[Secure-testing-commits] r44812 - in data: CVE DSA
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Thu Sep 22 06:42:47 UTC 2016
Author: carnil
Date: 2016-09-22 06:42:47 +0000 (Thu, 22 Sep 2016)
New Revision: 44812
Modified:
data/CVE/list
data/DSA/list
Log:
Anothr round of imagemagick CVEs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-09-22 06:32:04 UTC (rev 44811)
+++ data/CVE/list 2016-09-22 06:42:47 UTC (rev 44812)
@@ -2145,22 +2145,6 @@
RESERVED
CVE-2016-7528
RESERVED
-CVE-2016-7527
- RESERVED
-CVE-2016-7526
- RESERVED
-CVE-2016-7525
- RESERVED
-CVE-2016-7524
- RESERVED
-CVE-2016-7523
- RESERVED
-CVE-2016-7522
- RESERVED
-CVE-2016-7521
- RESERVED
-CVE-2016-7520
- RESERVED
CVE-2016-7512
RESERVED
CVE-2016-7511
@@ -4763,58 +4747,58 @@
NOTE: https://bugs.launchpad.net/bugs/1533445
NOTE: https://github.com/ImageMagick/ImageMagick/issues/82
NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
-CVE-2016-XXXX [heap overflow in hdr file handling]
+CVE-2016-7520 [heap overflow in hdr file handling]
[experimental] - imagemagick 8:6.9.5.9+dfsg-1
- imagemagick <unfixed> (bug #832469)
- [jessie] - imagemagick 8:6.8.9.9-5+deb8u4
NOTE: https://bugs.launchpad.net/bugs/1537213
NOTE: https://github.com/ImageMagick/ImageMagick/issues/90
NOTE: https://github.com/ImageMagick/ImageMagick/commit/14e606db148d6ebcaae20f1e1d6d71903ca4a556
- NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/08/07/1
-CVE-2016-XXXX [heap buffer overflow in psd file handling]
+ NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
+CVE-2016-7521 [heap buffer overflow in psd file handling]
[experimental] - imagemagick 8:6.9.5.9+dfsg-1
- imagemagick <unfixed> (bug #832474)
- [jessie] - imagemagick 8:6.8.9.9-5+deb8u4
NOTE: https://bugs.launchpad.net/bugs/1537418
NOTE: https://github.com/ImageMagick/ImageMagick/issues/92
NOTE: https://github.com/ImageMagick/ImageMagick/commit/30eec879c8b446b0ea9a3bb0da1a441cc8482bc4
- NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/08/07/1
-CVE-2016-XXXX [out of bound access for malformed psd file]
+ NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
+CVE-2016-7522 [out of bound access for malformed psd file]
[experimental] - imagemagick 8:6.9.5.9+dfsg-1
- imagemagick <unfixed> (bug #832475)
- [jessie] - imagemagick 8:6.8.9.9-5+deb8u4
NOTE: https://bugs.launchpad.net/bugs/1537419
NOTE: https://github.com/ImageMagick/ImageMagick/issues/93
NOTE: https://github.com/ImageMagick/ImageMagick/commit/4b1b9c0522628887195bad3a6723f7000b0c9a58
- NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/08/07/1
-CVE-2016-XXXX [meta file out of bound access]
+ NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
+CVE-2016-7523 [meta file out of bound access]
[experimental] - imagemagick 8:6.9.5.9+dfsg-1
- imagemagick <unfixed> (bug #832478)
- [jessie] - imagemagick 8:6.8.9.9-5+deb8u4
NOTE: https://bugs.launchpad.net/bugs/1537420
+ NOTE: https://github.com/ImageMagick/ImageMagick/issues/94
+ NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
+CVE-2016-7524
+ [experimental] - imagemagick 8:6.9.5.9+dfsg-1
+ - imagemagick <unfixed> (bug #832478)
+ NOTE: https://bugs.launchpad.net/bugs/1537422
NOTE: https://github.com/ImageMagick/ImageMagick/issues/96
