[Secure-testing-commits] r55294 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Thu Aug 31 09:13:18 UTC 2017
Author: carnil
Date: 2017-08-31 09:13:18 +0000 (Thu, 31 Aug 2017)
New Revision: 55294
Modified:
data/CVE/list
Log:
CVE-2017-14042/graphicsmagick assigned
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-08-31 09:10:16 UTC (rev 55293)
+++ data/CVE/list 2017-08-31 09:13:18 UTC (rev 55294)
@@ -14,8 +14,6 @@
RESERVED
CVE-2017-14043
RESERVED
-CVE-2017-14042 (A memory allocation failure was discovered in the ReadPNMImage function ...)
- TODO: check
CVE-2017-14038 (CrushFTP before 7.8.0 and 8.x before 8.2.0 has a redirect ...)
TODO: check
CVE-2017-14037 (CrushFTP before 7.8.0 and 8.x before 8.2.0 has an HTTP header ...)
@@ -838,9 +836,10 @@
NOTE: Fixed by: https://github.com/uclouvain/openjpeg/commit/c535531f03369623b9b833ef41952c62257b507e
NOTE: Reproducer: https://blogs.gentoo.org/ago/2017/08/28/openjpeg-heap-based-buffer-overflow-in-opj_t2_encode_packet-t2-c/
NOTE: https://github.com/uclouvain/openjpeg/issues/992
-CVE-2017-XXXX [memory allocation failure in MagickRealloc]
+CVE-2017-14042 [memory allocation failure in MagickRealloc]
- graphicsmagick <unfixed> (unimportant; bug #873538)
NOTE: Fixed by: http://hg.code.sf.net/p/graphicsmagick/code/rev/3bbf7a13643d
+ NOTE: https://blogs.gentoo.org/ago/2017/08/28/graphicsmagick-memory-allocation-failure-in-magickrealloc-memory-c-2/
NOTE: https://sourceforge.net/p/graphicsmagick/bugs/441/
CVE-2017-13710 (The setup_group function in elf.c in the Binary File Descriptor (BFD) ...)
- binutils <unfixed>
More information about the Secure-testing-commits
mailing list