[Secure-testing-commits] r55728 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Wed Sep 13 09:24:15 UTC 2017
Author: jmm
Date: 2017-09-13 09:24:15 +0000 (Wed, 13 Sep 2017)
New Revision: 55728
Modified:
data/CVE/list
Log:
new im issue
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-09-13 09:21:17 UTC (rev 55727)
+++ data/CVE/list 2017-09-13 09:24:15 UTC (rev 55728)
@@ -23,7 +23,10 @@
CVE-2017-14401 (The EyesOfNetwork web interface (aka eonweb) 5.1-0 has SQL injection ...)
NOT-FOR-US: EyesOfNetwork (EON)
CVE-2017-14400 (In ImageMagick 7.0.7-1 Q16, the PersistPixelCache function in ...)
- TODO: check
+ - imagemagick <unfixed> (low)
+ NOTE: https://github.com/ImageMagick/ImageMagick/issues/746
+ NOTE: im6 patch: https://github.com/ImageMagick/ImageMagick/commit/04b863f15effa4375e4ee42f413f0246062b48af
+ NOTE: im6 patch: https://github.com/ImageMagick/ImageMagick/commit/44a55580ac8c01d8cff1e6e0063820af113f8591
CVE-2017-14399 (In BlackCat CMS 1.2.2, unrestricted file upload is possible in ...)
NOT-FOR-US: BlackCat CMS
CVE-2017-14398 (rzpnk.sys in Razer Synapse 2.20.15.1104 allows local users to read and ...)
More information about the Secure-testing-commits
mailing list