[Secure-testing-commits] r57385 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Mon Nov 6 21:56:28 UTC 2017 

Author: jmm
Date: 2017-11-06 21:56:27 +0000 (Mon, 06 Nov 2017)
New Revision: 57385

Modified:
   data/CVE/list
Log:
im triage


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-11-06 21:42:20 UTC (rev 57384)
+++ data/CVE/list	2017-11-06 21:56:27 UTC (rev 57385)
@@ -6129,6 +6129,8 @@
 CVE-2017-14400 (In ImageMagick 7.0.7-1 Q16, the PersistPixelCache function in ...)
 	{DLA-1131-1}
 	- imagemagick <unfixed> (low; bug #878546)
+	[stretch] - imagemagick <no-dsa> (Minor issue)
+	[jessie] - imagemagick <no-dsa> (Minor issue)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/746
 	NOTE: im6 patch: https://github.com/ImageMagick/ImageMagick/commit/04b863f15effa4375e4ee42f413f0246062b48af
 	NOTE: im6 patch: https://github.com/ImageMagick/ImageMagick/commit/44a55580ac8c01d8cff1e6e0063820af113f8591
@@ -6257,6 +6259,8 @@
 CVE-2017-14341 (ImageMagick 7.0.6-6 has a large loop vulnerability in ReadWPGImage in ...)
 	{DLA-1131-1}
 	- imagemagick <unfixed> (low; bug #876105)
+	[stretch] - imagemagick <no-dsa> (Minor issue)
+	[jessie] - imagemagick <no-dsa> (Minor issue)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/654
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/7d63315a64267c565d1f34b9cb523a14616fed24
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/4eae304e773bad8a876c3c26fdffac24d4253ae4
@@ -6513,6 +6517,8 @@
 CVE-2017-14249 (ImageMagick 7.0.6-8 Q16 mishandles EOF checks in ReadMPCImage in ...)
 	{DLA-1131-1}
 	- imagemagick <unfixed> (low; bug #876099)
+	[stretch] - imagemagick <no-dsa> (Minor issue)
+	[jessie] - imagemagick <no-dsa> (Minor issue)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/708
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/2071d67ebf729f76d73c33c1152df4816d1d79ac
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/66112b7a7b64f688efe6fec53a829874a74dea04
@@ -6728,23 +6734,31 @@
 	NOT-FOR-US: aacplusenc
 CVE-2017-14175 (In coders/xbm.c in ImageMagick 7.0.6-1 Q16, a DoS in ReadXBMImage() due ...)
 	{DLA-1131-1}
-	- imagemagick <unfixed> (bug #875502)
+	- imagemagick <unfixed> (low; bug #875502)
+	[stretch] - imagemagick <no-dsa> (Minor issue)
+	[jessie] - imagemagick <no-dsa> (Minor issue)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/712
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/b8c63b156bf26b52e710b1a0643c846a6cd01e56
 CVE-2017-14174 (In coders/psd.c in ImageMagick 7.0.7-0 Q16, a DoS in ...)
 	{DLA-1131-1}
-	- imagemagick <unfixed> (bug #875503)
+	- imagemagick <unfixed> (low; bug #875503)
+	[stretch] - imagemagick <no-dsa> (Minor issue)
+	[jessie] - imagemagick <no-dsa> (Minor issue)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/714
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/04a567494786d5bb50894fc8bb8fea0cf496bea8
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/f68a98a9d385838a1c73ec960a14102949940a64
 CVE-2017-14173 (In the function ReadTXTImage() in coders/txt.c in ImageMagick 7.0.6-10, ...)
 	{DLA-1131-1}
-	- imagemagick <unfixed> (bug #875504)
+	- imagemagick <unfixed> (low; bug #875504)
+	[stretch] - imagemagick <no-dsa> (Minor issue)
+	[jessie] - imagemagick <no-dsa> (Minor issue)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/713
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/48bcf7c39302cdf9b0d9202ad03bf1b95152c44d
 CVE-2017-14172 (In coders/ps.c in ImageMagick 7.0.7-0 Q16, a DoS in ReadPSImage() due ...)
 	{DLA-1131-1}
-	- imagemagick <unfixed> (bug #875506)
+	- imagemagick <unfixed> (low; bug #875506)
+	[stretch] - imagemagick <no-dsa> (Minor issue)
+	[jessie] - imagemagick <no-dsa> (Minor issue)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/715
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/8598a497e2d1f556a34458cf54b40ba40674734c
 CVE-2017-14171 (In libavformat/nsvdec.c in FFmpeg 3.3.3, a DoS in ...)
