[Secure-testing-commits] r56699 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sat Oct 14 15:22:38 UTC 2017
Author: carnil
Date: 2017-10-14 15:22:38 +0000 (Sat, 14 Oct 2017)
New Revision: 56699
Modified:
data/CVE/list
Log:
mark CVE-2017-15016/imagemagick as unimportant
Although vulnerable source present we do not compile emf.c.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-10-14 15:17:17 UTC (rev 56698)
+++ data/CVE/list 2017-10-14 15:22:38 UTC (rev 56699)
@@ -760,10 +760,11 @@
NOTE: https://github.com/ImageMagick/ImageMagick/commit/0cff8bac0a47f8693cfe57f026fcd752689ff375
CVE-2017-15016 (ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability in ...)
{DLA-1131-1}
- - imagemagick <unfixed>
+ - imagemagick <unfixed> (unimportant)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/725
NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/8254d24b86a62803231773ecf54c707aef4a1457
NOTE: https://github.com/ImageMagick/ImageMagick/commit/27f8ba82ddd665ab41cef6588128f680cbd69905
+ NOTE: emf.c not compiled under Debian
CVE-2017-15015 (ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability in ...)
- imagemagick <unfixed>
[wheezy] - imagemagick <not-affected> (Vulnerable code not present)
More information about the Secure-testing-commits
mailing list