[Secure-testing-commits] r54190 - data/CVE

[Salvatore Bonaccorso]

Author: carnil
Date: 2017-08-02 09:12:13 +0000 (Wed, 02 Aug 2017)
New Revision: 54190

Modified:
   data/CVE/list
Log:
Add new imagemagick issue

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-08-02 09:10:17 UTC (rev 54189)
+++ data/CVE/list	2017-08-02 09:12:13 UTC (rev 54190)
@@ -119,7 +119,10 @@
 CVE-2017-12141 (In ytnef 1.9.2, a heap-based buffer overflow vulnerability was found in ...)
 	TODO: check
 CVE-2017-12140 (The ReadDCMImage function in coders\dcm.c in ImageMagick 7.0.6-1 has an ...)
-	TODO: check
+	- imagemagick <unfixed>
+	NOTE: https://github.com/ImageMagick/ImageMagick/issues/533
+	NOTE: https://github.com/ImageMagick/ImageMagick/commit/94933146cb2d9d95889a385f08d5eb5f92d4e3cd
+	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/6bf56fbe1fc551f198c3491ed58d56bb5efea23c
 CVE-2017-12139 (XOOPS Core 2.5.8 has stored XSS in imagemanager.php because of missing ...)
 	TODO: check
 CVE-2017-12138 (XOOPS Core 2.5.8 has a stored URL redirect bypass vulnerability in ...)