[Secure-testing-commits] r52052 - data/CVE
security tracker role
sectracker at moszumanska.debian.org
Mon May 29 09:10:17 UTC 2017
Author: sectracker
Date: 2017-05-29 09:10:17 +0000 (Mon, 29 May 2017)
New Revision: 52052
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-05-29 07:37:41 UTC (rev 52051)
+++ data/CVE/list 2017-05-29 09:10:17 UTC (rev 52052)
@@ -1,3 +1,33 @@
+CVE-2017-9266
+ RESERVED
+CVE-2017-9265 (In Open vSwitch (OvS) v2.7.0, there is a buffer over-read while parsing ...)
+ TODO: check
+CVE-2017-9264 (In lib/conntrack.c in the firewall implementation in Open vSwitch (OvS) ...)
+ TODO: check
+CVE-2017-9263 (In Open vSwitch (OvS) 2.7.0, while parsing an OpenFlow role status ...)
+ TODO: check
+CVE-2017-9262 (In ImageMagick 7.0.5-6 Q16, the ReadJNGImage function in coders/png.c ...)
+ TODO: check
+CVE-2017-9261 (In ImageMagick 7.0.5-6 Q16, the ReadMNGImage function in coders/png.c ...)
+ TODO: check
+CVE-2017-9260
+ RESERVED
+CVE-2017-9259
+ RESERVED
+CVE-2017-9258
+ RESERVED
+CVE-2017-9257
+ RESERVED
+CVE-2017-9256
+ RESERVED
+CVE-2017-9255
+ RESERVED
+CVE-2017-9254
+ RESERVED
+CVE-2017-9253
+ RESERVED
+CVE-2016-10377 (In Open vSwitch (OvS) 2.5.0, a malformed IP packet can cause the switch ...)
+ TODO: check
CVE-2017-XXXX [double free with Paged Results control and pagesize 0]
- openldap 2.4.44+dfsg-5 (bug #863563)
NOTE: http://www.openldap.org/its/?findid=8655
@@ -288,21 +318,21 @@
CVE-2017-9145
RESERVED
CVE-2017-9144 (In ImageMagick 7.0.5-5, a crafted RLE image can trigger a crash because ...)
- {DSA-3863-1}
+ {DSA-3863-1 DLA-960-1}
- imagemagick 8:6.9.7.4+dfsg-9 (bug #863126)
NOTE: https://github.com/ImageMagick/ImageMagick/commit/7fdf9ea808caa3c81a0eb42656e5fafc59084198
CVE-2017-9142 (In ImageMagick 7.0.5-7 Q16, a crafted file could trigger an assertion ...)
- {DSA-3863-1}
+ {DSA-3863-1 DLA-960-1}
- imagemagick 8:6.9.7.4+dfsg-9 (bug #863125)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/490
NOTE: https://github.com/ImageMagick/ImageMagick/commit/72f5c8632bff2daf3c95005f9b4cf2982786b52a
CVE-2017-9141 (In ImageMagick 7.0.5-7 Q16, a crafted file could trigger an assertion ...)
- {DSA-3863-1}
+ {DSA-3863-1 DLA-960-1}
- imagemagick 8:6.9.7.4+dfsg-9 (bug #863124)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/489
NOTE: https://github.com/ImageMagick/ImageMagick/commit/f5910e91b0778e03ded45b9022be8eb8f77942cd
CVE-2017-9143 (In ImageMagick 7.0.5-5, the ReadARTImage function in coders/art.c ...)
- {DSA-3863-1}
+ {DSA-3863-1 DLA-960-1}
- imagemagick 8:6.9.7.4+dfsg-9 (bug #863123)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/456
NOTE: https://github.com/ImageMagick/ImageMagick/commit/7b8c1df65b25d6671f113e2306982eded44ce3b4
@@ -416,7 +446,7 @@
CVE-2017-9099
RESERVED
CVE-2017-9098 (ImageMagick before 7.0.5-2 and GraphicsMagick before 1.3.24 use ...)
