[Secure-testing-commits] r53631 - in data: . CVE DSA

[Moritz Muehlenhoff]

Author: jmm
Date: 2017-07-18 21:33:09 +0000 (Tue, 18 Jul 2017)
New Revision: 53631

Modified:
   data/CVE/list
   data/DSA/list
   data/dsa-needed.txt
Log:
imagemagick DSA


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-07-18 21:10:15 UTC (rev 53630)
+++ data/CVE/list	2017-07-18 21:33:09 UTC (rev 53631)
@@ -5125,6 +5125,7 @@
 	RESERVED
 CVE-2017-9409 (In ImageMagick 7.0.5-5, the ReadMPCImage function in mpc.c allows ...)
 	{DLA-1000-1}
+	[jessie] - imagemagick 8:6.8.9.9-5+deb8u10
 	- imagemagick 8:6.9.7.4+dfsg-11 (low; bug #864090)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/458
 CVE-2017-9408 (In Poppler 0.54.0, a memory leak vulnerability was found in the ...)
@@ -5136,6 +5137,7 @@
 	NOTE: https://cgit.freedesktop.org/poppler/poppler/commit/?id=b21b041f7948680c03109f0c404400a9dbc4544c
 CVE-2017-9407 (In ImageMagick 7.0.5-5, the ReadPALMImage function in palm.c allows ...)
 	{DLA-1000-1}
+	[jessie] - imagemagick 8:6.8.9.9-5+deb8u10
 	- imagemagick 8:6.9.7.4+dfsg-11 (low; bug #864089)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/459
 CVE-2017-9406 (In Poppler 0.54.0, a memory leak vulnerability was found in the ...)
@@ -5698,11 +5700,13 @@
 	NOTE: Controllers shipped in Debian not vulnerable, see #863655
 CVE-2017-9262 (In ImageMagick 7.0.5-6 Q16, the ReadJNGImage function in coders/png.c ...)
 	{DLA-1000-1}
+	[jessie] - imagemagick 8:6.8.9.9-5+deb8u10
 	- imagemagick 8:6.9.7.4+dfsg-10 (low; bug #863834)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/475
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/4649578df8dcbfb2b08d8623d52486dc124da3a8
 CVE-2017-9261 (In ImageMagick 7.0.5-6 Q16, the ReadMNGImage function in coders/png.c ...)
 	{DLA-1000-1}
+	[jessie] - imagemagick 8:6.8.9.9-5+deb8u10
 	- imagemagick 8:6.9.7.4+dfsg-10 (low; bug #863833)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/476
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/01d522e990aa57cbe67d222dd5e8f7196cc6d199

Modified: data/DSA/list
===================================================================
--- data/DSA/list	2017-07-18 21:10:15 UTC (rev 53630)
+++ data/DSA/list	2017-07-18 21:33:09 UTC (rev 53631)
@@ -1,3 +1,7 @@
+[18 Jul 2017] DSA-3914-1 imagemagick - security update
+	{CVE-2017-9439 CVE-2017-9440 CVE-2017-9500 CVE-2017-9501 CVE-2017-10928 CVE-2017-11141 CVE-2017-11170 CVE-2017-11188 CVE-2017-11360}
+	[jessie] - imagemagick 8:6.8.9.9-5+deb8u10
+	[stretch] - imagemagick 8:6.9.7.4+dfsg-11+deb9u1
 [18 Jul 2017] DSA-3913-1 apache2 - security update
 	{CVE-2017-9788}
 	[jessie] - apache2 2.4.10-10+deb8u10

Modified: data/dsa-needed.txt
===================================================================
--- data/dsa-needed.txt	2017-07-18 21:10:15 UTC (rev 53630)
+++ data/dsa-needed.txt	2017-07-18 21:33:09 UTC (rev 53631)
@@ -22,8 +22,6 @@
 --
 icedove
 --
-imagemagick (jmm)
---
 ipsec-tools
 --
 libav/oldstable