[Secure-testing-commits] r54361 - data/CVE

[Salvatore Bonaccorso]

Author: carnil
Date: 2017-08-06 15:16:09 +0000 (Sun, 06 Aug 2017)
New Revision: 54361

Modified:
   data/CVE/list
Log:
Add CVE-2017-12587/imagemagick, #870526

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-08-06 14:05:35 UTC (rev 54360)
+++ data/CVE/list	2017-08-06 15:16:09 UTC (rev 54361)
@@ -1,3 +1,8 @@
+CVE-2017-12587 [avoid unbounded loop in pwp coder]
+	- imagemagick 8:6.9.7.4+dfsg-16 (bug #870526)
+	NOTE: https://github.com/ImageMagick/ImageMagick/issues/535
+	NOTE: https://github.com/ImageMagick/ImageMagick/commit/bb5b16c512977e8134701063e0adb05a4a342add
+	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/d4192df5eb03892089806d52a317cc3101856726
 CVE-2017-12586 (SLiMS 8 Akasia through 8.3.1 has an arbitrary file reading issue ...)
 	NOT-FOR-US: SLiMS 8 Akasia
 CVE-2017-12585 (SLiMS 8 Akasia through 8.3.1 has SQL injection in ...)