[Secure-testing-commits] r55463 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Tue Sep 5 11:17:15 UTC 2017 

Author: jmm
Date: 2017-09-05 11:17:15 +0000 (Tue, 05 Sep 2017)
New Revision: 55463

Modified:
   data/CVE/list
Log:
two imagemagick issues unimportant
x265 n/a


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-09-05 10:20:10 UTC (rev 55462)
+++ data/CVE/list	2017-09-05 11:17:15 UTC (rev 55463)
@@ -22,17 +22,17 @@
 	- linux <unfixed>
 	NOTE: Fixed by: https://git.kernel.org/linus/197e7e521384a23b9e585178f3f11c9fa08274b9
 CVE-2017-14139 (ImageMagick 7.0.6-2 has a memory leak vulnerability in WriteMSLImage in ...)
-	- imagemagick <unfixed>
+	- imagemagick <unfixed> (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/578
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/955bd1008a5371bbd1b8db0a1e41e333ebfc63ef
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/dbe0008c6fa225d01085ca86f3e425c306ee6240
 	NOTE: Requires: https://github.com/ImageMagick/ImageMagick/commit/d426a1dc84cfdafdac67bdb2a1ecc6e1798053e6
 	NOTE: Requires: https://github.com/ImageMagick/ImageMagick/commit/0dfce0579c881245e495aa2d8d114e63b96a860e
 CVE-2017-14138 (ImageMagick 7.0.6-5 has a memory leak vulnerability in ReadWEBPImage in ...)
-	- imagemagick <unfixed>
+	- imagemagick <unfixed> (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/639
 CVE-2017-14137 (ReadWEBPImage in coders/webp.c in ImageMagick 7.0.6-5 has a issue where ...)
-	- imagemagick <unfixed>
+	- imagemagick <unfixed> (low)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/641
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/cb63560ba25e4a6c51ab282538c24877fff7d471
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/cfc2bd4c87481d4cf60308cc6ffd3c61288ff004
@@ -1304,8 +1304,7 @@
 CVE-2017-13667
 	RESERVED
 CVE-2017-13666 (An integer underflow vulnerability exists in pixel-a.asm, the x86 ...)
-	- x265 <undetermined>
-	TODO: check, possibly still not-affected, as per similar CVE
+	- x265 <not-affected> (Affected code is not enabled)
 CVE-2017-13665
 	RESERVED
 CVE-2017-13664

More information about the Secure-testing-commits mailing list