[Secure-testing-commits] r57620 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Tue Nov 14 15:11:09 UTC 2017


Author: jmm
Date: 2017-11-14 15:11:08 +0000 (Tue, 14 Nov 2017)
New Revision: 57620

Modified:
   data/CVE/list
Log:
new firefox issues
one im issue no-dsa


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-11-14 11:21:08 UTC (rev 57619)
+++ data/CVE/list	2017-11-14 15:11:08 UTC (rev 57620)
@@ -11238,6 +11238,7 @@
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/662
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/98dda239ec398dd56453460849b4c9057fc424e5
 	NOTE: ImageMagick-7: https://github.com/ImageMagick/ImageMagick/commit/04178de2247e353fc095846784b9a10fefdbf890
+	NOTE: This doesn't affect the base releases, but got introduced via security fixes, which got backported to older suites
 CVE-2017-12876 (Heap-based buffer overflow in enhance.c in ImageMagick before 7.0.6-6 ...)
 	- imagemagick <not-affected> (Specific to Imagemagick 7, 6.x uses fixed pixel cache morphology)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/663
@@ -14464,6 +14465,7 @@
 CVE-2017-13145 (In ImageMagick before 6.9.8-8 and 7.x before 7.0.5-9, the ReadJP2Image ...)
 	{DSA-4019-1}
 	- imagemagick 8:6.9.7.4+dfsg-13 (bug #869830)
+	[jessie] - imagemagick <no-dsa> (Minor issue)
 	[wheezy] - imagemagick <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/501
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/acee073df34aa4d491bf5cb74d3a15fc80f0a3aa
@@ -25784,38 +25786,69 @@
 	RESERVED
 CVE-2017-7842
 	RESERVED
+	- firefox <unfixed>
+	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-24/#CVE-2017-7842
 CVE-2017-7841
 	RESERVED
 CVE-2017-7840
 	RESERVED
+	- firefox <unfixed>
+	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-24/#CVE-2017-7840
 CVE-2017-7839
 	RESERVED
+	- firefox <unfixed>
+	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-24/#CVE-2017-7839
 CVE-2017-7838
 	RESERVED
+	- firefox <unfixed>
+	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-24/#CVE-2017-7838
 CVE-2017-7837
 	RESERVED
+	- firefox <unfixed>
+	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-24/#CVE-2017-7837
 CVE-2017-7836
 	RESERVED
+	- firefox <unfixed>
+	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-24/#CVE-2017-7836
 CVE-2017-7835
 	RESERVED
+	- firefox <unfixed>
+	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-24/#CVE-2017-7835
 CVE-2017-7834
 	RESERVED
+	- firefox <unfixed>
+	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-24/#CVE-2017-7834
 CVE-2017-7833
 	RESERVED
+	- firefox <unfixed>
+	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-24/#CVE-2017-7833
 CVE-2017-7832
 	RESERVED
+	- firefox <unfixed>
+	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-24/#CVE-2017-7832
 CVE-2017-7831
 	RESERVED
+	- firefox <unfixed>
+	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-24/#CVE-2017-7831
 CVE-2017-7830
 	RESERVED
+	- firefox <unfixed>
+	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-24/#CVE-2017-7830
 CVE-2017-7829
 	RESERVED
 CVE-2017-7828
 	RESERVED
+	- firefox <unfixed>
+	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-24/#CVE-2017-7828
 CVE-2017-7827
 	RESERVED
+	- firefox <unfixed>
+	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-24/#CVE-2017-7827
 CVE-2017-7826
 	RESERVED
+	- firefox <unfixed>
+	- firefox-esr <unfixed>
+	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-24/#CVE-2017-7826
 CVE-2017-7825
 	RESERVED
 	- firefox <not-affected> (Only affects Firefox on OS X)




More information about the Secure-testing-commits mailing list