[Secure-testing-commits] r58894 - data/CVE

[Salvatore Bonaccorso]

Author: carnil
Date: 2017-12-24 09:39:15 +0000 (Sun, 24 Dec 2017)
New Revision: 58894

Modified:
   data/CVE/list
Log:
Add CVE-2017-17879

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-12-24 09:36:39 UTC (rev 58893)
+++ data/CVE/list	2017-12-24 09:39:15 UTC (rev 58894)
@@ -39,7 +39,10 @@
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/4b5d1edb02c432040e3ff894d0c461bcce6fd2c9
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/663b3b432c202cd2aeda7ea7e82b74cce51ab1cf
 CVE-2017-17879 (In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-21, there is a heap-based ...)
-	TODO: check
+	- imagemagick <unfixed>
+	NOTE: https://github.com/ImageMagick/ImageMagick/issues/906
+	NOTE: https://github.com/ImageMagick/ImageMagick/commit/72b3994a948a8a90dc664f3e7f72464878a31fbf
+	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/e41f18ecccbdd1c38e1382057718e91e8f8d6d80
 CVE-2017-17878 (An issue was discovered in Valve Steam Link build 643. Root passwords ...)
 	TODO: check
 CVE-2017-17877 (An issue was discovered in Valve Steam Link build 643. When the SSH ...)