[Secure-testing-commits] r54822 - data/CVE

[Salvatore Bonaccorso]

Author: carnil
Date: 2017-08-17 20:10:43 +0000 (Thu, 17 Aug 2017)
New Revision: 54822

Modified:
   data/CVE/list
Log:
Update CVE-2017-12429/imagemagick

Note for peer-reviewers, double-check this in particular, since
imagemagick issues are hard to track.

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-08-17 19:44:51 UTC (rev 54821)
+++ data/CVE/list	2017-08-17 20:10:43 UTC (rev 54822)
@@ -1678,10 +1678,12 @@
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/061de02095a56d438409c63f723f340b2d9d36c7
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/3ded916c5da6febe9660c3cfa44c3114567adf74
 CVE-2017-12429 (In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in ...)
-	- imagemagick <unfixed>
+	- imagemagick 8:6.9.7.4+dfsg-13
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/545
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/30a74ed25a4890acfa94f452d653d54c9628c87e
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/3ac6c73d39d59a7b0285b3756810272121759a31
+	NOTE: The fix applied for #869727 included the change for upstream issue 545, cf.
+	NOTE: https://github.com/ImageMagick/ImageMagick/issues/546#issuecomment-313968413
 CVE-2017-12427 (The ProcessMSLScript function in coders/msl.c in ImageMagick before ...)
 	- imagemagick 8:6.9.7.4+dfsg-16 (bug #870525)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/636