[Secure-testing-commits] r42269 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Thu Jun 2 19:24:26 UTC 2016
Author: carnil
Date: 2016-06-02 19:24:26 +0000 (Thu, 02 Jun 2016)
New Revision: 42269
Modified:
data/CVE/list
Log:
Add CVE-2015-889{7,8}/imagemagick
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-06-02 19:22:06 UTC (rev 42268)
+++ data/CVE/list 2016-06-02 19:24:26 UTC (rev 42269)
@@ -330,6 +330,16 @@
RESERVED
CVE-2016-5127
RESERVED
+CVE-2015-8898 [Prevent null pointer access in magick/constitute.c]
+ - imagemagick <unfixed>
+ NOTE: https://github.com/ImageMagick/ImageMagick/pull/34
+ NOTE: https://github.com/ImageMagick/ImageMagick/commit/5b4bebaa91849c592a8448bc353ab25a54ff8c44
+ TODO: check versions
+CVE-2015-8897 [Out of bounds error in SpliceImage]
+ - imagemagick <unfixed>
+ NOTE: http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=28466
+ NOTE: https://github.com/ImageMagick/ImageMagick/commit/7b1cf5784b5bcd85aa9293ecf56769f68c037231
+ TODO: check versions
CVE-2015-8896 [integer truncation issue]
- imagemagick 8:6.8.9.9-7 (bug #806441)
[jessie] - imagemagick 8:6.8.9.9-5+deb8u1
More information about the Secure-testing-commits
mailing list