[Secure-testing-commits] r44814 - in data: CVE DSA

[Salvatore Bonaccorso]

Author: carnil
Date: 2016-09-22 07:00:32 +0000 (Thu, 22 Sep 2016)
New Revision: 44814

Modified:
   data/CVE/list
   data/DSA/list
Log:
Final round of CVE assignments for imagemagick

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-09-22 06:53:31 UTC (rev 44813)
+++ data/CVE/list	2016-09-22 07:00:32 UTC (rev 44814)
@@ -2119,14 +2119,6 @@
 	RESERVED
 CVE-2016-7541
 	RESERVED
-CVE-2016-7540
-	RESERVED
-CVE-2016-7539
-	RESERVED
-CVE-2016-7538
-	RESERVED
-CVE-2016-7537
-	RESERVED
 CVE-2016-7512
 	RESERVED
 CVE-2016-7511
@@ -4848,51 +4840,45 @@
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/130
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/478cce544fdf1de882d78381768458f397964453
 	NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
-CVE-2016-XXXX [out of bound access for corrupted pdb file]
+CVE-2016-7537 [out of bound access for corrupted pdb file]
 	[experimental] - imagemagick 8:6.9.5.9+dfsg-1
 	- imagemagick <unfixed> (bug #832791)
-	[jessie] - imagemagick 8:6.8.9.9-5+deb8u4
 	NOTE: https://bugs.launchpad.net/bugs/1553366
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/143
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/424d40ebfcde48bb872eba75179d3d73704fdf1f
-	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/08/07/1
-CVE-2016-XXXX [SIGABRT for corrupted pdb file]
+	NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
+CVE-2016-7538 [SIGABRT for corrupted pdb file]
 	[experimental] - imagemagick 8:6.9.5.9+dfsg-1
 	- imagemagick <unfixed> (bug #832793)
-	[jessie] - imagemagick 8:6.8.9.9-5+deb8u4
 	NOTE: https://bugs.launchpad.net/bugs/1556273
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/148
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/53c1dcd34bed85181b901bfce1a2322f85a59472
-	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/08/07/1
-CVE-2016-XXXX [DOS due to corrupted DDS files]
+	NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
+CVE-2015-8959 [DOS due to corrupted DDS files]
 	- imagemagick <unfixed> (bug #832944)
-	[jessie] - imagemagick 8:6.8.9.9-5+deb8u4
 	NOTE: http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26861
-	NOTE: https://github.com/ImageMagick/ImageMagick/commit/93ab016764c7f787829d9065440d86f5609765110
+	NOTE: https://github.com/ImageMagick/ImageMagick/commit/3ab016764c7f787829d9065440d86f5609765110
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/9b428b7af688fe319320aed15f2b94281d1e37b4
-	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/08/07/1
-CVE-2016-XXXX [DOS due to corrupted DDS files]
+	NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
+CVE-2014-9907 [DOS due to corrupted DDS files]
 	[experimental] - imagemagick 8:6.9.5.9+dfsg-1
 	- imagemagick <unfixed> (bug #832942)
-	[jessie] - imagemagick 8:6.8.9.9-5+deb8u4
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/21eae25a8db5fdcd112dbcfcd9e5c37e32d32e2f
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/d7325bac173492b358417a0ad49fabad44447d52
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/504ada82b6fa38a30c846c1c29116af7290decb2
-	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/08/07/1
-CVE-2016-XXXX [potential DOS by not releasing memory]
+	NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
+CVE-2016-7539 [potential DOS by not releasing memory]
 	[experimental] - imagemagick 8:6.9.5.9+dfsg-1
 	- imagemagick <unfixed> (bug #833101)
-	[jessie] - imagemagick 8:6.8.9.9-5+deb8u4
 	NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/4e81ce8b07219c69a9aeccb0f7f7b927ca6db74c
 	NOTE: http://www.imagemagick.org/discourse-server/viewtopic.php?f=2&t=28946
-	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/08/07/1
-CVE-2016-XXXX [writing to rgf format aborts]
+	NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
+CVE-2016-7540 [writing to rgf format aborts]
 	[experimental] - imagemagick 8:6.9.5.9+dfsg-1
 	- imagemagick <unfixed> (bug #827643)
-	[jessie] - imagemagick 8:6.8.9.9-5+deb8u4
 	NOTE: https://bugs.launchpad.net/bugs/1594060
 	NOTE: https://github.com/ImageMagick/ImageMagick/pull/223
-	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/08/07/1
+	NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
 CVE-2016-6603
 	RESERVED
 CVE-2016-6602

Modified: data/DSA/list
===================================================================
--- data/DSA/list	2016-09-22 06:53:31 UTC (rev 44813)
+++ data/DSA/list	2016-09-22 07:00:32 UTC (rev 44814)
@@ -62,7 +62,7 @@
 	{CVE-2016-6354}
 	[jessie] - flex 2.5.39-8+deb8u1
 [25 Aug 2016] DSA-3652-1 imagemagick - security update
-	{CVE-2016-4562 CVE-2016-4563 CVE-2016-4564 CVE-2016-5010 CVE-2016-5687 CVE-2016-5688 CVE-2016-5689 CVE-2016-5690 CVE-2016-5691 CVE-2016-5841 CVE-2016-5842 CVE-2016-6491 CVE-2016-7513 CVE-2016-7514 CVE-2016-7515 CVE-2015-8957 CVE-2015-8958 CVE-2016-7516 CVE-2016-7517 CVE-2016-7518 CVE-2016-7519 CVE-2016-7520 CVE-2016-7521 CVE-2016-7522 CVE-2016-7523 CVE-2016-7524 CVE-2016-7525 CVE-2016-7526 CVE-2016-7527 CVE-2016-7528 CVE-2016-7529 CVE-2016-7530 CVE-2016-7531 CVE-2016-7532 CVE-2016-7533 CVE-2016-7534 CVE-2016-7535 CVE-2016-7536}
+	{CVE-2016-4562 CVE-2016-4563 CVE-2016-4564 CVE-2016-5010 CVE-2016-5687 CVE-2016-5688 CVE-2016-5689 CVE-2016-5690 CVE-2016-5691 CVE-2016-5841 CVE-2016-5842 CVE-2016-6491 CVE-2016-7513 CVE-2016-7514 CVE-2016-7515 CVE-2015-8957 CVE-2015-8958 CVE-2016-7516 CVE-2016-7517 CVE-2016-7518 CVE-2016-7519 CVE-2016-7520 CVE-2016-7521 CVE-2016-7522 CVE-2016-7523 CVE-2016-7524 CVE-2016-7525 CVE-2016-7526 CVE-2016-7527 CVE-2016-7528 CVE-2016-7529 CVE-2016-7530 CVE-2016-7531 CVE-2016-7532 CVE-2016-7533 CVE-2016-7534 CVE-2016-7535 CVE-2016-7536 CVE-2016-7537 CVE-2015-8959 CVE-2014-9907 CVE-2016-7539 CVE-2016-7540}
 	[jessie] - imagemagick 8:6.8.9.9-5+deb8u4
 [25 Aug 2016] DSA-3651-1 rails - security update
 	{CVE-2016-6316}