[Secure-testing-commits] r51820 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Mon May 22 10:48:43 UTC 2017
Author: carnil
Date: 2017-05-22 10:48:43 +0000 (Mon, 22 May 2017)
New Revision: 51820
Modified:
data/CVE/list
Log:
Add four temporary items for imagemagick for which maintainer requested CVEs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-05-22 10:19:16 UTC (rev 51819)
+++ data/CVE/list 2017-05-22 10:48:43 UTC (rev 51820)
@@ -1,3 +1,15 @@
+CVE-2017-XXXX [Check for EOF conditions for RLE image format]
+ - imagemagick <unfixed> (bug #863126)
+ NOTE: https://github.com/ImageMagick/ImageMagick/commit/7fdf9ea808caa3c81a0eb42656e5fafc59084198
+CVE-2017-XXXX [A crafted file revealed an assertion failure in blob.c]
+ - imagemagick <unfixed> (bug #863125)
+ NOTE: https://github.com/ImageMagick/ImageMagick/issues/490
+CVE-2017-XXXX [A crafted file revealed an assertion failure in profile.c]
+ - imagemagick <unfixed> (bug #863124)
+ NOTE: https://github.com/ImageMagick/ImageMagick/issues/489
+CVE-2017-XXXX [Specially crafted arts file could lead to memory leak]
+ - imagemagick <unfixed> (bug #863123)
+ NOTE: https://github.com/ImageMagick/ImageMagick/issues/456
CVE-2017-9140 (Cross-site scripting (XSS) vulnerability in Telerik Reporting for ...)
TODO: check
CVE-2017-9139 (There is a stack-based buffer overflow on some Tenda routers ...)
More information about the Secure-testing-commits
mailing list