[Secure-testing-commits] r41932 - data/CVE

security tracker role sectracker at moszumanska.debian.org
Sat May 21 21:10:12 UTC 2016 

Author: sectracker
Date: 2016-05-21 21:10:12 +0000 (Sat, 21 May 2016)
New Revision: 41932

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-05-21 18:08:56 UTC (rev 41931)
+++ data/CVE/list	2016-05-21 21:10:12 UTC (rev 41932)
@@ -2171,7 +2171,7 @@
 	[jessie] - wireshark <not-affected> (vulnerable code not present)
 	[wheezy] - wireshark <not-affected> (vulnerable code not present)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-21.html
-        NOTE: Upstream lists 1.12.x affected, I have contacted them for clarification
+	NOTE: Upstream lists 1.12.x affected, I have contacted them for clarification
 CVE-2016-4077 (epan/reassemble.c in TShark in Wireshark 2.0.x before 2.0.3 relies on ...)
 	- wireshark 2.0.3+geed34f0-1 (low)
 	[jessie] - wireshark <not-affected> (Only affects 2.x)
@@ -3246,27 +3246,27 @@
 CVE-2016-3719
 	REJECTED
 CVE-2016-3718 (The (1) HTTP and (2) FTP coders in ImageMagick before 6.9.3-10 and 7.x ...)
-	{DSA-3580-1}
+	{DSA-3580-1 DLA-484-1}
 	- imagemagick <unfixed>
 	- graphicsmagick <unfixed>
 	NOTE: https://sourceforge.net/p/graphicsmagick/mailman/message/35072963/
 CVE-2016-3717 (The LABEL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 ...)
-	{DSA-3580-1}
+	{DSA-3580-1 DLA-484-1}
 	- imagemagick <unfixed>
 	- graphicsmagick <unfixed>
 	NOTE: https://sourceforge.net/p/graphicsmagick/mailman/message/35072963/
 CVE-2016-3716 (The MSL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 ...)
-	{DSA-3580-1}
+	{DSA-3580-1 DLA-484-1}
 	- imagemagick <unfixed>
 	- graphicsmagick <unfixed>
 	NOTE: https://sourceforge.net/p/graphicsmagick/mailman/message/35072963/
 CVE-2016-3715 (The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before ...)
-	{DSA-3580-1}
+	{DSA-3580-1 DLA-484-1}
 	- imagemagick <unfixed>
 	- graphicsmagick <unfixed>
 	NOTE: https://sourceforge.net/p/graphicsmagick/mailman/message/35072963/
 CVE-2016-3714 (The (1) EPHEMERAL, (2) HTTPS, (3) MVG, (4) MSL, (5) TEXT, (6) SHOW, ...)
-	{DSA-3580-1}
+	{DSA-3580-1 DLA-484-1}
 	- imagemagick <unfixed>
 	NOTE: Workaround: https://bugzilla.redhat.com/show_bug.cgi?id=1332492#c3
 	NOTE: https://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=29588
@@ -7357,11 +7357,13 @@
 	NOT-FOR-US: Huawei
 CVE-2016-2318
 	RESERVED
+	{DLA-484-1}
 	- graphicsmagick <unfixed> (bug #814732)
 	NOTE: FIX http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/e797bb0aec31
 	TODO: check other versions (newest 1.3.23 is vulnerable according to reporter)
 CVE-2016-2317
 	RESERVED
+	{DLA-484-1}
 	- graphicsmagick <unfixed> (bug #814732)
 	NOTE: FIX http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/98394eb235a6
 	NOTE: FIX http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/52b59d2ef4a1
@@ -7615,6 +7617,7 @@
 	NOTE: According to upstream fixed in 6.2.0, but not details available
 CVE-2015-8808 [out-of-bound read in the parsing of gif files]
 	RESERVED
+	{DLA-484-1}
 	- graphicsmagick 1.3.21-2
 	NOTE: http://www.openwall.com/lists/oss-security/2016/02/06/1
 	NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick?cmd=changeset;node=8e8fa353f53

More information about the Secure-testing-commits mailing list