[Secure-testing-commits] r51969 - data/CVE
security tracker role
sectracker at moszumanska.debian.org
Fri May 26 09:10:13 UTC 2017
Author: sectracker
Date: 2017-05-26 09:10:12 +0000 (Fri, 26 May 2017)
New Revision: 51969
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-05-26 08:51:21 UTC (rev 51968)
+++ data/CVE/list 2017-05-26 09:10:12 UTC (rev 51969)
@@ -1,3 +1,17 @@
+CVE-2017-9239 (An issue was discovered in Exiv2 0.26. When the data structure of the ...)
+ TODO: check
+CVE-2017-9238
+ RESERVED
+CVE-2017-9237
+ RESERVED
+CVE-2017-9236
+ RESERVED
+CVE-2017-9235
+ RESERVED
+CVE-2017-9234
+ RESERVED
+CVE-2017-9233
+ RESERVED
CVE-2017-9232
RESERVED
CVE-2017-9231
@@ -219,17 +233,21 @@
CVE-2017-9145
RESERVED
CVE-2017-9144 (In ImageMagick 7.0.5-5, a crafted RLE image can trigger a crash because ...)
+ {DSA-3863-1}
- imagemagick <unfixed> (bug #863126)
NOTE: https://github.com/ImageMagick/ImageMagick/commit/7fdf9ea808caa3c81a0eb42656e5fafc59084198
CVE-2017-9142 (In ImageMagick 7.0.5-7 Q16, a crafted file could trigger an assertion ...)
+ {DSA-3863-1}
- imagemagick <unfixed> (bug #863125)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/490
NOTE: https://github.com/ImageMagick/ImageMagick/commit/72f5c8632bff2daf3c95005f9b4cf2982786b52a
CVE-2017-9141 (In ImageMagick 7.0.5-7 Q16, a crafted file could trigger an assertion ...)
+ {DSA-3863-1}
- imagemagick <unfixed> (bug #863124)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/489
NOTE: https://github.com/ImageMagick/ImageMagick/commit/f5910e91b0778e03ded45b9022be8eb8f77942cd
CVE-2017-9143 (In ImageMagick 7.0.5-5, the ReadARTImage function in coders/art.c ...)
+ {DSA-3863-1}
- imagemagick <unfixed> (bug #863123)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/456
NOTE: https://github.com/ImageMagick/ImageMagick/commit/7b8c1df65b25d6671f113e2306982eded44ce3b4
@@ -342,6 +360,7 @@
CVE-2017-9099
RESERVED
CVE-2017-9098 (ImageMagick before 7.0.5-2 and GraphicsMagick before 1.3.24 use ...)
+ {DSA-3863-1}
- imagemagick <unfixed> (bug #862967)
- graphicsmagick 1.3.24-1
NOTE: ImageMagick fix: https://github.com/ImageMagick/ImageMagick/commit/1c358ffe0049f768dd49a8a889c1cbf99ac9849b
@@ -1054,6 +1073,7 @@
- linux <unfixed>
NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=195559
CVE-2017-8830 (In ImageMagick 7.0.5-6, the ReadBMPImage function in bmp.c:1379 allows ...)
+ {DSA-3863-1}
- imagemagick 8:6.9.7.4+dfsg-7 (low; bug #862637)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/467
CVE-2017-8828
@@ -1246,6 +1266,7 @@
CVE-2017-8766
RESERVED
CVE-2017-8765 (The function named ReadICONImage in coders\icon.c in ImageMagick ...)
+ {DSA-3863-1}
- imagemagick 8:6.9.7.4+dfsg-7 (low; bug #862653)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/466
CVE-2017-8764
@@ -2203,48 +2224,63 @@
NOTE: Fixed by: https://github.com/LibreOffice/core/commit/6e6e54f944a5ebb49e9110bdeff844d00a96c56c
NOTE: Introduced by: https://github.com/LibreOffice/core/commit/ceb53ad9f34ae05d09f61845d581546eac0c6d60
CVE-2017-8357 (In ImageMagick 7.0.5-5, the ReadEPTImage function in ept.c allows ...)
+ {DSA-3863-1}
- imagemagick 8:6.9.7.4+dfsg-7 (bug #862636)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/453
CVE-2017-8356 (In ImageMagick 7.0.5-5, the ReadSUNImage function in sun.c allows ...)
+ {DSA-3863-1}
- imagemagick 8:6.9.7.4+dfsg-7 (bug #862635)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/449
CVE-2017-8355 (In ImageMagick 7.0.5-5, the ReadMTVImage function in mtv.c allows ...)
+ {DSA-3863-1}
- imagemagick 8:6.9.7.4+dfsg-7 (bug #862634)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/450
CVE-2017-8354 (In ImageMagick 7.0.5-5, the ReadBMPImage function in bmp.c allows ...)
+ {DSA-3863-1}
- imagemagick 8:6.9.7.4+dfsg-7 (bug #862633)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/451
CVE-2017-8353 (In ImageMagick 7.0.5-5, the ReadPICTImage function in pict.c allows ...)
