[Secure-testing-commits] r57381 - data/CVE
Ola Lundqvist
opal at moszumanska.debian.org
Mon Nov 6 20:53:43 UTC 2017
Author: opal
Date: 2017-11-06 20:53:43 +0000 (Mon, 06 Nov 2017)
New Revision: 57381
Modified:
data/CVE/list
Log:
Note fix.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-11-06 20:51:28 UTC (rev 57380)
+++ data/CVE/list 2017-11-06 20:53:43 UTC (rev 57381)
@@ -57,12 +57,12 @@
NOTE: https://github.com/ImageMagick/ImageMagick/issues/851
CVE-2017-16545 (The ReadWPGImage function in coders/wpg.c in GraphicsMagick 1.3.26 does ...)
- graphicsmagick 1.3.26-18
+ [wheezy] - graphicsmagick <no-dsa> (Not possible to trigger with presented test case)
NOTE: http://hg.code.sf.net/p/graphicsmagick/code/rev/e8086faa52d0
NOTE: https://sourceforge.net/p/graphicsmagick/bugs/519/
NOTE: The wheezy version gives an assert before the vulnerability can be triggered. Due to this
NOTE: the severity of the wheezy version is low even though the vulnerable code is still present.
NOTE: The patch is trivial so it may be worth fixing in combination with some other fix.
- [wheezy] - graphicsmagick <no-dsa> (Not possible to trigger with presented test case)
CVE-2017-16544
RESERVED
CVE-2017-16543 (Zoho ManageEngine Applications Manager 13 allows SQL injection via ...)
More information about the Secure-testing-commits
mailing list