[Secure-testing-commits] r55707 - in data: . CVE

Tue Sep 12 21:16:58 UTC 2017

Author: jmm
Date: 2017-09-12 21:16:58 +0000 (Tue, 12 Sep 2017)
New Revision: 55707

Modified:
   data/CVE/list
   data/dsa-needed.txt
Log:
xen DSA released
new imagemagick issues


Modified: data/CVE/list
===================================================================

--- data/CVE/list	2017-09-12 21:14:25 UTC (rev 55706)
+++ data/CVE/list	2017-09-12 21:16:58 UTC (rev 55707)
@@ -7,11 +7,15 @@
 CVE-2017-14344 (This vulnerability allows local attackers to escalate privileges on ...)
 	NOT-FOR-US: Jungo WinDriver
 CVE-2017-14343 (ImageMagick 7.0.6-6 has a memory leak vulnerability in ReadXCFImage in ...)
-	TODO: check
+	- imagemagick <unfixed> (unimportant)
+	NOTE: https://github.com/ImageMagick/ImageMagick/issues/649
 CVE-2017-14342 (ImageMagick 7.0.6-6 has a memory exhaustion vulnerability in ...)
-	TODO: check
+	- imagemagick <unfixed> (unimportant)
+	NOTE: https://github.com/ImageMagick/ImageMagick/issues/650
 CVE-2017-14341 (ImageMagick 7.0.6-6 has a large loop vulnerability in ReadWPGImage in ...)
-	TODO: check
+	- imagemagick <unfixed> (low)
+	NOTE: https://github.com/ImageMagick/ImageMagick/issues/654
+	NOTE: https://github.com/ImageMagick/ImageMagick/commit/4eae304e773bad8a876c3c26fdffac24d4253ae4
 CVE-2017-14348 (LibRaw before 0.18.4 has a heap-based Buffer Overflow in the ...)
 	- libraw <unfixed>
 	NOTE: https://github.com/LibRaw/LibRaw/issues/100

Modified: data/dsa-needed.txt
===================================================================
--- data/dsa-needed.txt	2017-09-12 21:14:25 UTC (rev 55706)
+++ data/dsa-needed.txt	2017-09-12 21:16:58 UTC (rev 55707)
@@ -104,7 +104,5 @@
 wordpress-shibboleth
   Dom preparing an update
 --
-xen (jmm)
---
 zendframework/oldstable
 --