+ {DSA-3863-1}
- imagemagick 8:6.9.7.4+dfsg-7 (bug #862632)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/454
CVE-2017-8352 (In ImageMagick 7.0.5-5, the ReadXWDImage function in xwd.c allows ...)
+ {DSA-3863-1}
- imagemagick 8:6.9.7.4+dfsg-7 (bug #862590)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/452
CVE-2017-8351 (In ImageMagick 7.0.5-5, the ReadPCDImage function in pcd.c allows ...)
+ {DSA-3863-1}
- imagemagick 8:6.9.7.4+dfsg-7 (bug #862589)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/448
CVE-2017-8350 (In ImageMagick 7.0.5-5, the ReadJNGImage function in png.c allows ...)
+ {DSA-3863-1}
- imagemagick 8:6.9.7.4+dfsg-7 (bug #862587)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/447
CVE-2017-8349 (In ImageMagick 7.0.5-5, the ReadSFWImage function in sfw.c allows ...)
+ {DSA-3863-1}
- imagemagick 8:6.9.7.4+dfsg-7 (bug #862579)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/443
CVE-2017-8348 (In ImageMagick 7.0.5-5, the ReadMATImage function in mat.c allows ...)
+ {DSA-3863-1}
- imagemagick 8:6.9.7.4+dfsg-7 (bug #862578)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/445
CVE-2017-8347 (In ImageMagick 7.0.5-5, the ReadEXRImage function in exr.c allows ...)
+ {DSA-3863-1}
- imagemagick 8:6.9.7.4+dfsg-7 (bug #862577)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/441
CVE-2017-8346 (In ImageMagick 7.0.5-5, the ReadDCMImage function in dcm.c allows ...)
+ {DSA-3863-1}
- imagemagick 8:6.9.7.4+dfsg-7 (bug #862575)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/440
CVE-2017-8345 (In ImageMagick 7.0.5-5, the ReadMNGImage function in png.c allows ...)
+ {DSA-3863-1}
- imagemagick 8:6.9.7.4+dfsg-7 (bug #862573)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/442
CVE-2017-8344 (In ImageMagick 7.0.5-5, the ReadPCXImage function in pcx.c allows ...)
+ {DSA-3863-1}
- imagemagick 8:6.9.7.4+dfsg-7 (bug #862574)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/446
CVE-2017-8343 (In ImageMagick 7.0.5-5, the ReadAAIImage function in aai.c allows ...)
+ {DSA-3863-1}
- imagemagick 8:6.9.7.4+dfsg-7 (bug #862572)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/444
CVE-2017-8341
@@ -3259,6 +3295,7 @@
CVE-2017-7944 (XOOPS Core 2.5.8.1 has XSS due to unescaped HTML output of an Install ...)
NOT-FOR-US: XOOPS
CVE-2017-7943 (The ReadSVGImage function in svg.c in ImageMagick 7.0.5-4 allows remote ...)
+ {DSA-3863-1}
- imagemagick 8:6.9.7.4+dfsg-6 (low; bug #860736)
[wheezy] - imagemagick <no-dsa> (Minor issue)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/427
@@ -3268,6 +3305,7 @@
[wheezy] - imagemagick <not-affected> (Vulnerable code not present, does not use pixel_info yet)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/429
CVE-2017-7941 (The ReadSGIImage function in sgi.c in ImageMagick 7.0.5-4 allows remote ...)
+ {DSA-3863-1}
- imagemagick 8:6.9.7.4+dfsg-6 (low; bug #860734)
[wheezy] - imagemagick <no-dsa> (Minor issue)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/428
@@ -4350,12 +4388,12 @@
[wheezy] - asterisk <not-affected> (Vulnerable code not present)
NOTE: http://downloads.asterisk.org/pub/security/AST-2017-001.html
CVE-2017-7619 (In ImageMagick 7.0.4-9, an infinite loop can occur because of a ...)
- {DLA-902-1}
+ {DSA-3863-1 DLA-902-1}
- imagemagick 8:6.9.7.4+dfsg-4 (bug #859769)
NOTE: https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=31506
NOTE: Fixed by: http://git.imagemagick.org/repos/ImageMagick/commit/63757068c803f692bd70304b06ce3406e0b67c7f
CVE-2017-7606 (coders/rle.c in ImageMagick 7.0.5-4 has an "outside the range of ...)
- {DLA-902-1}
+ {DSA-3863-1 DLA-902-1}
- imagemagick 8:6.9.7.4+dfsg-4 (bug #859771)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/415
NOTE: https://blogs.gentoo.org/ago/2017/04/02/imagemagick-undefined-behavior-in-codersrle-c/
@@ -19785,6 +19823,7 @@
RESERVED
CVE-2017-2295 [Unsafe YAML deseralization]
RESERVED
+ {DSA-3862-1}
- puppet 4.8.2-5 (bug #863212)
NOTE: https://puppet.com/security/cve/cve-2017-2295
NOTE: https://github.com/puppetlabs/puppet/commit/06d8c51367ca932b9da5d9b01958cfc0adf0f2ea
More information about the Secure-testing-commits
mailing list