@@ -7154,7 +7168,9 @@
 	NOTE: https://gitlab.com/libidn/libidn2/commit/16853b6973a1e72fee2b7cccda85472cb9951305
 CVE-2017-14060 (In ImageMagick 7.0.6-10, a NULL Pointer Dereference issue is present in ...)
 	{DLA-1131-1}
-	- imagemagick <unfixed> (bug #878506)
+	[stretch] - imagemagick <no-dsa> (Minor issue)
+	[jessie] - imagemagick <no-dsa> (Minor issue)
+	- imagemagick <unfixed> (low; bug #878506)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/710
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/c535e1f1a6b1faaa35e007df4fc535ec08daa97c
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/5bdfef29f5e6744f36f25ec04583c6b6f4a13b48
@@ -7797,6 +7813,8 @@
 CVE-2017-13768 (Null Pointer Dereference in the IdentifyImage function in ...)
 	{DLA-1131-1}
 	- imagemagick <unfixed> (low; bug #875352)
+	[stretch] - imagemagick <no-dsa> (Minor issue)
+	[jessie] - imagemagick <no-dsa> (Minor issue)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/706
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/152e510e2b7858efe5992ed95090d8e0049417f3
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/2c1b360d80e5f8f7c7108c0afedde64ab79318ff
@@ -9313,7 +9331,7 @@
 	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/446/
 CVE-2017-13146 (In ImageMagick before 6.9.8-5 and 7.x before 7.0.5-6, there is a memory ...)
 	{DLA-1081-1}
-	- imagemagick 8:6.9.7.4+dfsg-14 (bug #870013)
+	- imagemagick 8:6.9.7.4+dfsg-14 (unimportant; bug #870013)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/437a35e57db5ec078f4a3ccbf71f941276e88430
 CVE-2017-13141 (In ImageMagick before 6.9.9-4 and 7.x before 7.0.6-4, a crafted file ...)
 	{DSA-4019-1}
@@ -9335,7 +9353,9 @@
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/1b234b4fe2ec864b2d5af898a31c06c9736da904
 CVE-2017-13133 (In ImageMagick 7.0.6-8, the load_level function in coders/xcf.c lacks ...)
 	{DLA-1081-1}
-	- imagemagick <unfixed> (bug #873100)
+	- imagemagick <unfixed> (low; bug #873100)
+	[stretch] - imagemagick <no-dsa> (Minor issue)
+	[jessie] - imagemagick <no-dsa> (Minor issue)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/679
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/19dbe11c5060f66abb393d1945107c5f54894fa8
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/fad03699658d2607562a8487c944c300d59a1ca5
@@ -9527,6 +9547,7 @@
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/669
 CVE-2017-13061 (In ImageMagick 7.0.6-5, a length-validation vulnerability was found in ...)
 	- imagemagick <unfixed> (bug #873131)
+	[stretch] - imagemagick <no-dsa> (Minor issue)
 	[jessie] - imagemagick <not-affected> (Vulnerable code not present)
 	[wheezy] - imagemagick <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/645
@@ -10677,7 +10698,9 @@
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/1cc6f0ccc92c20c7cab6c4a7335daf29c91f0d8e
 CVE-2017-12875 (The WritePixelCachePixels function in ImageMagick 7.0.6-6 allows ...)
 	{DLA-1131-1}
-	- imagemagick <unfixed> (bug #873871)
+	- imagemagick <unfixed> (low; bug #873871)
+	[stretch] - imagemagick <no-dsa> (Minor issue)
+	[jessie] - imagemagick <no-dsa> (Minor issue)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/659
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/6f95e543c80319721e22d623bb23712cd29afa9e
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/d96b55ea41e71de43663818ccd17c6af3fa6c4fd
@@ -11180,19 +11203,25 @@
 	NOTE: Introduced by: https://github.com/curl/curl/commit/7c312f84ea930d8
 CVE-2017-12693 (The ReadBMPImage function in coders/bmp.c in ImageMagick 7.0.6-6 ...)
