX [Integer and Buffer overflow in coders/icon.c]
- imagemagick 8:6.8.9.9-7 (bug #806441)
- [jessie] - imagemagick <no-dsa> (Minor issue)
+ [jessie] - imagemagick 8:6.8.9.9-5+deb8u1
[wheezy] - imagemagick <no-dsa> (Minor issue)
[squeeze] - imagemagick 8:6.6.0.4-3+squeeze7
NOTE: workaround entry for DLA-353-1 until/if CVE assigned
@@ -29752,7 +29753,7 @@
CVE-2015-XXXX [denial of service flaw in VICAR file processing]
[experimental] - imagemagick 8:6.9.1.2-1
- imagemagick 8:6.8.9.9-6 (low)
- [jessie] - imagemagick <no-dsa> (Minor issue)
+ [jessie] - imagemagick 8:6.8.9.9-5+deb8u1
[wheezy] - imagemagick <no-dsa> (Minor issue)
[squeeze] - imagemagick <no-dsa> (Minor issue)
NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/02/20/4
@@ -29761,7 +29762,7 @@
CVE-2015-XXXX [denial of service flaw in PDB file processing]
[experimental] - imagemagick 8:6.9.1.2-1
- imagemagick 8:6.8.9.9-6 (low)
- [jessie] - imagemagick <no-dsa> (Minor issue)
+ [jessie] - imagemagick 8:6.8.9.9-5+deb8u1
[wheezy] - imagemagick <no-dsa> (Minor issue)
[squeeze] - imagemagick <no-dsa> (Minor issue)
NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/02/20/4
@@ -29770,7 +29771,7 @@
CVE-2015-XXXX [denial of service flaw in MIFF file processing]
[experimental] - imagemagick 8:6.9.1.2-1
- imagemagick 8:6.8.9.9-6
- [jessie] - imagemagick <no-dsa> (Minor issue)
+ [jessie] - imagemagick 8:6.8.9.9-5+deb8u1
[wheezy] - imagemagick <no-dsa> (Minor issue)
[squeeze] - imagemagick <no-dsa> (Minor issue)
NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/02/20/4
@@ -29779,7 +29780,7 @@
CVE-2015-XXXX [denial of service flaw in HDR file processing]
[experimental] - imagemagick 8:6.9.1.2-1
- imagemagick 8:6.8.9.9-6
- [jessie] - imagemagick <no-dsa> (Minor issue)
+ [jessie] - imagemagick 8:6.8.9.9-5+deb8u1
[wheezy] - imagemagick <no-dsa> (Minor issue)
[squeeze] - imagemagick <no-dsa> (Minor issue)
NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/02/20/4
More information about the Secure-testing-commits
mailing list