[Secure-testing-commits] r54853 - data/CVE

Fri Aug 18 15:16:50 UTC 2017

Author: carnil
Date: 2017-08-18 15:16:50 +0000 (Fri, 18 Aug 2017)
New Revision: 54853

Modified:
   data/CVE/list
Log:
Add CVE-2017-12937/graphicsmagick

Modified: data/CVE/list
===================================================================

--- data/CVE/list	2017-08-18 15:15:42 UTC (rev 54852)
+++ data/CVE/list	2017-08-18 15:16:50 UTC (rev 54853)
@@ -3,6 +3,10 @@
 	[stretch] - unrar-nonfree <no-dsa> (Non-free not supported)	
 	[jessie] - unrar-nonfree <no-dsa> (Non-free not supported)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/08/18/2
+CVE-2017-12937 [heap-based buffer overflow in ReadSUNImage (sun.c)]
+	- graphicsmagick <unfixed>
+	NOTE: http://www.openwall.com/lists/oss-security/2017/08/18/5
+	NOTE: Fixed by: http://hg.code.sf.net/p/graphicsmagick/code/rev/95d00d55e978
 CVE-2017-12936 [use-after-free in ReadWMFImage (wmf.c)]
 	- graphicsmagick <unfixed>
 	NOTE: http://www.openwall.com/lists/oss-security/2017/08/18/3


