[Secure-testing-commits] r54079 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Sun Jul 30 16:03:08 UTC 2017 

Author: carnil
Date: 2017-07-30 16:03:08 +0000 (Sun, 30 Jul 2017)
New Revision: 54079

Modified:
   data/CVE/list
Log:
Track individual bugs for graphicsmagick

Do this since we have not evaluated (and per LTS triage it's not given)
if all CVE in the original bug really affect graphicsmagick back to
1.3.20-3. This enables to use proper version tracking in the BTS for the
repsective issues.

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-07-30 15:45:42 UTC (rev 54078)
+++ data/CVE/list	2017-07-30 16:03:08 UTC (rev 54079)
@@ -82,7 +82,7 @@
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/362
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/51b0ae01709adc1e4a9245e158ef17b85a110960
 CVE-2017-11722 (The WriteOnePNGImage function in coders/png.c in GraphicsMagick 1.3.26 ...)
-	- graphicsmagick <unfixed> (bug #870149)
+	- graphicsmagick <unfixed> (bug #870158)
 	[wheezy] - graphicsmagick <not-affected> (vulnerable code not present)
 	NOTE: http://hg.code.sf.net/p/graphicsmagick/code/rev/f423ba88ca4e
 CVE-2017-11721
@@ -285,13 +285,13 @@
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/a6802e21d824e786d1e2a8440cf749a6e1a8d95f
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/418f88dd18af34b6cb64f709567c81b89865d7bc
 CVE-2017-11643 (GraphicsMagick 1.3.26 has a heap overflow in the WriteCMYKImage() ...)
-	- graphicsmagick <unfixed> (bug #870149)
+	- graphicsmagick <unfixed> (bug #870157)
 	NOTE: http://hg.code.sf.net/p/graphicsmagick/code/rev/d00b74315a71
 CVE-2017-11642 (GraphicsMagick 1.3.26 has a NULL pointer dereference in the ...)
-	- graphicsmagick <unfixed> (bug #870149)
+	- graphicsmagick <unfixed> (bug #870156)
 	NOTE: http://hg.code.sf.net/p/graphicsmagick/code/rev/29550606d8b9
 CVE-2017-11641 (GraphicsMagick 1.3.26 has a Memory Leak in the PersistCache function in ...)
-	- graphicsmagick <unfixed> (bug #870149)
+	- graphicsmagick <unfixed> (bug #870155)
 	NOTE: http://hg.code.sf.net/p/graphicsmagick/code/rev/db732abd9318
 CVE-2017-11640 (When ImageMagick 7.0.6-1 processes a crafted file in convert, it can ...)
 	- imagemagick 8:6.9.7.4+dfsg-15 (bug #870067)
@@ -300,10 +300,10 @@
 	- imagemagick 8:6.9.7.4+dfsg-15 (bug #870065)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/588
 CVE-2017-11638 (GraphicsMagick 1.3.26 has a segmentation violation in the ...)
-	- graphicsmagick <unfixed> (bug #870149)
+	- graphicsmagick <unfixed> (bug #870154)
 	NOTE: http://hg.code.sf.net/p/graphicsmagick/code/rev/29550606d8b9
 CVE-2017-11637 (GraphicsMagick 1.3.26 has a NULL pointer dereference in the ...)
-	- graphicsmagick <unfixed> (bug #870149)
+	- graphicsmagick <unfixed> (bug #870153)
 	NOTE: http://hg.code.sf.net/p/graphicsmagick/code/rev/f3ffc5541257
 CVE-2017-11636 (GraphicsMagick 1.3.26 has a heap overflow in the WriteRGBImage() ...)
 	- graphicsmagick <unfixed> (bug #870149)

More information about the Secure-testing-commits mailing list