[Secure-testing-commits] r50112 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Tue Mar 28 04:29:16 UTC 2017
Author: carnil
Date: 2017-03-28 04:29:16 +0000 (Tue, 28 Mar 2017)
New Revision: 50112
Modified:
data/CVE/list
Log:
Add notes for CVE-2017-7275
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-03-28 04:28:21 UTC (rev 50111)
+++ data/CVE/list 2017-03-28 04:29:16 UTC (rev 50112)
@@ -20,6 +20,8 @@
RESERVED
CVE-2017-7275 (The ReadPCXImage function in coders/pcx.c in ImageMagick 7.0.4.9 allows ...)
- imagemagick <undetermined>
+ NOTE: https://blogs.gentoo.org/ago/2017/03/27/imagemagick-memory-allocation-failure-in-acquiremagickmemory-memory-c-incomplete-fix-for-cve-2016-8862-and-cve-2016-8866/
+ NOTE: https://github.com/ImageMagick/ImageMagick/issues/271
TODO: check (need to check if we are affected by the second incomplete fix as well)
CVE-2017-7274 (The r_pkcs7_parse_cms function in libr/util/r_pkcs7.c in radare2 1.3.0 ...)
TODO: check
More information about the Secure-testing-commits
mailing list