[Secure-testing-commits] r42607 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Fri Jun 17 19:33:15 UTC 2016
Author: carnil
Date: 2016-06-17 19:33:15 +0000 (Fri, 17 Jun 2016)
New Revision: 42607
Modified:
data/CVE/list
Log:
Add new imagemagick issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-06-17 19:26:56 UTC (rev 42606)
+++ data/CVE/list 2016-06-17 19:33:15 UTC (rev 42607)
@@ -1,3 +1,20 @@
+CVE-2016-5691 [lack of validation of pixel.red, pixel.green, and pixel.blue]
+ - imagemagick <unfixed>
+ NOTE: https://github.com/ImageMagick/ImageMagick/commit/5511ef530576ed18fd636baa3bb4eda3d667665d
+CVE-2016-5690 [error in the for statement in the "Compute pixel scaling table" part of the ReadDCMImage function]
+ - imagemagick <unfixed>
+ NOTE: https://github.com/ImageMagick/ImageMagick/commit/5511ef530576ed18fd636baa3bb4eda3d667665d
+CVE-2016-5689 [lack of required NULL pointer checks]
+ - imagemagick <unfixed>
+ NOTE: https://github.com/ImageMagick/ImageMagick/commit/5511ef530576ed18fd636baa3bb4eda3d667665d
+CVE-2016-5688 [issues in WPG parser]
+ - imagemagick <unfixed>
+ NOTE: https://github.com/ImageMagick/ImageMagick/commit/fc43974d34318c834fbf78570ca1a3764ed8c7d7
+ NOTE: https://github.com/ImageMagick/ImageMagick/commit/aecd0ada163a4d6c769cec178955d5f3e9316f2f
+CVE-2016-5687 [out of bounds memory read]
+ - imagemagick <unfixed>
+ NOTE: https://blog.fuzzing-project.org/46-Various-invalid-memory-reads-in-ImageMagick-WPG,-DDS,-DCM.html
+ TODO: check, referenced fix does not seem the one fixing the issue
CVE-2016-5699
- python3.5 <not-affected> (Fixed with initial upload to Debian)
- python3.4 3.4.4~rc1-1
More information about the Secure-testing-commits
mailing list