- {DSA-3863-1 DLA-953-1}
+ {DSA-3863-1 DLA-960-1 DLA-953-1}
- imagemagick 8:6.9.7.4+dfsg-9 (bug #862967)
- graphicsmagick 1.3.24-1
NOTE: ImageMagick fix: https://github.com/ImageMagick/ImageMagick/commit/1c358ffe0049f768dd49a8a889c1cbf99ac9849b
@@ -1132,7 +1162,7 @@
- linux <unfixed>
NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=195559
CVE-2017-8830 (In ImageMagick 7.0.5-6, the ReadBMPImage function in bmp.c:1379 allows ...)
- {DSA-3863-1}
+ {DSA-3863-1 DLA-960-1}
- imagemagick 8:6.9.7.4+dfsg-7 (low; bug #862637)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/467
CVE-2017-8828
@@ -1325,7 +1355,7 @@
CVE-2017-8766
RESERVED
CVE-2017-8765 (The function named ReadICONImage in coders\icon.c in ImageMagick ...)
- {DSA-3863-1}
+ {DSA-3863-1 DLA-960-1}
- imagemagick 8:6.9.7.4+dfsg-7 (low; bug #862653)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/466
CVE-2017-8764
@@ -2289,63 +2319,63 @@
NOTE: Fixed by: https://github.com/LibreOffice/core/commit/6e6e54f944a5ebb49e9110bdeff844d00a96c56c
NOTE: Introduced by: https://github.com/LibreOffice/core/commit/ceb53ad9f34ae05d09f61845d581546eac0c6d60
CVE-2017-8357 (In ImageMagick 7.0.5-5, the ReadEPTImage function in ept.c allows ...)
- {DSA-3863-1}
+ {DSA-3863-1 DLA-960-1}
- imagemagick 8:6.9.7.4+dfsg-7 (bug #862636)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/453
CVE-2017-8356 (In ImageMagick 7.0.5-5, the ReadSUNImage function in sun.c allows ...)
- {DSA-3863-1}
+ {DSA-3863-1 DLA-960-1}
- imagemagick 8:6.9.7.4+dfsg-7 (bug #862635)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/449
CVE-2017-8355 (In ImageMagick 7.0.5-5, the ReadMTVImage function in mtv.c allows ...)
- {DSA-3863-1}
+ {DSA-3863-1 DLA-960-1}
- imagemagick 8:6.9.7.4+dfsg-7 (bug #862634)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/450
CVE-2017-8354 (In ImageMagick 7.0.5-5, the ReadBMPImage function in bmp.c allows ...)
- {DSA-3863-1}
+ {DSA-3863-1 DLA-960-1}
- imagemagick 8:6.9.7.4+dfsg-7 (bug #862633)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/451
CVE-2017-8353 (In ImageMagick 7.0.5-5, the ReadPICTImage function in pict.c allows ...)
- {DSA-3863-1}
+ {DSA-3863-1 DLA-960-1}
- imagemagick 8:6.9.7.4+dfsg-7 (bug #862632)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/454
CVE-2017-8352 (In ImageMagick 7.0.5-5, the ReadXWDImage function in xwd.c allows ...)
- {DSA-3863-1}
+ {DSA-3863-1 DLA-960-1}
- imagemagick 8:6.9.7.4+dfsg-7 (bug #862590)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/452
CVE-2017-8351 (In ImageMagick 7.0.5-5, the ReadPCDImage function in pcd.c allows ...)
- {DSA-3863-1}
+ {DSA-3863-1 DLA-960-1}
- imagemagick 8:6.9.7.4+dfsg-7 (bug #862589)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/448
CVE-2017-8350 (In ImageMagick 7.0.5-5, the ReadJNGImage function in png.c allows ...)
- {DSA-3863-1}
+ {DSA-3863-1 DLA-960-1}
- imagemagick 8:6.9.7.4+dfsg-7 (bug #862587)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/447
CVE-2017-8349 (In ImageMagick 7.0.5-5, the ReadSFWImage function in sfw.c allows ...)
