[Secure-testing-commits] r57216 - data/CVE

Wed Nov 1 21:20:20 UTC 2017

Author: carnil
Date: 2017-11-01 21:20:20 +0000 (Wed, 01 Nov 2017)
New Revision: 57216

Modified:
   data/CVE/list
Log:
Add CVE-2017-16352

Modified: data/CVE/list
===================================================================

--- data/CVE/list	2017-11-01 21:17:29 UTC (rev 57215)
+++ data/CVE/list	2017-11-01 21:20:20 UTC (rev 57216)
@@ -315,7 +315,9 @@
 	NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick?cmd=changeset;node=e4e1c2a581d8
 	NOTE: https://blogs.securiteam.com/index.php/archives/3494
 CVE-2017-16352 (GraphicsMagick 1.3.26 is vulnerable to a heap-based buffer overflow ...)
-	TODO: check
+	- graphicsmagick <unfixed>
+	NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick?cmd=changeset;node=7292230dd185
+	NOTE: https://blogs.securiteam.com/index.php/archives/3494
 CVE-2017-1001001 (PluXml version 5.6 is vulnerable to stored cross-site scripting ...)
 	TODO: check
 CVE-2017-1000244 (Jenkins Favorite Plugin version 2.2.0 and older is vulnerable to CSRF ...)


