[Secure-testing-commits] r55458 - data/CVE

[Salvatore Bonaccorso]

Author: carnil
Date: 2017-09-05 10:14:38 +0000 (Tue, 05 Sep 2017)
New Revision: 55458

Modified:
   data/CVE/list
Log:
Add CVE-2017-14139/imagemagick

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-09-05 10:07:39 UTC (rev 55457)
+++ data/CVE/list	2017-09-05 10:14:38 UTC (rev 55458)
@@ -22,7 +22,12 @@
 	- linux <unfixed>
 	NOTE: Fixed by: https://git.kernel.org/linus/197e7e521384a23b9e585178f3f11c9fa08274b9
 CVE-2017-14139 (ImageMagick 7.0.6-2 has a memory leak vulnerability in WriteMSLImage in ...)
-	TODO: check
+	- imagemagick <unfixed>
+	NOTE: https://github.com/ImageMagick/ImageMagick/issues/578
+	NOTE: https://github.com/ImageMagick/ImageMagick/commit/955bd1008a5371bbd1b8db0a1e41e333ebfc63ef
+	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/dbe0008c6fa225d01085ca86f3e425c306ee6240
+	NOTE: Requires: https://github.com/ImageMagick/ImageMagick/commit/d426a1dc84cfdafdac67bdb2a1ecc6e1798053e6
+	NOTE: Requires: https://github.com/ImageMagick/ImageMagick/commit/0dfce0579c881245e495aa2d8d114e63b96a860e
 CVE-2017-14138 (ImageMagick 7.0.6-5 has a memory leak vulnerability in ReadWEBPImage in ...)
 	TODO: check
 CVE-2017-14137 (ReadWEBPImage in coders/webp.c in ImageMagick 7.0.6-5 has a issue where ...)