- NOTE: https://github.com/ImageMagick/ImageMagick/commit/f8c318d462270b03e77f082e2a3a32867cacd3c6
- NOTE: https://github.com/ImageMagick/ImageMagick/commit/5a34d7ac889bd6645f6cfd164636e3efb56dbb2f
- NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/08/07/1
-CVE-2016-XXXX [heap buffer overflow in psd file coder]
+CVE-2016-7525 [heap buffer overflow in psd file coder]
[experimental] - imagemagick 8:6.9.5.9+dfsg-1
- imagemagick <unfixed> (bug #832480)
- [jessie] - imagemagick 8:6.8.9.9-5+deb8u4
NOTE: https://bugs.launchpad.net/bugs/1537424
NOTE: https://github.com/ImageMagick/ImageMagick/issues/98
NOTE: https://github.com/ImageMagick/ImageMagick/commit/5f16640725b1225e6337c62526e6577f0f88edb8
- NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/08/07/1
-CVE-2016-XXXX [out of bound access in wpg file coder]
+ NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
+CVE-2016-7526 [out of bound access in wpg file coder]
- imagemagick <unfixed> (bug #832482)
- [jessie] - imagemagick 8:6.8.9.9-5+deb8u4
NOTE: https://bugs.launchpad.net/bugs/1539050
- NOTE: https://bugs.launchpad.net/bugs/1542115
NOTE: https://github.com/ImageMagick/ImageMagick/issues/102
- NOTE: https://github.com/ImageMagick/ImageMagick/issues/122
NOTE: https://github.com/ImageMagick/ImageMagick/commit/b6ae2f9e0ab13343c0281732d479757a8e8979c7
NOTE: https://github.com/ImageMagick/ImageMagick/commit/d9b2209a69ee90d8df81fb124eb66f593eb9f599
+ NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
+CVE-2016-7527
+ - imagemagick <unfixed> (bug #832482)
+ NOTE: https://bugs.launchpad.net/bugs/1542115
+ NOTE: https://github.com/ImageMagick/ImageMagick/issues/122
NOTE: https://github.com/ImageMagick/ImageMagick/commit/a251039393f423c7858e63cab6aa98d17b8b7a41
- NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/08/07/1
+ NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
CVE-2016-XXXX [out of bound access for viff file coder]
[experimental] - imagemagick 8:6.9.5.9+dfsg-1
- imagemagick <unfixed> (bug #832483)
Modified: data/DSA/list
===================================================================
--- data/DSA/list 2016-09-22 06:32:04 UTC (rev 44811)
+++ data/DSA/list 2016-09-22 06:42:47 UTC (rev 44812)
@@ -62,7 +62,7 @@
{CVE-2016-6354}
[jessie] - flex 2.5.39-8+deb8u1
[25 Aug 2016] DSA-3652-1 imagemagick - security update
- {CVE-2016-4562 CVE-2016-4563 CVE-2016-4564 CVE-2016-5010 CVE-2016-5687 CVE-2016-5688 CVE-2016-5689 CVE-2016-5690 CVE-2016-5691 CVE-2016-5841 CVE-2016-5842 CVE-2016-6491 CVE-2016-7513 CVE-2016-7514 CVE-2016-7515 CVE-2015-8957 CVE-2015-8958 CVE-2016-7516 CVE-2016-7517 CVE-2016-7518 CVE-2016-7519}
+ {CVE-2016-4562 CVE-2016-4563 CVE-2016-4564 CVE-2016-5010 CVE-2016-5687 CVE-2016-5688 CVE-2016-5689 CVE-2016-5690 CVE-2016-5691 CVE-2016-5841 CVE-2016-5842 CVE-2016-6491 CVE-2016-7513 CVE-2016-7514 CVE-2016-7515 CVE-2015-8957 CVE-2015-8958 CVE-2016-7516 CVE-2016-7517 CVE-2016-7518 CVE-2016-7519 CVE-2016-7520 CVE-2016-7521 CVE-2016-7522 CVE-2016-7523 CVE-2016-7524 CVE-2016-7525 CVE-2016-7526 CVE-2016-7527}
[jessie] - imagemagick 8:6.8.9.9-5+deb8u4
[25 Aug 2016] DSA-3651-1 rails - security update
{CVE-2016-6316}
More information about the Secure-testing-commits
mailing list