[Secure-testing-commits] r53646 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Wed Jul 19 04:41:08 UTC 2017
Author: carnil
Date: 2017-07-19 04:41:08 +0000 (Wed, 19 Jul 2017)
New Revision: 53646
Modified:
data/CVE/list
Log:
Record more imagemagick fixes with last DSA
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-07-19 04:31:15 UTC (rev 53645)
+++ data/CVE/list 2017-07-19 04:41:08 UTC (rev 53646)
@@ -242,32 +242,40 @@
NOTE: https://github.com/ImageMagick/ImageMagick/commit/8c10b9247509c0484b55330458846115131ec2ae#diff-0a5dc34e461f3c458e758c199f2dc46d
CVE-2017-XXXX [Avoid heap based overflow for jpeg]
- imagemagick 8:6.9.7.4+dfsg-12 (bug #867894)
+ [jessie] - imagemagick 8:6.8.9.9-5+deb8u10
NOTE: https://github.com/ImageMagick/ImageMagick/issues/556
NOTE: https://github.com/ImageMagick/ImageMagick/commit/948356eec65aea91995d4b7cc487d197d2c5f602
CVE-2017-XXXX [memory leak in ReadMATImage in mat.c]
- imagemagick 8:6.9.7.4+dfsg-12 (bug #867823)
+ [jessie] - imagemagick 8:6.8.9.9-5+deb8u10
NOTE: https://github.com/ImageMagick/ImageMagick/issues/525
CVE-2017-XXXX [clear jpeg memory in order to avoid data leak]
- imagemagick 8:6.9.7.4+dfsg-12 (bug #867893)
+ [jessie] - imagemagick 8:6.8.9.9-5+deb8u10
NOTE: https://github.com/ImageMagick/ImageMagick/issues/556
NOTE: https://github.com/ImageMagick/ImageMagick/commit/1737ac82b335e53376382c07b9a500d73dd2aa11
CVE-2017-XXXX [CPU exhaustion in ReadOneDJVUImage]
- imagemagick 8:6.9.7.4+dfsg-12 (bug #867826)
+ [jessie] - imagemagick 8:6.8.9.9-5+deb8u10
NOTE: https://github.com/ImageMagick/ImageMagick/issues/528
CVE-2017-XXXX [CPU exhaustion in ReadOneMNGImage]
- imagemagick 8:6.9.7.4+dfsg-12 (bug #867825)
+ [jessie] - imagemagick 8:6.8.9.9-5+deb8u10
NOTE: https://github.com/ImageMagick/ImageMagick/issues/527
CVE-2017-XXXX [CPU exhaustion in ReadOneJNGImage]
- imagemagick 8:6.9.7.4+dfsg-12 (bug #867824)
+ [jessie] - imagemagick 8:6.8.9.9-5+deb8u10
NOTE: https://github.com/ImageMagick/ImageMagick/issues/526
CVE-2017-XXXX [memory exhaustion in ReadEPTImage in ept.c]
- imagemagick 8:6.9.7.4+dfsg-12 (bug #867821)
+ [jessie] - imagemagick 8:6.8.9.9-5+deb8u10
NOTE: https://github.com/ImageMagick/ImageMagick/issues/524
CVE-2017-XXXX [assertion failed in WriteBlob]
- imagemagick 8:6.9.7.4+dfsg-12 (bug #867798)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/506
CVE-2017-XXXX [enable heap overflow check for stdin for mpc files]
- imagemagick 8:6.9.7.4+dfsg-12 (bug #867896)
+ [jessie] - imagemagick 8:6.8.9.9-5+deb8u10
NOTE: https://github.com/ImageMagick/ImageMagick/issues/556
NOTE: https://github.com/ImageMagick/ImageMagick/commit/b007dd3a048097d8f58949297f5b434612e1e1a3#diff-cdb21e3ad4d6e304030bd19bdc881fce
NOTE: https://github.com/ImageMagick/ImageMagick/commit/529ff26b68febb2ac03062c58452ea0b4c6edbc1#diff-cdb21e3ad4d6e304030bd19bdc881fce
@@ -974,12 +982,15 @@
RESERVED
CVE-2017-XXXX [memory exhaustion in ReadDPXImage in dpx.c]
- imagemagick 8:6.9.7.4+dfsg-12 (bug #867812)
+ [jessie] - imagemagick 8:6.8.9.9-5+deb8u10
NOTE: https://github.com/ImageMagick/ImageMagick/issues/523
CVE-2017-XXXX [memory leak in ReadDIBImage in dib.c]
- imagemagick 8:6.9.7.4+dfsg-12 (bug #867811)
+ [jessie] - imagemagick 8:6.8.9.9-5+deb8u10
NOTE: https://github.com/ImageMagick/ImageMagick/issues/522
CVE-2017-XXXX [memory exhaustion in ReadCINImage]
- imagemagick 8:6.9.7.4+dfsg-12 (bug #867810)
+ [jessie] - imagemagick 8:6.8.9.9-5+deb8u10
NOTE: https://github.com/ImageMagick/ImageMagick/issues/519
CVE-2017-11188 (The ReadDPXImage function in coders\dpx.c in ImageMagick 7.0.6-0 has a ...)
- imagemagick 8:6.9.7.4+dfsg-12 (bug #867806)
@@ -5154,7 +5165,7 @@
CVE-2017-9405 (In ImageMagick 7.0.5-5, the ReadICONImage function in icon.c:452 allows ...)
{DLA-1000-1}
- imagemagick 8:6.9.7.4+dfsg-11 (low; bug #864087)
- [jessie] - imagemagick <no-dsa> (Minor issue, wait until more severe issues arise)
+ [jessie] - imagemagick 8:6.8.9.9-5+deb8u10
NOTE: https://github.com/ImageMagick/ImageMagick/issues/457
CVE-2017-9404 (In LibTIFF 4.0.7, a memory leak vulnerability was found in the function ...)
{DLA-984-1 DLA-983-1}
More information about the Secure-testing-commits
mailing list