[Secure-testing-commits] r56599 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Wed Oct 11 09:17:30 UTC 2017
Author: carnil
Date: 2017-10-11 09:17:30 +0000 (Wed, 11 Oct 2017)
New Revision: 56599
Modified:
data/CVE/list
Log:
Add two imagemagick issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-10-11 09:14:53 UTC (rev 56598)
+++ data/CVE/list 2017-10-11 09:17:30 UTC (rev 56599)
@@ -100,9 +100,15 @@
CVE-2017-15219 (The dotCMS 4.1.1 application is vulnerable to Stored Cross-Site ...)
TODO: check
CVE-2017-15218 (ImageMagick 7.0.7-2 has a memory leak in ReadOneJNGImage in ...)
- TODO: check
+ - imagemagick <unfixed> (unimportant)
+ NOTE: https://github.com/ImageMagick/ImageMagick/issues/760
+ NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/698c09d05a749664288281012f319cd51da664ee
+ NOTE: https://github.com/ImageMagick/ImageMagick/commit/6387479aa974709d5c329c8efbde38175f386844
CVE-2017-15217 (ImageMagick 7.0.7-2 has a memory leak in ReadSGIImage in coders/sgi.c. ...)
- TODO: check
+ - imagemagick <unfixed> (unimportant)
+ NOTE: https://github.com/ImageMagick/ImageMagick/issues/759
+ NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/9bad9cd6752bf8dc5825f555fd1117855bd2fc47
+ NOTE: https://github.com/ImageMagick/ImageMagick/commit/8fa3c10977f668c92688272a4802f4477df61076
CVE-2016-10514 (url_check_format in include/functions.inc.php in Piwigo before 2.8.3 ...)
- piwigo <removed>
CVE-2016-10513 (Cross Site Scripting (XSS) exists in Piwigo before 2.8.3 via a crafted ...)
More information about the Secure-testing-commits
mailing list