[Secure-testing-commits] r57585 - data/CVE

security tracker role sectracker at moszumanska.debian.org
Sun Nov 12 21:10:13 UTC 2017 

Author: sectracker
Date: 2017-11-12 21:10:13 +0000 (Sun, 12 Nov 2017)
New Revision: 57585

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-11-12 20:47:07 UTC (rev 57584)
+++ data/CVE/list	2017-11-12 21:10:13 UTC (rev 57585)
@@ -1,3 +1,15 @@
+CVE-2017-16800
+	RESERVED
+CVE-2017-16799 (In CMS Made Simple 2.2.3.1, in modules/New/action.addcategory.php, ...)
+	TODO: check
+CVE-2017-16798 (In CMS Made Simple 2.2.3.1, the is_file_acceptable function in ...)
+	TODO: check
+CVE-2017-16797 (In SWFTools 0.9.2, the png_load function in lib/png.c does not properly ...)
+	TODO: check
+CVE-2017-16796 (In SWFTools 0.9.2, the png_load function in lib/png.c does not check ...)
+	TODO: check
+CVE-2017-16795
+	RESERVED
 CVE-2017-16794 (The png_load function in lib/png.c in SWFTools 0.9.2 does not properly ...)
 	- swftools <unfixed>
 	NOTE: https://github.com/matthiaskramm/swftools/issues/50
@@ -3947,7 +3959,7 @@
 CVE-2017-15278 (Cross-Site Scripting (XSS) was discovered in TeamPass before 2.1.27.9. ...)
 	NOT-FOR-US: TeamPass
 CVE-2017-15277 (ReadGIFImage in coders/gif.c in ImageMagick 7.0.6-1 and GraphicsMagick ...)
-	{DLA-1140-1 DLA-1139-1}
+	{DSA-4032-1 DLA-1140-1 DLA-1139-1}
 	- imagemagick <unfixed> (bug #878578)
 	- graphicsmagick 1.3.26-14
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/9fd10cf630832b36a588c1545d8736539b2f1fb5
@@ -4869,7 +4881,7 @@
 	NOTE: https://core.trac.wordpress.org/ticket/38474
 	NOTE: Wordpress in Wheezy requires a database upgrade and backports of new functions
 CVE-2017-14989 (A use-after-free in RenderFreetype in MagickCore/annotate.c in ...)
-	{DLA-1131-1}
+	{DSA-4032-1 DLA-1131-1}
 	- imagemagick <unfixed> (bug #878562)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/781
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/97740ccc177ee264e79091fa573d994eb6b05628
@@ -5752,7 +5764,7 @@
 CVE-2017-14683 (geminabox (aka Gem in a Box) before 0.13.7 has CSRF, as demonstrated by ...)
 	NOT-FOR-US: geminabox
 CVE-2017-14682 (GetNextToken in MagickCore/token.c in ImageMagick 7.0.6 allows remote ...)
-	{DLA-1131-1}
+	{DSA-4032-1 DLA-1131-1}
 	- imagemagick <unfixed> (bug #876488)
 	NOTE: https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=32726
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/3bee958ee63eb6ec62834d0c7b28b4b6835e6a00
@@ -5987,7 +5999,7 @@
 	NOTE: https://github.com/LibRaw/LibRaw/commit/d13e8f6d1e987b7491182040a188c16a395f1d21
 	NOTE: https://github.com/LibRaw/LibRaw/issues/101
 CVE-2017-14607 (In ImageMagick 7.0.7-4 Q16, an out of bounds read flaw related to ...)
-	{DLA-1131-1}
+	{DSA-4032-1 DLA-1131-1}
 	- imagemagick <unfixed> (low; bug #878527)
 	NOTE: IM6 patch: https://github.com/ImageMagick/ImageMagick/commit/cd665c3d05b46d1579c738a72214175ff50aec74
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/765
@@ -7082,7 +7094,7 @@
 	- libav <undetermined>
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/837cb4325b712ff1aab531bf41668933f61d75d2
 CVE-2017-14224 (A heap-based buffer overflow in WritePCXImage in coders/pcx.c in ...)
-	{DLA-1131-1}
+	{DSA-4032-1 DLA-1131-1}
 	- imagemagick <unfixed> (bug #876097)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/733
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/7f2d6fe34d695d3445e2d50937db5541a1b76bde
@@ -8296,7 +8308,7 @@
 CVE-2017-13770
 	RESERVED
 CVE-2017-13769 (The WriteTHUMBNAILImage function in coders/thumbnail.c in ImageMagick ...)
-	{DLA-1131-1}
+	{DSA-4032-1 DLA-1131-1}
 	- imagemagick <unfixed> (low; bug #878507)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/705
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/45d342155b5e9b83904c695411d20f33cf9b524c
@@ -8346,7 +8358,7 @@
 CVE-2017-13759
 	RESERVED
 CVE-2017-13758 (In ImageMagick 7.0.6-10, there is a heap-based buffer overflow in the ...)
-	{DLA-1131-1}
+	{DSA-4032-1 DLA-1131-1}
 	- imagemagick <unfixed> (bug #878508)
 	NOTE: https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=32583
 	NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/ef6cee1bcf144b7c9285787920361a53296e7907
@@ -9840,7 +9852,7 @@
 CVE-2017-13135
 	RESERVED
 CVE-2017-13134 (In ImageMagick 7.0.6-6 and GraphicsMagick 1.3.26, a heap-based buffer ...)
-	{DLA-1081-1}
+	{DSA-4032-1 DLA-1081-1}
 	- imagemagick <unfixed> (bug #873099)
 	- graphicsmagick 1.3.26-19 (bug #881524)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/670
@@ -10278,7 +10290,7 @@
 CVE-2017-12984 (PHPMyWind 5.3 has XSS in shoppingcart.php, related to message.php, ...)
 	NOT-FOR-US: PHPMyWind
 CVE-2017-12983 (Heap-based buffer overflow in the ReadSFWImage function in coders/sfw.c ...)
-	{DLA-1081-1}
+	{DSA-4032-1 DLA-1081-1}
 	- imagemagick <unfixed> (bug #873134)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/682
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/d4145e664aea3752ca6d3bf1ee825352b595dab5

More information about the Secure-testing-commits mailing list