[Secure-testing-commits] r54856 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Fri Aug 18 18:58:30 UTC 2017
Author: carnil
Date: 2017-08-18 18:58:30 +0000 (Fri, 18 Aug 2017)
New Revision: 54856
Modified:
data/CVE/list
Log:
Add bug references for graphicsmagick issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-08-18 18:19:21 UTC (rev 54855)
+++ data/CVE/list 2017-08-18 18:58:30 UTC (rev 54856)
@@ -23,15 +23,15 @@
[wheezy] - unrar-nonfree <no-dsa> (Non-free not supported)
NOTE: http://www.openwall.com/lists/oss-security/2017/08/18/2
CVE-2017-12937 [heap-based buffer overflow in ReadSUNImage (sun.c)]
- - graphicsmagick <unfixed>
+ - graphicsmagick <unfixed> (bug #872574)
NOTE: http://www.openwall.com/lists/oss-security/2017/08/18/5
NOTE: Fixed by: http://hg.code.sf.net/p/graphicsmagick/code/rev/95d00d55e978
CVE-2017-12936 [use-after-free in ReadWMFImage (wmf.c)]
- - graphicsmagick <unfixed>
+ - graphicsmagick <unfixed> (bug #872575)
NOTE: http://www.openwall.com/lists/oss-security/2017/08/18/3
NOTE: Fixed by: http://hg.code.sf.net/p/graphicsmagick/code/rev/be898b7c97bd
CVE-2017-12935 [invalid memory read in SetImageColorCallBack (image.c)]
- - graphicsmagick <unfixed>
+ - graphicsmagick <unfixed> (bug #872576)
NOTE: http://www.openwall.com/lists/oss-security/2017/08/18/4
NOTE: Fixed by: http://hg.code.sf.net/p/graphicsmagick/code/rev/cd699a44f188
CVE-2017-12934 (ext/standard/var_unserializer.re in PHP 7.0.x before 7.0.21 and 7.1.x ...)
More information about the Secure-testing-commits
mailing list