[Secure-testing-commits] r56702 - in data: . CVE

[Ola Lundqvist]

Author: opal
Date: 2017-10-14 17:01:59 +0000 (Sat, 14 Oct 2017)
New Revision: 56702

Modified:
   data/CVE/list
   data/dla-needed.txt
Log:
Triaging.

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-10-14 16:55:45 UTC (rev 56701)
+++ data/CVE/list	2017-10-14 17:01:59 UTC (rev 56702)
@@ -179,6 +179,7 @@
 	NOT-FOR-US: IrfanView
 CVE-2017-15238 (ReadOneJNGImage in coders/png.c in GraphicsMagick 1.3.26 has a ...)
 	- graphicsmagick 1.3.26-14
+	[wheezy] - graphicsmagick <not-affected> (Vulnerable code do not exist)
 	NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick?cmd=changeset;node=93bdb9b30076
 	NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick?cmd=changeset;node=df946910910d
 	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/469/

Modified: data/dla-needed.txt
===================================================================
--- data/dla-needed.txt	2017-10-14 16:55:45 UTC (rev 56701)
+++ data/dla-needed.txt	2017-10-14 17:01:59 UTC (rev 56702)
@@ -39,6 +39,8 @@
 --
 golang
 --
+graphicsmagick
+--
 lame (Hugo Lefeuvre)
   NOTE: Couldn't reproduce CVE-2017-{69-72}. Wait for next upstream release 3.100 ?
   NOTE: https://lists.debian.org/debian-lts/2017/09/msg00082.html