[Secure-testing-commits] r58742 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Wed Dec 20 21:22:01 UTC 2017
Author: carnil
Date: 2017-12-20 21:22:01 +0000 (Wed, 20 Dec 2017)
New Revision: 58742
Modified:
data/CVE/list
Log:
Add two graphicsmagick issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-12-20 21:15:49 UTC (rev 58741)
+++ data/CVE/list 2017-12-20 21:22:01 UTC (rev 58742)
@@ -116,9 +116,13 @@
- ruby1.8 <removed>
NOTE: https://github.com/ruby/ruby/pull/1777
CVE-2017-17783 (In GraphicsMagick 1.3.27a, there is a buffer over-read in ReadPALMImage ...)
- TODO: check
+ - graphicsmagick <unfixed>
+ NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick?cmd=changeset;node=60932931559a
+ NOTE: https://sourceforge.net/p/graphicsmagick/bugs/529/
CVE-2017-17782 (In GraphicsMagick 1.3.27a, there is a heap-based buffer over-read in ...)
- TODO: check
+ - graphicsmagick <unfixed>
+ NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick?cmd=changeset;node=8e3d2264109c
+ NOTE: https://sourceforge.net/p/graphicsmagick/bugs/530/
CVE-2017-17781 (In Horde Groupware through 5.2.22, SQL Injection exists via the group ...)
TODO: check
CVE-2017-17780 (The Clockwork SMS clockwork-test-message.php component has XSS via a ...)
More information about the Secure-testing-commits
mailing list