[Secure-testing-commits] r58975 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Wed Dec 27 22:12:08 UTC 2017
Author: carnil
Date: 2017-12-27 22:12:08 +0000 (Wed, 27 Dec 2017)
New Revision: 58975
Modified:
data/CVE/list
Log:
Add CVE-2017-17912/graphicsmagick
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-12-27 22:10:20 UTC (rev 58974)
+++ data/CVE/list 2017-12-27 22:12:08 UTC (rev 58975)
@@ -79,7 +79,9 @@
NOTE: https://sourceforge.net/p/graphicsmagick/bugs/536/
TODO: check, potentially just unimportant like similar issue in imagemagick
CVE-2017-17912 (In GraphicsMagick 1.4 snapshot-20171217 Q8, there is a heap-based ...)
- TODO: check
+ - graphicsmagick <unfixed>
+ NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/0d871e813a4f
+ NOTE: https://sourceforge.net/p/graphicsmagick/bugs/533/
CVE-2017-17911 (packages/core/contact.php in Archon 3.21 rev-1 has XSS in the referer ...)
TODO: check
CVE-2017-17910
More information about the Secure-testing-commits
mailing list