 	{DLA-1131-1}
-	- imagemagick <unfixed> (bug #875341)
+	- imagemagick <unfixed> (low; bug #875341)
+	[stretch] - imagemagick <no-dsa> (Minor issue)
+	[jessie] - imagemagick <no-dsa> (Minor issue)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/652
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/75fcbf5d649bba046c6a0db650a518f7bfc0fb3f
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/6709bd585b9609a9cf98a7042089f3e725886d5e
 CVE-2017-12692 (The ReadVIFFImage function in coders/viff.c in ImageMagick 7.0.6-6 ...)
 	{DLA-1131-1}
-	- imagemagick <unfixed> (bug #875339)
+	- imagemagick <unfixed> (low; bug #875339)
+	[stretch] - imagemagick <no-dsa> (Minor issue)
+	[jessie] - imagemagick <no-dsa> (Minor issue)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/653
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/4a25fe5447bfb3a1918a2e9d595928e853b09d2e
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/5919dc606bc1d6022d3d2d205a91fdbe98de9e15
 CVE-2017-12691 (The ReadOneLayer function in coders/xcf.c in ImageMagick 7.0.6-6 ...)
 	{DLA-1131-1}
-	- imagemagick <unfixed> (bug #875338)
+	- imagemagick <unfixed> (low; bug #875338)
+	[stretch] - imagemagick <no-dsa> (Minor issue)
+	[jessie] - imagemagick <no-dsa> (Minor issue)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/656
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/f1ea048a3a34df293764502401d966aeacf9179d
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/68bbe7b8b226ed79e339296793f68f1b2bebc519
@@ -11232,20 +11261,22 @@
 	NOT-FOR-US: IdentityServer
 CVE-2017-12676 (In ImageMagick 7.0.6-3, a memory leak vulnerability was found in the ...)
 	{DLA-1081-1}
-	- imagemagick 8:6.9.7.4+dfsg-15 (bug #870118)
+	- imagemagick 8:6.9.7.4+dfsg-15 (unimportant; bug #870118)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/618
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/387adbe4b05a545b9f3972e862602480c850303c
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/7287f50888c26b133ee173816332fcaec4e8cb62
 CVE-2017-12675 (In ImageMagick 7.0.6-3, a missing check for multidimensional data was ...)
 	{DLA-1081-1}
-	- imagemagick 8:6.9.7.4+dfsg-14 (bug #870022)
+	- imagemagick 8:6.9.7.4+dfsg-14 (unimportant; bug #870022)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/616
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/7a020acbcfea6e53eff6766c87ea175eac9dcd18
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/e33a39a6a168cdd800fd160e8f93f0059432bdf7
 CVE-2017-12674 (In ImageMagick 7.0.6-2, a CPU exhaustion vulnerability was found in the ...)
 	{DLA-1081-1}
 	[experimental] - imagemagick 8:6.9.9.6+dfsg-1
-	- imagemagick <unfixed> (bug #872609)
+	- imagemagick <unfixed> (low; bug #872609)
+	[stretch] - imagemagick <no-dsa> (Minor issue)
+	[jessie] - imagemagick <no-dsa> (Minor issue)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/604
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/91651bd482b6637cf650700ffd7b3b63de1cb049
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/5a91708c6b70bd4e3d2b931465307e0aeababb3c
@@ -11306,7 +11337,7 @@
 	NOT-FOR-US: NexusPHP
 CVE-2017-12654 (The ReadPICTImage function in coders/pict.c in ImageMagick 7.0.6-3 ...)
 	{DLA-1081-1}
-	- imagemagick 8:6.9.7.4+dfsg-16 (bug #870502)
+	- imagemagick 8:6.9.7.4+dfsg-16 (unimportant; bug #870502)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/620
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/ffcb8f8e2248fde38a2cb30aeb48403d2b3471cc
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/f2c26fa4db84e92d754c7f8b269db2883cf7f32c
@@ -11530,6 +11561,7 @@
 CVE-2017-12587 (ImageMagick 7.0.6-1 has a large loop vulnerability in the ReadPWPImage ...)
 	{DSA-4019-1 DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-16 (bug #870526)
+	[jessie] - imagemagick <no-dsa> (Minor issue)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/535
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/bb5b16c512977e8134701063e0adb05a4a342add
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/d4192df5eb03892089806d52a317cc3101856726
@@ -11596,7 +11628,9 @@
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/a4779cfbee2e4235fa9f9f8f2e58dca17f7ccc6b
 CVE-2017-12563 (In ImageMagick 7.0.6-2, a memory exhaustion vulnerability was found in ...)
