[Secure-testing-commits] r55989 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Fri Sep 22 04:30:09 UTC 2017
Author: carnil
Date: 2017-09-22 04:30:09 +0000 (Fri, 22 Sep 2017)
New Revision: 55989
Modified:
data/CVE/list
Log:
Add one graphicsmagick issue
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-09-22 04:29:52 UTC (rev 55988)
+++ data/CVE/list 2017-09-22 04:30:09 UTC (rev 55989)
@@ -7,7 +7,10 @@
CVE-2017-14651 (WSO2 Data Analytics Server 3.1.0 has XSS in ...)
TODO: check
CVE-2017-14649 (ReadOneJNGImage in coders/png.c in GraphicsMagick version 1.3.26 does ...)
- TODO: check
+ - graphicsmagick <unfixed>
+ NOTE: http://hg.code.sf.net/p/graphicsmagick/code/rev/358608a46f0a
+ NOTE: https://blogs.gentoo.org/ago/2017/09/19/graphicsmagick-assertion-failure-in-pixel_cache-c/
+ NOTE: https://sourceforge.net/p/graphicsmagick/bugs/439/
CVE-2017-14648 (A global buffer overflow was discovered in the iteration_loop function ...)
TODO: check
CVE-2017-14647 (A heap-based buffer overflow was discovered in ...)
More information about the Secure-testing-commits
mailing list