[Secure-testing-commits] r50487 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sun Apr 9 16:08:58 UTC 2017
Author: carnil
Date: 2017-04-09 16:08:58 +0000 (Sun, 09 Apr 2017)
New Revision: 50487
Modified:
data/CVE/list
Log:
Add one imagemagick issue, #859771
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-04-09 14:09:38 UTC (rev 50486)
+++ data/CVE/list 2017-04-09 16:08:58 UTC (rev 50487)
@@ -2,6 +2,10 @@
- asterisk <unfixed> (bug #859910)
[wheezy] - asterisk <not-affected> (Vulnerable code not present)
NOTE: http://downloads.asterisk.org/pub/security/AST-2017-001.html
+CVE-2017-7606 [Undefined behavoir in rle]
+ - imagemagick <unfixed> (bug #859771)
+ NOTE: https://github.com/ImageMagick/ImageMagick/issues/415
+ NOTE: https://blogs.gentoo.org/ago/2017/04/02/imagemagick-undefined-behavior-in-codersrle-c/
CVE-2017-7591 (OpenIDM through 4.0.0 and 4.5.0 is vulnerable to reflected cross-site ...)
NOT-FOR-US: ForgeRock OpenIDM
CVE-2017-7590 (OpenIDM through 4.0.0 and 4.5.0 is vulnerable to persistent cross-site ...)
More information about the Secure-testing-commits
mailing list