 	{DLA-1081-1}
-	- imagemagick 8:6.9.7.4+dfsg-16 (bug #870530)
+	- imagemagick 8:6.9.7.4+dfsg-16 (low; bug #870530)
+	[stretch] - imagemagick <no-dsa> (Minor issue)
+	[jessie] - imagemagick <no-dsa> (Minor issue)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/599
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/82b53bd74df1489332e4043035a51b43f54d43f1
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/7d3af83d8b946f952bfd028451e6dfb1f7ace07a
@@ -11932,7 +11966,9 @@
 	RESERVED
 CVE-2017-12435 (In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in ...)
 	{DLA-1081-1}
-	- imagemagick 8:6.9.7.4+dfsg-16 (bug #870504)
+	- imagemagick 8:6.9.7.4+dfsg-16 (low; bug #870504)
+	[stretch] - imagemagick <no-dsa> (Minor issue)
+	[jessie] - imagemagick <no-dsa> (Minor issue)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/543
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/2dd8d55742fce7d079b6a16039c18e49c091224f
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/44cb8dfd4cbe6fc475c863a5946cff64e34c2088
@@ -11945,13 +11981,17 @@
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/0a170d18390d3762586f164e6abe3c4766d14620
 CVE-2017-12432 (In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in ...)
 	{DSA-4019-1 DLA-1081-1}
-	- imagemagick 8:6.9.7.4+dfsg-16 (bug #870491)
+	- imagemagick 8:6.9.7.4+dfsg-16 (low; bug #870491)
+	[stretch] - imagemagick <no-dsa> (Minor issue)
+	[jessie] - imagemagick <no-dsa> (Minor issue)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/536
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/061de02095a56d438409c63f723f340b2d9d36c7
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/3ded916c5da6febe9660c3cfa44c3114567adf74
 CVE-2017-12429 (In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in ...)
 	{DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-13
+	[stretch] - imagemagick <no-dsa> (Minor issue)
+	[jessie] - imagemagick <no-dsa> (Minor issue)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/545
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/30a74ed25a4890acfa94f452d653d54c9628c87e
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/3ac6c73d39d59a7b0285b3756810272121759a31
@@ -11959,7 +11999,7 @@
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/546#issuecomment-313968413
 CVE-2017-12427 (The ProcessMSLScript function in coders/msl.c in ImageMagick before ...)
 	{DLA-1081-1}
-	- imagemagick 8:6.9.7.4+dfsg-16 (bug #870525)
+	- imagemagick 8:6.9.7.4+dfsg-16 (unimportant; bug #870525)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/636
 	NOTE: ImageMagick-7: https://github.com/ImageMagick/ImageMagick/commit/e793eb203e5e0f91f5037aed6585e81b1e27395b
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/841f7b27dc88c685c61252d59b7e20e94c982456
@@ -12682,7 +12722,9 @@
 CVE-2017-12140 (The ReadDCMImage function in coders\dcm.c in ImageMagick 7.0.6-1 has an ...)
 	{DLA-1081-1}
 	[experimental] - imagemagick 8:6.9.9.6+dfsg-1
-	- imagemagick <unfixed> (bug #873059)
+	- imagemagick <unfixed> (low; bug #873059)
+	[stretch] - imagemagick <no-dsa> (Minor issue)
+	[jessie] - imagemagick <no-dsa> (Minor issue)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/533
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/94933146cb2d9d95889a385f08d5eb5f92d4e3cd
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/6bf56fbe1fc551f198c3491ed58d56bb5efea23c
@@ -13505,6 +13547,8 @@
 CVE-2017-13140 (In ImageMagick before 6.9.9-1 and 7.x before 7.0.6-2, the ...)
 	{DSA-4019-1}
 	- imagemagick 8:6.9.7.4+dfsg-15 (bug #870111)
+	[stretch] - imagemagick <no-dsa> (Minor issue)
+	[jessie] - imagemagick <not-affected> (Vulnerable code not present)
 	[wheezy] - imagemagick <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/596
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/62fcf3d9638b87cd7ac81962cadf5bf88db62fa0
@@ -13515,7 +13559,9 @@
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/22e0310345499ffe906c604428f2a3a668942b05
 CVE-2017-12643 (ImageMagick 7.0.6-1 has a memory exhaustion vulnerability in ...)