- {DSA-3863-1}
+ {DSA-3863-1 DLA-960-1}
- imagemagick 8:6.9.7.4+dfsg-7 (bug #862579)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/443
CVE-2017-8348 (In ImageMagick 7.0.5-5, the ReadMATImage function in mat.c allows ...)
- {DSA-3863-1}
+ {DSA-3863-1 DLA-960-1}
- imagemagick 8:6.9.7.4+dfsg-7 (bug #862578)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/445
CVE-2017-8347 (In ImageMagick 7.0.5-5, the ReadEXRImage function in exr.c allows ...)
- {DSA-3863-1}
+ {DSA-3863-1 DLA-960-1}
- imagemagick 8:6.9.7.4+dfsg-7 (bug #862577)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/441
CVE-2017-8346 (In ImageMagick 7.0.5-5, the ReadDCMImage function in dcm.c allows ...)
- {DSA-3863-1}
+ {DSA-3863-1 DLA-960-1}
- imagemagick 8:6.9.7.4+dfsg-7 (bug #862575)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/440
CVE-2017-8345 (In ImageMagick 7.0.5-5, the ReadMNGImage function in png.c allows ...)
- {DSA-3863-1}
+ {DSA-3863-1 DLA-960-1}
- imagemagick 8:6.9.7.4+dfsg-7 (bug #862573)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/442
CVE-2017-8344 (In ImageMagick 7.0.5-5, the ReadPCXImage function in pcx.c allows ...)
- {DSA-3863-1}
+ {DSA-3863-1 DLA-960-1}
- imagemagick 8:6.9.7.4+dfsg-7 (bug #862574)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/446
CVE-2017-8343 (In ImageMagick 7.0.5-5, the ReadAAIImage function in aai.c allows ...)
- {DSA-3863-1}
+ {DSA-3863-1 DLA-960-1}
- imagemagick 8:6.9.7.4+dfsg-7 (bug #862572)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/444
CVE-2017-8341
@@ -3359,7 +3389,7 @@
CVE-2017-7944 (XOOPS Core 2.5.8.1 has XSS due to unescaped HTML output of an Install ...)
NOT-FOR-US: XOOPS
CVE-2017-7943 (The ReadSVGImage function in svg.c in ImageMagick 7.0.5-4 allows remote ...)
- {DSA-3863-1}
+ {DSA-3863-1 DLA-960-1}
- imagemagick 8:6.9.7.4+dfsg-6 (low; bug #860736)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/427
CVE-2017-7942 (The ReadAVSImage function in avs.c in ImageMagick 7.0.5-4 allows remote ...)
@@ -3368,7 +3398,7 @@
[wheezy] - imagemagick <not-affected> (Vulnerable code not present, does not use pixel_info yet)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/429
CVE-2017-7941 (The ReadSGIImage function in sgi.c in ImageMagick 7.0.5-4 allows remote ...)
- {DSA-3863-1}
+ {DSA-3863-1 DLA-960-1}
- imagemagick 8:6.9.7.4+dfsg-6 (low; bug #860734)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/428
CVE-2017-7940 (The iw_read_gif_file function in imagew-gif.c in libimageworsener.a in ...)
@@ -39399,6 +39429,7 @@
{DLA-731-1}
- imagemagick 8:6.8.9.9-4 (bug #773834)
CVE-2014-9841 (The ReadPSDLayers function in coders/psd.c in ImageMagick 6.8.9.9 ...)
+ {DLA-960-1}
- imagemagick 8:6.8.9.9-4 (bug #773834)
CVE-2014-9842 (Memory leak in the ReadPSDLayers function in coders/psd.c in ...)
- imagemagick 8:6.8.9.9-4 (bug #773834)
@@ -74422,6 +74453,7 @@
NOTE: https://nodesecurity.io/advisories/serve-static-xss
NOTE: https://github.com/expressjs/serve-index/issues/28
CVE-2015-8903 (The ReadVICARImage function in coders/vicar.c in ImageMagick 6.x ...)
