[Secure-testing-commits] r53471 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Thu Jul 13 21:18:23 UTC 2017 

Author: carnil
Date: 2017-07-13 21:18:23 +0000 (Thu, 13 Jul 2017)
New Revision: 53471

Modified:
   data/CVE/list
Log:
Add bugs for imagemagick issues

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-07-13 21:10:15 UTC (rev 53470)
+++ data/CVE/list	2017-07-13 21:18:23 UTC (rev 53471)
@@ -333,7 +333,7 @@
 CVE-2017-11171 (Bad reference counting in the context of accept_ice_connection() in ...)
 	- gnome-session 2.30.0-1
 CVE-2017-11170 (The ReadTGAImage function in coders\tga.c in ImageMagick 7.0.5-6 has a ...)
-	- imagemagick <unfixed> (low)
+	- imagemagick <unfixed> (low; bug #868184)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/472
 CVE-2017-11169
 	RESERVED
@@ -342,7 +342,7 @@
 CVE-2017-11167 (FineCMS 2.1.0 allows remote attackers to execute arbitrary PHP code by ...)
 	NOT-FOR-US: FineCMS
 CVE-2017-11166 (The ReadXWDImage function in coders\xwd.c in ImageMagick 7.0.5-6 has a ...)
-	- imagemagick <unfixed> (low)
+	- imagemagick <unfixed> (low; bug #868184)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/471
 CVE-2017-11165 (dataTaker DT80 dEX 1.50.012 allows remote attackers to obtain sensitive ...)
 	NOT-FOR-US: dataTaker
@@ -561,7 +561,7 @@
 CVE-2017-1000001 (FedMsg 0.18.1 and older is vulnerable to a message validation flaw ...)
 	TODO: check
 CVE-2017-11141 (The ReadMATImage function in coders\mat.c in ImageMagick 7.0.5-6 has a ...)
-	- imagemagick <unfixed> (low)
+	- imagemagick <unfixed> (low; bug #868184)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/469
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/353b942bd83da7e1356ba99c942848bd1871ee9f
 CVE-2017-11140 (The ReadJPEGImage function in coders/jpeg.c in GraphicsMagick 1.3.26 ...)
@@ -635,7 +635,7 @@
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/518
 	NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/224bc946b24824a77e8e8c52ee07e9bc65796e30
 CVE-2017-11188 (The ReadDPXImage function in coders\dpx.c in ImageMagick 7.0.6-0 has a ...)
-	- imagemagick <unfixed> (bug #867806)
+	- imagemagick <unfixed> (bug #867806; bug #868184)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/509
 CVE-2017-11113 (In ncurses 6.0, there is a NULL Pointer Dereference in the ...)
 	- ncurses 6.0+20170701-1

More information about the Secure-testing-commits mailing list