[Secure-testing-commits] r54121 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Mon Jul 31 05:59:11 UTC 2017


Author: carnil
Date: 2017-07-31 05:59:11 +0000 (Mon, 31 Jul 2017)
New Revision: 54121

Modified:
   data/CVE/list
Log:
Track some un-CVEified imagemagick issues

Part of those might actually be removed, low or neglibigle security
impact.

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-07-31 05:32:11 UTC (rev 54120)
+++ data/CVE/list	2017-07-31 05:59:11 UTC (rev 54121)
@@ -1,3 +1,34 @@
+CVE-2017-XXXX [bad free in RelinquishMagickMemory]
+	- imagemagick 8:6.9.7.4+dfsg-15 (bug #870119)
+	NOTE: https://github.com/ImageMagick/ImageMagick/issues/621
+CVE-2017-XXXX [memory leak in ReadOneJNGImage #618]
+	- imagemagick 8:6.9.7.4+dfsg-15 (bug #870118)
+	NOTE: https://github.com/ImageMagick/ImageMagick/issues/618
+CVE-2017-XXXX [memory leak in ReadOneMNGImage #619]
+	- imagemagick 8:6.9.7.4+dfsg-15 (bug #870117)
+	NOTE: https://github.com/ImageMagick/ImageMagick/issues/619
+CVE-2017-XXXX [Stuck in LockSemaphoreInfo after reading a png with width==MAGICK_WIDTH_LIMIT #596]
+	- imagemagick 8:6.9.7.4+dfsg-15 (bug #870111)
+	NOTE: https://github.com/ImageMagick/ImageMagick/issues/596
+CVE-2017-XXXX [memory leak in ReadOneJNGImage #602]
+	- imagemagick 8:6.9.7.4+dfsg-15 (bug #870115)
+	NOTE: https://github.com/ImageMagick/ImageMagick/issues/602
+CVE-2017-XXXX [memory leak in ReadOneJNGImage #600]
+	- imagemagick 8:6.9.7.4+dfsg-15 (bug #870116)
+	NOTE: https://github.com/ImageMagick/ImageMagick/issues/600
+CVE-2017-XXXX [out-of-bounds read with the MNG CLIP chunk]
+	- imagemagick 8:6.9.7.4+dfsg-15 (bug #870109)
+CVE-2017-XXXX [memory leak in ReadOneJNGImage #550]
+	- imagemagick 8:6.9.7.4+dfsg-15 (bug #870108)
+	NOTE: https://github.com/ImageMagick/ImageMagick/issues/550
+CVE-2017-XXXX [memory exhaustion in ReadOneJNGImage in png.c]
+	- imagemagick 8:6.9.7.4+dfsg-15 (bug #870107)
+	NOTE: https://github.com/ImageMagick/ImageMagick/issues/549
+CVE-2017-XXXX [heap buffer overflow in ReadOneMNGImage]
+	- imagemagick 8:6.9.7.4+dfsg-15 (bug #870106)
+	NOTE: https://github.com/ImageMagick/ImageMagick/issues/542
+CVE-2017-XXXX [Lack of validation of png file]
+	- imagemagick 8:6.9.7.4+dfsg-15 (bug #870105)
 CVE-2017-11756 (In Earcms Ear Music through 4.1 build 20170710, remote authenticated ...)
 	TODO: check
 CVE-2017-11755 (The WritePICONImage function in coders/xpm.c in ImageMagick 7.0.6-4 ...)




More information about the Secure-testing-commits mailing list