+ {DLA-960-1}
[experimental] - imagemagick 8:6.9.1.2-1
- imagemagick 8:6.8.9.9-6 (low)
[jessie] - imagemagick 8:6.8.9.9-5+deb8u1
@@ -74430,6 +74462,7 @@
NOTE: http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26933
NOTE: http://web.archive.org/web/20150428140926/http://trac.imagemagick.org/changeset/17856
CVE-2015-8902 (The ReadBlobByte function in coders/pdb.c in ImageMagick 6.x before ...)
+ {DLA-960-1}
[experimental] - imagemagick 8:6.9.1.2-1
- imagemagick 8:6.8.9.9-6 (low)
[jessie] - imagemagick 8:6.8.9.9-5+deb8u1
@@ -74438,6 +74471,7 @@
NOTE: http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26932
NOTE: http://web.archive.org/web/20150428145652/http://trac.imagemagick.org/changeset/17855
CVE-2015-8901 (ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a ...)
+ {DLA-960-1}
[experimental] - imagemagick 8:6.9.1.2-1
- imagemagick 8:6.8.9.9-6
[jessie] - imagemagick 8:6.8.9.9-5+deb8u1
@@ -74445,6 +74479,7 @@
NOTE: http://www.openwall.com/lists/oss-security/2015/02/20/4
NOTE: http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26931
CVE-2015-8900 (The ReadHDRImage function in coders/hdr.c in ImageMagick 6.x and 7.x ...)
+ {DLA-960-1}
[experimental] - imagemagick 8:6.9.1.2-1
- imagemagick 8:6.8.9.9-6
[jessie] - imagemagick 8:6.8.9.9-5+deb8u1
@@ -84469,7 +84504,7 @@
CVE-2014-8731 (PHPMemcachedAdmin 1.2.2 and earlier allows remote attackers to execute ...)
NOT-FOR-US: phpMemcachedAdmin
CVE-2014-8716 (The JPEG decoder in ImageMagick before 6.8.9-9 allows local users to ...)
- {DLA-90-1}
+ {DLA-960-1 DLA-90-1}
- imagemagick 8:6.8.9.9-3 (bug #768494)
[squeeze] - imagemagick <no-dsa> (Minor issue)
NOTE: http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26456
@@ -84842,7 +84877,7 @@
[squeeze] - imagemagick <not-affected> (Vulnerable code not present)
NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
CVE-2014-8355 (PCX parser code in ImageMagick before 6.8.9-9 allows remote attackers ...)
- {DLA-242-1}
+ {DLA-960-1 DLA-242-1}
- imagemagick 8:6.8.9.9-1 (bug #767240)
[squeeze] - imagemagick <no-dsa> (Minor issue)
NOTE: https://int21.de/cve/CVE-2014-8355-pcx-oob-heap-overflow.html
@@ -84851,11 +84886,11 @@
[squeeze] - graphicsmagick <no-dsa> (Minor issue)
NOTE: http://sourceforge.net/p/graphicsmagick/code/ci/4426024497f9ed26cbadc5af5a5de55ac84796ff/ (graphicsmagick)
CVE-2014-8562 (DCM decode in ImageMagick before 6.8.9-9 allows remote attackers to ...)
- {DLA-242-1}
+ {DLA-960-1 DLA-242-1}
- imagemagick 8:6.8.9.9-1 (bug #767240)
[squeeze] - imagemagick <no-dsa> (Minor issue)
CVE-2014-8354 (The HorizontalFilter function in resize.c in ImageMagick before ...)
- {DLA-242-1}
+ {DLA-960-1 DLA-242-1}
- imagemagick 8:6.8.9.9-1
[squeeze] - imagemagick <no-dsa> (Minor issue)
NOTE: https://int21.de/cve/CVE-2014-8354-oob-heap-overflow.html
More information about the Secure-testing-commits
mailing list