[Secure-testing-commits] r46376 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Mon Nov 21 12:05:55 UTC 2016
Author: carnil
Date: 2016-11-21 12:05:55 +0000 (Mon, 21 Nov 2016)
New Revision: 46376
Modified:
data/CVE/list
Log:
Add three imagemagick issues which need investigation
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-11-21 11:18:28 UTC (rev 46375)
+++ data/CVE/list 2016-11-21 12:05:55 UTC (rev 46376)
@@ -1,3 +1,12 @@
+CVE-2016-XXXX [Check validity of extend during TIFF file reading]
+ - imagemagick <unfixed> (bug #845198)
+ TODO: check
+CVE-2016-XXXX [Check return of write function]
+ - imagemagick <unfixed> (bug #845196)
+ TODO: check
+CVE-2016-XXXX [Imagemagick (jessie and older) buffer overflow]
+ - imagemagick <unfixed> (bug #845195)
+ TODO: check
CVE-2016-9448 [invalid read of size 1 in TIFFFetchNormalTag]
- tiff <not-affected> (Vulnerable code introduced by fix for CVE-2016-9297)
NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2593
More information about the Secure-testing-commits
mailing list