[Secure-testing-commits] r46590 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Sun Nov 27 06:33:53 UTC 2016 

Author: carnil
Date: 2016-11-27 06:33:53 +0000 (Sun, 27 Nov 2016)
New Revision: 46590

Modified:
   data/CVE/list
Log:
Add note to make clear to which DSA they belong as long no CVEs assigned

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-11-27 05:15:56 UTC (rev 46589)
+++ data/CVE/list	2016-11-27 06:33:53 UTC (rev 46590)
@@ -630,6 +630,7 @@
 CVE-2016-XXXX [mat file out of bound]
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #845246)
 	[jessie] - imagemagick 8:6.8.9.9-5+deb8u6
+	NOTE: Workaround entry for DSA-3726-1 until CVEs assigned
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1545366
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/131
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/b173a352397877775c51c9a0e9d59eb6ce24c455
@@ -637,11 +638,13 @@
 CVE-2016-XXXX [Add check for invalid mat file]
 	- imagemagick <unfixed> (bug #845244)
 	[jessie] - imagemagick 8:6.8.9.9-5+deb8u6
+	NOTE: Workaround entry for DSA-3726-1 until CVEs assigned
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/8a370f9ab120faf182aa160900ba692ba8e2bcf0
 CVE-2016-9559 [null pointer passed as argument 2, which is declared to never be null]
 	RESERVED
 	- imagemagick 8:6.9.6.5+dfsg-1 (bug #845243)
 	[jessie] - imagemagick 8:6.8.9.9-5+deb8u6
+	NOTE: Workaround entry for DSA-3726-1 until CVEs assigned
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/1c795ce9fe1d6feac8bc36c2e6c5ba7110b671b1
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/b61d35eaccc0a7ddeff8a1c3abfcd0a43ccf210b (master)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/298
@@ -649,6 +652,7 @@
 	RESERVED
 	- imagemagick 8:6.9.6.5+dfsg-1 (bug #845242)
 	[jessie] - imagemagick 8:6.8.9.9-5+deb8u6
+	NOTE: Workaround entry for DSA-3726-1 until CVEs assigned
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/301
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/174de08d7c81ce147689f3b1c73fadd6bf1c023c
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/ce98a7acbcfca7f0a178f4b1e7b957e419e0cc99 (master)
@@ -662,24 +666,30 @@
 CVE-2016-XXXX [Suspend exception processing if there are too many exceptions]
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #845213)
 	[jessie] - imagemagick 8:6.8.9.9-5+deb8u6
+	NOTE: Workaround entry for DSA-3726-1 until CVEs assigned
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/0474237508f39c4f783208123431815f1ededb76
 CVE-2016-XXXX [Fix out of bound read in viff file handling]
 	- imagemagick <unfixed> (bug #845212)
 	[jessie] - imagemagick 8:6.8.9.9-5+deb8u6
+	NOTE: Workaround entry for DSA-3726-1 until CVEs assigned
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/129
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1545183
 CVE-2016-XXXX [Better check for bufferoverflow for TIFF handling]
 	- imagemagick <unfixed> (bug #845202)
 	[jessie] - imagemagick 8:6.8.9.9-5+deb8u6
+	NOTE: Workaround entry for DSA-3726-1 until CVEs assigned
 CVE-2016-XXXX [Check validity of extend during TIFF file reading]
 	- imagemagick <unfixed> (bug #845198)
 	[jessie] - imagemagick 8:6.8.9.9-5+deb8u6
+	NOTE: Workaround entry for DSA-3726-1 until CVEs assigned
 CVE-2016-XXXX [Check return of write function]
 	- imagemagick <unfixed> (bug #845196)
 	[jessie] - imagemagick 8:6.8.9.9-5+deb8u6
+	NOTE: Workaround entry for DSA-3726-1 until CVEs assigned
 CVE-2016-XXXX [Imagemagick (jessie and older) buffer overflow]
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #845195)
 	[jessie] - imagemagick 8:6.8.9.9-5+deb8u6
+	NOTE: Workaround entry for DSA-3726-1 until CVEs assigned
 	NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/58cf5bf4fade82e3b510e8f3463a967278a3e410
 CVE-2016-9448 [invalid read of size 1 in TIFFFetchNormalTag]
 	RESERVED
@@ -2926,6 +2936,7 @@
 	RESERVED
 	- imagemagick 8:6.9.6.6+dfsg-1 (bug #845634)
 	[jessie] - imagemagick 8:6.8.9.9-5+deb8u6
+	NOTE: Workaround entry for DSA-3726-1 until CVEs assigned
 	NOTE: https://blogs.gentoo.org/ago/2016/10/17/imagemagick-memory-allocation-failure-in-acquiremagickmemory-memory-c/
 	NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/aea6c6507f55632829e6432f8177a084a57c9fcc
 	NOTE: The initial patch was initiall meant to be incomplete and resulted in CVE-2016-8866. So when fixing

More information about the Secure-testing-commits mailing list