[Secure-testing-commits] r49339 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Wed Mar 1 14:58:51 UTC 2017
Author: jmm
Date: 2017-03-01 14:58:50 +0000 (Wed, 01 Mar 2017)
New Revision: 49339
Modified:
data/CVE/list
Log:
add fix references for imagemagick
NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-03-01 11:35:47 UTC (rev 49338)
+++ data/CVE/list 2017-03-01 14:58:50 UTC (rev 49339)
@@ -3245,6 +3245,7 @@
- imagemagick 8:6.9.7.4+dfsg-1 (bug #851383)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/354
NOTE: http://www.openwall.com/lists/oss-security/2017/01/16/6
+ NOTE: https://github.com/ImageMagick/ImageMagick/commit/6235f1f7a9f7b0f83b197f6cd0073dbb6602d0fb
CVE-2017-5507 [memory leak in MPC file handling]
RESERVED
{DLA-807-1}
@@ -3283,12 +3284,14 @@
- imagemagick 8:6.9.7.4+dfsg-1 (bug #851376)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/348
NOTE: http://www.openwall.com/lists/oss-security/2017/01/16/6
+ NOTE: https://github.com/ImageMagick/ImageMagick/commit/e87af64b1ff1635a32d9b6162f1b0e260fb54ed9
CVE-2017-5511 [memory corruption heap overflow, psb file related]
RESERVED
{DLA-807-1}
- imagemagick 8:6.9.7.4+dfsg-1 (bug #851374)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/347
NOTE: http://www.openwall.com/lists/oss-security/2017/01/16/6
+ NOTE: https://github.com/ImageMagick/ImageMagick/commit/7d65a814ac76bd04760072c33e452371692ee790
CVE-2016-10144 [ipl file missing malloc check]
RESERVED
{DLA-807-1}
@@ -16392,6 +16395,7 @@
NOTE: either of these commits 933e96f01a8c889c7bf5ffd30020e86a02a046e7 nor
NOTE: 4e914bbe371433f0590cefdf3bd5f3a5710069f9 upstream. It is not the same
NOTE: as the fputc issue in ReadGROUP4Image.
+ NOTE: https://github.com/ImageMagick/ImageMagick/commit/41e955984b034777903cfa61e500a0b922eb9cbd
CVE-2016-10061
RESERVED
{DSA-3726-1 DLA-756-1}
@@ -38742,11 +38746,11 @@
NOTE: Restricting ioctl on the kernel side seems the better approach
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1300746
CVE-2016-2558 (The Escape interface in the Kernel Mode Driver layer in the NVIDIA GPU ...)
- TODO: check
+ NOT-FOR-US: NVIDIA Windows drivers
CVE-2016-2557 (The Escape interface in the Kernel Mode Driver layer in the NVIDIA GPU ...)
- TODO: check
+ NOT-FOR-US: NVIDIA Windows drivers
CVE-2016-2556 (The Escape interface in the Kernel Mode Driver layer in the NVIDIA GPU ...)
- TODO: check
+ NOT-FOR-US: NVIDIA Windows drivers
CVE-2016-2555
RESERVED
CVE-2016-2553
More information about the Secure-testing-commits
mailing list