[Secure-testing-commits] r52349 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Tue Jun 6 05:47:56 UTC 2017


Author: carnil
Date: 2017-06-06 05:47:56 +0000 (Tue, 06 Jun 2017)
New Revision: 52349

Modified:
   data/CVE/list
Log:
Add bug references for imagemagick

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-06-06 05:47:46 UTC (rev 52348)
+++ data/CVE/list	2017-06-06 05:47:56 UTC (rev 52349)
@@ -13,11 +13,11 @@
 CVE-2017-9441 (** DISPUTED ** Multiple cross-site scripting (XSS) vulnerabilities in ...)
 	NOT-FOR-US: BigTree CMS
 CVE-2017-9440 (In ImageMagick 7.0.5-5, a memory leak was found in the function ...)
-	- imagemagick <unfixed> (low)
+	- imagemagick <unfixed> (low; bug #864273)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/462
 	NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/c2be129c25763680afeca59f4de5d6d4240ca2cf
 CVE-2017-9439 (In ImageMagick 7.0.5-5, a memory leak was found in the function ...)
-	- imagemagick <unfixed> (low)
+	- imagemagick <unfixed> (low; bug #864274)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/460
 	NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/6c6abed989ea4a3ef472db65ab487c1809a3a718
 CVE-2017-9438 (libyara/re.c in the regexp module in YARA 3.5.0 allows remote attackers ...)




More information about the Secure-testing-commits mailing list