[Secure-testing-commits] r44811 - in data: CVE DSA

Salvatore Bonaccorso carnil at moszumanska.debian.org
Thu Sep 22 06:32:04 UTC 2016 

Author: carnil
Date: 2016-09-22 06:32:04 +0000 (Thu, 22 Sep 2016)
New Revision: 44811

Modified:
   data/CVE/list
   data/DSA/list
Log:
More imagemagick CVEs

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-09-22 06:24:31 UTC (rev 44810)
+++ data/CVE/list	2016-09-22 06:32:04 UTC (rev 44811)
@@ -2161,14 +2161,6 @@
 	RESERVED
 CVE-2016-7520
 	RESERVED
-CVE-2016-7519
-	RESERVED
-CVE-2016-7518
-	RESERVED
-CVE-2016-7517
-	RESERVED
-CVE-2016-7516
-	RESERVED
 CVE-2016-7512
 	RESERVED
 CVE-2016-7511
@@ -4726,45 +4718,51 @@
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/6f1879d498bcc5cce12fe0c5decb8dbc0f608e5d
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/e14fd0a2801f73bdc123baf4fbab97dec55919eb
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/280215b9936d145dd5ee91403738ccce1333cab1
-	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/08/07/1
+	NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
 CVE-2016-7515 [rle file handling for corrupted file]
 	[experimental] - imagemagick 8:6.9.5.9+dfsg-1
 	- imagemagick <unfixed> (bug #832461)
 	NOTE: https://bugs.launchpad.net/bugs/1533445
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/82
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/2ad6d33493750a28a5a655d319a8e0b16c392de1
-	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/08/07/1
-CVE-2016-XXXX [buffer overflow in sun file handling]
+	NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
+CVE-2015-8957 [buffer overflow in sun file handling]
 	[experimental] - imagemagick 8:6.9.5.9+dfsg-1
 	- imagemagick <unfixed> (bug #832464)
-	[jessie] - imagemagick 8:6.8.9.9-5+deb8u4
 	NOTE: http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26838
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/78f82d9d1c2944725a279acd573a22168dc6e22a
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/bd96074b254c6607a0f7731e59f923ad19d5a46d
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/450bd716ed3b9186dd10f9e60f630a3d9eeea2a4
-	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/08/07/1
-CVE-2016-XXXX [potential DOS in sun file handling due to malformed files]
+	NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
+CVE-2015-8958 [potential DOS in sun file handling due to malformed files]
 	[experimental] - imagemagick 8:6.9.5.9+dfsg-1
 	- imagemagick <unfixed> (bug #832465)
-	[jessie] - imagemagick 8:6.8.9.9-5+deb8u4
 	NOTE: http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26857
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/b8f17d08b7418204bf8a05a5c24e87b2fc395b75
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/1aa0c6dab6dcef4d9bc3571866ae1c1ddbec7d8f
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/6b4aff0f117b978502ee5bcd6e753c17aec5a961
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/8ea44b48a182dd46d018f4b4f09a5e2ee9638105
-	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/08/07/1
-CVE-2016-XXXX [out of bunds problem in rle, pict, viff and sun files]
+	NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
+CVE-2016-7516 [out of bunds problem in rle, pict, viff and sun files]
 	- imagemagick <unfixed> (bug #832467)
-	[jessie] - imagemagick 8:6.8.9.9-5+deb8u4
 	NOTE: https://bugs.launchpad.net/bugs/1533452
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/77
+	NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
+CVE-2016-7517
+	- imagemagick <unfixed> (bug #832467)
 	NOTE: https://bugs.launchpad.net/bugs/1533449
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/80
+	NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
+CVE-2016-7518
+	- imagemagick <unfixed> (bug #832467)
 	NOTE: https://bugs.launchpad.net/bugs/1533447
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/81
+	NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
+CVE-2016-7519
+	- imagemagick <unfixed> (bug #832467)
 	NOTE: https://bugs.launchpad.net/bugs/1533445
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/82
-	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/08/07/1
+	NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
 CVE-2016-XXXX [heap overflow in hdr file handling]
 	[experimental] - imagemagick 8:6.9.5.9+dfsg-1
 	- imagemagick <unfixed> (bug #832469)

Modified: data/DSA/list
===================================================================
--- data/DSA/list	2016-09-22 06:24:31 UTC (rev 44810)
+++ data/DSA/list	2016-09-22 06:32:04 UTC (rev 44811)
@@ -62,7 +62,7 @@
 	{CVE-2016-6354}
 	[jessie] - flex 2.5.39-8+deb8u1
 [25 Aug 2016] DSA-3652-1 imagemagick - security update
-	{CVE-2016-4562 CVE-2016-4563 CVE-2016-4564 CVE-2016-5010 CVE-2016-5687 CVE-2016-5688 CVE-2016-5689 CVE-2016-5690 CVE-2016-5691 CVE-2016-5841 CVE-2016-5842 CVE-2016-6491 CVE-2016-7513 CVE-2016-7514 CVE-2016-7515}
+	{CVE-2016-4562 CVE-2016-4563 CVE-2016-4564 CVE-2016-5010 CVE-2016-5687 CVE-2016-5688 CVE-2016-5689 CVE-2016-5690 CVE-2016-5691 CVE-2016-5841 CVE-2016-5842 CVE-2016-6491 CVE-2016-7513 CVE-2016-7514 CVE-2016-7515 CVE-2015-8957 CVE-2015-8958 CVE-2016-7516 CVE-2016-7517 CVE-2016-7518 CVE-2016-7519}
 	[jessie] - imagemagick 8:6.8.9.9-5+deb8u4
 [25 Aug 2016] DSA-3651-1 rails - security update
 	{CVE-2016-6316}

More information about the Secure-testing-commits mailing list