[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] new imagemagick issue

[Moritz Muehlenhoff]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5169697c by Moritz Muehlenhoff at 2018-04-01T15:03:40+02:00
new imagemagick issue

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -79,7 +79,12 @@ CVE-2018-9135 (In ImageMagick 7.0.7-24 Q16, there is a heap-based buffer over-re
 CVE-2018-9134 (file_manage_control.php in DedeCMS 5.7 has CSRF in an fmdo=rename ...)
 	NOT-FOR-US: DedeCMS
 CVE-2018-9133 (ImageMagick 7.0.7-26 Q16 has excessive iteration in the DecodeLabImage ...)
-	TODO: check
+	- imagemagick <unfixed> (low)
+	[stretch] - imagemagick <ignored> (Minor issue)
+	[jessie] - imagemagick <ignored> (Minor issue)
+	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1072
+	NOTE: IM6: https://github.com/ImageMagick/ImageMagick/commit/089fca04e0130549fa15f48ace3f56e30a06049a
+	NOTE: IM7: https://github.com/ImageMagick/ImageMagick/commit/19b96ba61431914e2ac316b72c0789965f2b7c09
 CVE-2018-9132 (libming 0.4.8 has a NULL pointer dereference in the getInt function of ...)
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/133



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/5169697ca697877d86f84cce53beeb94aa27ef48

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/5169697ca697877d86f84cce53beeb94aa27ef48
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180401/a3fc22c1/attachment-0001.html>