[Secure-testing-commits] r47478 - in data: CVE DLA DSA

[Salvatore Bonaccorso]

Author: carnil
Date: 2016-12-27 06:06:20 +0000 (Tue, 27 Dec 2016)
New Revision: 47478

Modified:
   data/CVE/list
   data/DLA/list
   data/DSA/list
Log:
CVE-2016-1007{0,1}/imagemagick assigned

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-12-27 06:02:54 UTC (rev 47477)
+++ data/CVE/list	2016-12-27 06:06:20 UTC (rev 47478)
@@ -9213,16 +9213,18 @@
 	NOTE: Since 7.0.72-3, src:tomcat7 only builds the Servlet API
 	- tomcat6 6.0.41-3
 	NOTE: Since 6.0.41-3, src:tomcat6 only builds a servlet and docs in Jessie
-CVE-2016-XXXX [mat file out of bound]
+CVE-2016-10071 [mat file out of bound]
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #845246)
-	[jessie] - imagemagick 8:6.8.9.9-5+deb8u6
-	[wheezy] - imagemagick 8:6.7.7.10-5+deb7u10
-	NOTE: Workaround entry for DSA-3726-1 until CVEs assigned
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1545366
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/131
+	NOTE: https://github.com/ImageMagick/ImageMagick/commit/f3b483e8b054c50149912523b4773687e18afe25
+	NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
+CVE-2016-10070 [mat file out of bound]
+	- imagemagick 8:6.9.6.2+dfsg-2 (bug #845246)
+	NOTE: https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1545366
+	NOTE: https://github.com/ImageMagick/ImageMagick/issues/131
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/b173a352397877775c51c9a0e9d59eb6ce24c455
-	NOTE: https://github.com/ImageMagick/ImageMagick/commit/f3b483e8b054c50149912523b4773687e18afe25
-	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/12/20/3
+	NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
 CVE-2016-10069 [Add check for invalid mat file]
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #845244)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/8a370f9ab120faf182aa160900ba692ba8e2bcf0

Modified: data/DLA/list
===================================================================
--- data/DLA/list	2016-12-27 06:02:54 UTC (rev 47477)
+++ data/DLA/list	2016-12-27 06:06:20 UTC (rev 47478)
@@ -26,7 +26,7 @@
 	{CVE-2016-4412 CVE-2016-6626 CVE-2016-9849 CVE-2016-9850 CVE-2016-9861 CVE-2016-9864 CVE-2016-9865}
 	[wheezy] - phpmyadmin 4:3.4.11.1-2+deb7u7
 [21 Dec 2016] DLA-756-1 imagemagick - security update
-	{CVE-2016-7799 CVE-2016-8707 CVE-2016-8862 CVE-2016-8866 CVE-2016-9556 CVE-2016-10059 CVE-2016-10060 CVE-2016-10061 CVE-2016-10063 CVE-2016-10064 CVE-2016-10065 CVE-2016-10066 CVE-2016-10067 CVE-2016-10068 CVE-2016-10069}
+	{CVE-2016-7799 CVE-2016-8707 CVE-2016-8862 CVE-2016-8866 CVE-2016-9556 CVE-2016-10059 CVE-2016-10060 CVE-2016-10061 CVE-2016-10063 CVE-2016-10064 CVE-2016-10065 CVE-2016-10066 CVE-2016-10067 CVE-2016-10068 CVE-2016-10069 CVE-2016-10070 CVE-2016-10071}
 	[wheezy] - imagemagick 8:6.7.7.10-5+deb7u10
 [21 Dec 2016] DLA-755-1 dcmtk - security update
 	{CVE-2015-8979}

Modified: data/DSA/list
===================================================================
--- data/DSA/list	2016-12-27 06:02:54 UTC (rev 47477)
+++ data/DSA/list	2016-12-27 06:06:20 UTC (rev 47478)
@@ -67,7 +67,7 @@
 	{CVE-2016-4330 CVE-2016-4331 CVE-2016-4332 CVE-2016-4333}
 	[jessie] - hdf5 1.8.13+docs-15+deb8u1
 [26 Nov 2016] DSA-3726-1 imagemagick - security update
-	{CVE-2016-7799 CVE-2016-7906 CVE-2016-8677 CVE-2016-8862 CVE-2016-9556 CVE-2016-9559 CVE-2016-10059 CVE-2016-10061 CVE-2016-10063 CVE-2016-10064 CVE-2016-10065 CVE-2016-10066 CVE-2016-10067 CVE-2016-10069}
+	{CVE-2016-7799 CVE-2016-7906 CVE-2016-8677 CVE-2016-8862 CVE-2016-9556 CVE-2016-9559 CVE-2016-10059 CVE-2016-10061 CVE-2016-10063 CVE-2016-10064 CVE-2016-10065 CVE-2016-10066 CVE-2016-10067 CVE-2016-10069 CVE-2016-10070 CVE-2016-10071}
 	[jessie] - imagemagick 8:6.8.9.9-5+deb8u6
 [27 Nov 2016] DSA-3725-1 icu - security update
 	{CVE-2014-9911 CVE-2015-2632 CVE-2015-4844 CVE-2016-0494 CVE-2016-6293 CVE-2016-7415}