[Secure-testing-commits] r56362 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Mon Oct 2 18:40:23 UTC 2017


Author: carnil
Date: 2017-10-02 18:40:23 +0000 (Mon, 02 Oct 2017)
New Revision: 56362

Modified:
   data/CVE/list
Log:
Reference upstream commits for CVE-2017-14989

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-10-02 18:39:05 UTC (rev 56361)
+++ data/CVE/list	2017-10-02 18:40:23 UTC (rev 56362)
@@ -1,6 +1,8 @@
 CVE-2017-14989 (A use-after-free in RenderFreetype in MagickCore/annotate.c in ...)
 	- imagemagick <unfixed>
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/781
+	NOTE: https://github.com/ImageMagick/ImageMagick/commit/97740ccc177ee264e79091fa573d994eb6b05628
+	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/28bad01242898d7f863deedbfa8502c348293093
 CVE-2017-14988 (Header::readfrom in IlmImf/ImfHeader.cpp in OpenEXR 2.2.0 allows remote ...)
 	- openexr <unfixed>
 	NOTE: https://github.com/openexr/openexr/issues/248




More information about the Secure-testing-commits mailing list