[Secure-testing-commits] r46484 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Wed Nov 23 14:33:43 UTC 2016
Author: carnil
Date: 2016-11-23 14:33:43 +0000 (Wed, 23 Nov 2016)
New Revision: 46484
Modified:
data/CVE/list
Log:
Add notes to CVE-2016-8678 and mark as unimportant
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-11-23 14:26:10 UTC (rev 46483)
+++ data/CVE/list 2016-11-23 14:33:43 UTC (rev 46484)
@@ -2493,8 +2493,9 @@
NOTE: https://github.com/libarchive/libarchive/issues/767
CVE-2016-8678 [heap-based buffer overflow in IsPixelMonochrome]
RESERVED
- - imagemagick <unfixed> (bug #845204)
+ - imagemagick <unfixed> (unimportant; bug #845204)
NOTE: https://blogs.gentoo.org/ago/2016/10/07/imagemagick-heap-based-buffer-overflow-in-ispixelmonochrome-pixel-accessor-h/
+ NOTE: unimportant: Only an issue with a QuantumDepth=64 build, thus not affecting the binary packages
CVE-2016-8677 [memory allocate failure in AcquireQuantumPixels]
RESERVED
- imagemagick 8:6.9.6.2+dfsg-1 (bug #845206)
More information about the Secure-testing-commits
mailing list