[Secure-testing-commits] r58454 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Mon Dec 11 09:21:06 UTC 2017
Author: carnil
Date: 2017-12-11 09:21:06 +0000 (Mon, 11 Dec 2017)
New Revision: 58454
Modified:
data/CVE/list
Log:
Add CVE-2017-17504/imagemagick
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-12-11 09:19:09 UTC (rev 58453)
+++ data/CVE/list 2017-12-11 09:21:06 UTC (rev 58454)
@@ -88,7 +88,11 @@
- hdf5 <unfixed>
NOTE: https://github.com/xiaoqx/pocs/blob/master/hdf5/readme.md
CVE-2017-17504 (ImageMagick before 7.0.7-12 has a coders/png.c ...)
- TODO: check
+ - imagemagick <unfixed>
+ NOTE: https://github.com/ImageMagick/ImageMagick/issues/872
+ NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/ce3a586a43a7d13442587eb7f28d129557b6a135
+ NOTE: ImageMagick-7: https://github.com/ImageMagick/ImageMagick/commit/59c49559e302e06bfba46cb6feb4e39adbe675b6
+ NOTE: ImageMagick-7: https://github.com/ImageMagick/ImageMagick/commit/fb89192c4ca1600741af79dd22166a7d91e76924
CVE-2017-17503 (ReadGRAYImage in coders/gray.c in GraphicsMagick 1.3.26 has a ...)
TODO: check
CVE-2017-17502 (ReadCMYKImage in coders/cmyk.c in GraphicsMagick 1.3.26 has a ...)
More information about the Secure-testing-commits
mailing list