[Secure-testing-commits] r54121 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Mon Jul 31 05:59:11 UTC 2017
Author: carnil
Date: 2017-07-31 05:59:11 +0000 (Mon, 31 Jul 2017)
New Revision: 54121
Modified:
data/CVE/list
Log:
Track some un-CVEified imagemagick issues
Part of those might actually be removed, low or neglibigle security
impact.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-07-31 05:32:11 UTC (rev 54120)
+++ data/CVE/list 2017-07-31 05:59:11 UTC (rev 54121)
@@ -1,3 +1,34 @@
+CVE-2017-XXXX [bad free in RelinquishMagickMemory]
+ - imagemagick 8:6.9.7.4+dfsg-15 (bug #870119)
+ NOTE: https://github.com/ImageMagick/ImageMagick/issues/621
+CVE-2017-XXXX [memory leak in ReadOneJNGImage #618]
+ - imagemagick 8:6.9.7.4+dfsg-15 (bug #870118)
+ NOTE: https://github.com/ImageMagick/ImageMagick/issues/618
+CVE-2017-XXXX [memory leak in ReadOneMNGImage #619]
+ - imagemagick 8:6.9.7.4+dfsg-15 (bug #870117)
+ NOTE: https://github.com/ImageMagick/ImageMagick/issues/619
+CVE-2017-XXXX [Stuck in LockSemaphoreInfo after reading a png with width==MAGICK_WIDTH_LIMIT #596]
+ - imagemagick 8:6.9.7.4+dfsg-15 (bug #870111)
+ NOTE: https://github.com/ImageMagick/ImageMagick/issues/596
+CVE-2017-XXXX [memory leak in ReadOneJNGImage #602]
+ - imagemagick 8:6.9.7.4+dfsg-15 (bug #870115)
+ NOTE: https://github.com/ImageMagick/ImageMagick/issues/602
+CVE-2017-XXXX [memory leak in ReadOneJNGImage #600]
+ - imagemagick 8:6.9.7.4+dfsg-15 (bug #870116)
+ NOTE: https://github.com/ImageMagick/ImageMagick/issues/600
+CVE-2017-XXXX [out-of-bounds read with the MNG CLIP chunk]
+ - imagemagick 8:6.9.7.4+dfsg-15 (bug #870109)
+CVE-2017-XXXX [memory leak in ReadOneJNGImage #550]
+ - imagemagick 8:6.9.7.4+dfsg-15 (bug #870108)
+ NOTE: https://github.com/ImageMagick/ImageMagick/issues/550
+CVE-2017-XXXX [memory exhaustion in ReadOneJNGImage in png.c]
+ - imagemagick 8:6.9.7.4+dfsg-15 (bug #870107)
+ NOTE: https://github.com/ImageMagick/ImageMagick/issues/549
+CVE-2017-XXXX [heap buffer overflow in ReadOneMNGImage]
+ - imagemagick 8:6.9.7.4+dfsg-15 (bug #870106)
+ NOTE: https://github.com/ImageMagick/ImageMagick/issues/542
+CVE-2017-XXXX [Lack of validation of png file]
+ - imagemagick 8:6.9.7.4+dfsg-15 (bug #870105)
CVE-2017-11756 (In Earcms Ear Music through 4.1 build 20170710, remote authenticated ...)
TODO: check
CVE-2017-11755 (The WritePICONImage function in coders/xpm.c in ImageMagick 7.0.6-4 ...)
More information about the Secure-testing-commits
mailing list