 	{DLA-1081-1}
-	- imagemagick 8:6.9.7.4+dfsg-15 (bug #870107)
+	- imagemagick 8:6.9.7.4+dfsg-15 (low; bug #870107)
+	[stretch] - imagemagick <no-dsa> (Minor issue)
+	[jessie] - imagemagick <no-dsa> (Minor issue)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/549
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/9eedb5660f1704cde8e8cd784c5c2a09dd2fd60f
 CVE-2017-13142 (In ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1, a crafted PNG ...)
@@ -13538,13 +13584,13 @@
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/629
 CVE-2017-11752 (The ReadMAGICKImage function in coders/magick.c in ImageMagick 7.0.6-4 ...)
 	{DLA-1081-1}
-	- imagemagick 8:6.9.7.4+dfsg-16 (bug #870481)
+	- imagemagick 8:6.9.7.4+dfsg-16 (unimportant; bug #870481)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/628
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/21d19d0c64ff070dbf37279432837bf425c0d5dd
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/9eccfd52199616da66c93b6d627d4d4126f5a5f0
 CVE-2017-11751 (The WritePICONImage function in coders/xpm.c in ImageMagick 7.0.6-4 ...)
 	{DLA-1081-1}
-	- imagemagick 8:6.9.7.4+dfsg-16 (bug #870480)
+	- imagemagick 8:6.9.7.4+dfsg-16 (unimportant; bug #870480)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/631
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/cb713211bad3fa4f0c535255fa043917482fc964
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/b04e9c949d917a4a603f1a9bfe09737246229323
@@ -13636,18 +13682,22 @@
 	NOT-FOR-US: Xinha
 CVE-2017-11724 (The ReadMATImage function in coders/mat.c in ImageMagick through ...)
 	{DLA-1081-1}
-	- imagemagick 8:6.9.7.4+dfsg-14 (bug #870023)
+	- imagemagick 8:6.9.7.4+dfsg-14 (unimportant; bug #870023)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/624
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/5163756a1f829a561912dfdb74a0dae41d8ed8cf
 CVE-2017-12670 (In ImageMagick 7.0.6-3, missing validation was found in coders/mat.c, ...)
 	{DLA-1081-1}
-	- imagemagick 8:6.9.7.4+dfsg-14 (bug #870020)
+	- imagemagick 8:6.9.7.4+dfsg-14 (low; bug #870020)
+	[stretch] - imagemagick <no-dsa> (Minor issue)
+	[jessie] - imagemagick <no-dsa> (Minor issue)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/610
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/ab440f9ea11e0dbefb7a808cbb9441198758b0cb
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/75db34b6a4d642cb6f88c792942de27490c900e0
 CVE-2017-13658 (In ImageMagick before 6.9.9-3 and 7.x before 7.0.6-3, there is a ...)
 	{DLA-1081-1}
-	- imagemagick 8:6.9.7.4+dfsg-14 (bug #870019)
+	- imagemagick 8:6.9.7.4+dfsg-14 (low; bug #870019)
+	[stretch] - imagemagick <no-dsa> (Minor issue)
+	[jessie] - imagemagick <no-dsa> (Minor issue)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/598
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/e5c063a1007506ba69e97a35effcdef944421c89
 CVE-2017-12434 (In ImageMagick 7.0.6-1, a missing NULL check vulnerability was found in ...)
@@ -14049,12 +14099,14 @@
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/9b580ad0564aefd9beeccbcbb8d62ccd05795a84
 CVE-2017-12430 (In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in ...)
 	{DLA-1081-1}
-	- imagemagick 8:6.9.7.4+dfsg-13 (bug #869727)
+	- imagemagick 8:6.9.7.4+dfsg-13 (low; bug #869727)
+	[stretch] - imagemagick <no-dsa> (Minor issue)
+	[jessie] - imagemagick <no-dsa> (Minor issue)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/546
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/98e5d0001cda195da0e8ea7650ab85c6f8333ff5
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/8d537f6d778675e08ef9d238606d05101bf471b9
 CVE-2017-XXXX [memory leak in quantize]
-	- imagemagick 8:6.9.7.4+dfsg-13 (bug #869722)
+	- imagemagick 8:6.9.7.4+dfsg-13 (unimportant; bug #869722)
 	[wheezy] - imagemagick 8:6.7.7.10-5+deb7u16
 	NOTE: Workaround entry for DLA-1081-1 since no CVE assigned
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/574
@@ -14072,7 +14124,7 @@
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/5660836f9197107e9c38f14f27a45c2d9f26afe2
 CVE-2017-12428 (In ImageMagick 7.0.6-1, a memory leak vulnerability was found in the ...)
