[Secure-testing-commits] r55524 - data/CVE

security tracker role sectracker at moszumanska.debian.org
Wed Sep 6 21:10:14 UTC 2017 

Author: sectracker
Date: 2017-09-06 21:10:14 +0000 (Wed, 06 Sep 2017)
New Revision: 55524

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-09-06 21:08:01 UTC (rev 55523)
+++ data/CVE/list	2017-09-06 21:10:14 UTC (rev 55524)
@@ -1,9 +1,15 @@
-CVE-2017-14166 [heap-based buffer overflow in xml_data (archive_read_support_format_xar.c)]
+CVE-2017-14163
+	RESERVED
+CVE-2017-14162
+	RESERVED
+CVE-2017-14161
+	RESERVED
+CVE-2017-14166 (libarchive 3.3.2 allows remote attackers to cause a denial of service ...)
 	- libarchive <unfixed>
 	NOTE: http://www.openwall.com/lists/oss-security/2017/09/06/5
 	NOTE: https://github.com/libarchive/libarchive/commit/fa7438a0ff4033e4741c807394a9af6207940d71
 	NOTE: https://github.com/libarchive/libarchive/issues/935
-CVE-2017-14165 [graphicsmagick: memory allocation failure in MagickMalloc (memory.c)]
+CVE-2017-14165 (The ReadSUNImage function in coders/sun.c in GraphicsMagick 1.3.26 has ...)
 	- graphicsmagick <unfixed>
 	NOTE: Fixed by: http://hg.code.sf.net/p/graphicsmagick/code/rev/493da54370aa
 	NOTE: http://www.openwall.com/lists/oss-security/2017/09/06/4
@@ -32,7 +38,7 @@
 	RESERVED
 CVE-2017-14153
 	RESERVED
-CVE-2017-14164 [incomplete fix for CVE-2017-14152]
+CVE-2017-14164 (A size-validation issue was discovered in opj_j2k_write_sot in ...)
 	- openjpeg2 <not-affected> (Incomplete fix for CVE-2017-14152 not applied)
 CVE-2017-14152 (A mishandled zero case was discovered in opj_j2k_set_cinema_parameters ...)
 	- openjpeg2 <unfixed> (bug #874431)
@@ -88,7 +94,7 @@
 CVE-2017-14138 (ImageMagick 7.0.6-5 has a memory leak vulnerability in ReadWEBPImage in ...)
 	- imagemagick <unfixed> (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/639
-CVE-2017-14137 (ReadWEBPImage in coders/webp.c in ImageMagick 7.0.6-5 has a issue where ...)
+CVE-2017-14137 (ReadWEBPImage in coders/webp.c in ImageMagick 7.0.6-5 has an issue ...)
 	- imagemagick <unfixed> (low)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/641
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/cb63560ba25e4a6c51ab282538c24877fff7d471

More information about the Secure-testing-commits mailing list