[Secure-testing-commits] r58742 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Wed Dec 20 21:22:01 UTC 2017


Author: carnil
Date: 2017-12-20 21:22:01 +0000 (Wed, 20 Dec 2017)
New Revision: 58742

Modified:
   data/CVE/list
Log:
Add two graphicsmagick issues

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-12-20 21:15:49 UTC (rev 58741)
+++ data/CVE/list	2017-12-20 21:22:01 UTC (rev 58742)
@@ -116,9 +116,13 @@
 	- ruby1.8 <removed>
 	NOTE: https://github.com/ruby/ruby/pull/1777
 CVE-2017-17783 (In GraphicsMagick 1.3.27a, there is a buffer over-read in ReadPALMImage ...)
-	TODO: check
+	- graphicsmagick <unfixed>
+	NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick?cmd=changeset;node=60932931559a
+	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/529/
 CVE-2017-17782 (In GraphicsMagick 1.3.27a, there is a heap-based buffer over-read in ...)
-	TODO: check
+	- graphicsmagick <unfixed>
+	NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick?cmd=changeset;node=8e3d2264109c
+	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/530/
 CVE-2017-17781 (In Horde Groupware through 5.2.22, SQL Injection exists via the group ...)
 	TODO: check
 CVE-2017-17780 (The Clockwork SMS clockwork-test-message.php component has XSS via a ...)




More information about the Secure-testing-commits mailing list