 	{DSA-4019-1 DLA-1081-1}
-	- imagemagick 8:6.9.7.4+dfsg-13 (bug #869713)
+	- imagemagick 8:6.9.7.4+dfsg-13 (unimportant; bug #869713)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/544
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/b2b48d50300a9fbcd0aa0d9230fd6d7a08f7671e
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/f37d26336bf13737db45e556c25fc098f8a8b277
@@ -14356,7 +14408,8 @@
 	NOTE: Introduced after: https://github.com/ImageMagick/ImageMagick/commit/0bf18387ae1336475631284854b664d0e2d89697
 CVE-2017-11537 (When ImageMagick 7.0.6-1 processes a crafted file in convert, it can ...)
 	{DSA-4019-1 DLA-1081-1}
-	- imagemagick 8:6.9.7.4+dfsg-13 (bug #869712)
+	- imagemagick 8:6.9.7.4+dfsg-13 (low; bug #869712)
+	[jessie] - imagemagick <no-dsa> (Minor issue)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/560
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/2bbc1b96f0d9371df675fdf7b8fc9bd4a42ae9cd
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/bac384563f557d1ac7413d2eaec00dd59c3cc29b
@@ -14443,7 +14496,8 @@
 	NOTE: https://twitter.com/pissquark/status/888142796414226432
 CVE-2017-11523 (The ReadTXTImage function in coders/txt.c in ImageMagick through ...)
 	{DSA-4019-1 DLA-1081-1}
-	- imagemagick 8:6.9.7.4+dfsg-14 (bug #869210)
+	- imagemagick 8:6.9.7.4+dfsg-14 (low; bug #869210)
+	[jessie] - imagemagick <no-dsa> (Minor issue)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/591
 	NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/83e0f8ffd7eeb7661b0ff83257da23d24ca7f078
 	NOTE: Fixed by (ImageMagick-6): https://github.com/ImageMagick/ImageMagick/commit/a8f9c2aabed37cd6a728532d1aed13ae0f3dfd78
@@ -14602,7 +14656,8 @@
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/8c10b9247509c0484b55330458846115131ec2ae#diff-0a5dc34e461f3c458e758c199f2dc46d
 CVE-2017-11446 (The ReadPESImage function in coders\pes.c in ImageMagick 7.0.6-1 has an ...)
 	{DSA-4019-1 DLA-1081-1}
-	- imagemagick 8:6.9.7.4+dfsg-13 (bug #868950)
+	- imagemagick 8:6.9.7.4+dfsg-13 (low; bug #868950)
+	[jessie] - imagemagick <no-dsa> (Minor issue)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/537
 	NOTE: ImageMagick-7: https://github.com/ImageMagick/ImageMagick/commit/787ee25e9fb0e4e0509121342371d925fe5044f8
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/96182884778bfc43d6a9a0abd90cedb5d8cf8977
@@ -14958,6 +15013,7 @@
 CVE-2017-11505 (The ReadOneJNGImage function in coders/png.c in ImageMagick through ...)
 	{DSA-3914-1 DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-12 (bug #867824)
+	[jessie] - imagemagick <no-dsa> (Minor issue)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/526
 CVE-2017-11530 (The ReadEPTImage function in coders/ept.c in ImageMagick before 6.9.9-0 ...)
 	{DSA-3914-1 DLA-1081-1}
@@ -15384,7 +15440,7 @@
 CVE-2017-11167 (FineCMS 2.1.0 allows remote attackers to execute arbitrary PHP code by ...)
 	NOT-FOR-US: FineCMS
 CVE-2017-11166 (The ReadXWDImage function in coders\xwd.c in ImageMagick 7.0.5-6 has a ...)
-	- imagemagick 8:6.9.7.4+dfsg-7 (low; bug #868263)
+	- imagemagick 8:6.9.7.4+dfsg-7 (unimportant; bug #868263)
 	[wheezy] - imagemagick 8:6.7.7.10-5+deb7u14
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/471
 CVE-2017-11165 (dataTaker DT80 dEX 1.50.012 allows remote attackers to obtain sensitive ...)

More information about the Secure-testing-commits mailing list