[Secure-testing-commits] r55041 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Thu Aug 24 19:28:31 UTC 2017


Author: carnil
Date: 2017-08-24 19:28:31 +0000 (Thu, 24 Aug 2017)
New Revision: 55041

Modified:
   data/CVE/list
Log:
Update information for CVE-2017-12983 and add bug reference

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-08-24 19:01:34 UTC (rev 55040)
+++ data/CVE/list	2017-08-24 19:28:31 UTC (rev 55041)
@@ -1388,8 +1388,10 @@
 CVE-2017-12984 (PHPMyWind 5.3 has XSS in shoppingcart.php, related to message.php, ...)
 	NOT-FOR-US: PHPMyWind
 CVE-2017-12983 (Heap-based buffer overflow in the ReadSFWImage function in coders/sfw.c ...)
-	- imagemagick <unfixed>
+	- imagemagick <unfixed> (bug #873134)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/682
+	NOTE: https://github.com/ImageMagick/ImageMagick/commit/d4145e664aea3752ca6d3bf1ee825352b595dab5
+	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/26078285f49c361ad8ddc8e14bd1d4aab7ed5682
 CVE-2017-12981 (NexusPHP 1.5.beta5.20120707 has SQL Injection in forummanage.php via ...)
 	NOT-FOR-US: NexusPHP
 CVE-2017-12980 (DokuWiki through 2017-02-19c has stored XSS when rendering a malicious ...)




More information about the Secure-testing-commits mailing list