[Secure-testing-commits] r54856 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Fri Aug 18 18:58:30 UTC 2017


Author: carnil
Date: 2017-08-18 18:58:30 +0000 (Fri, 18 Aug 2017)
New Revision: 54856

Modified:
   data/CVE/list
Log:
Add bug references for graphicsmagick issues

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-08-18 18:19:21 UTC (rev 54855)
+++ data/CVE/list	2017-08-18 18:58:30 UTC (rev 54856)
@@ -23,15 +23,15 @@
 	[wheezy] - unrar-nonfree <no-dsa> (Non-free not supported)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/08/18/2
 CVE-2017-12937 [heap-based buffer overflow in ReadSUNImage (sun.c)]
-	- graphicsmagick <unfixed>
+	- graphicsmagick <unfixed> (bug #872574)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/08/18/5
 	NOTE: Fixed by: http://hg.code.sf.net/p/graphicsmagick/code/rev/95d00d55e978
 CVE-2017-12936 [use-after-free in ReadWMFImage (wmf.c)]
-	- graphicsmagick <unfixed>
+	- graphicsmagick <unfixed> (bug #872575)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/08/18/3
 	NOTE: Fixed by: http://hg.code.sf.net/p/graphicsmagick/code/rev/be898b7c97bd
 CVE-2017-12935 [invalid memory read in SetImageColorCallBack (image.c)]
-	- graphicsmagick <unfixed>
+	- graphicsmagick <unfixed> (bug #872576)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/08/18/4
 	NOTE: Fixed by: http://hg.code.sf.net/p/graphicsmagick/code/rev/cd699a44f188
 CVE-2017-12934 (ext/standard/var_unserializer.re in PHP 7.0.x before 7.0.21 and 7.1.x ...)




More information about the Secure-testing-commits mailing list