[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] The CVE was marked as no-dsa for Debian Security and there is no reason to…

[Ola Lundqvist]

Ola Lundqvist pushed to branch master at Debian Security Tracker / security-tracker


Commits:
1c752837 by Ola Lundqvist at 2018-04-09T21:08:12+02:00
The CVE was marked as no-dsa for Debian Security and there is no reason to believe why wheezy should be treated differently. Therefore marking as ignored and removing the package from dla-needed.txt.

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1652,6 +1652,7 @@ CVE-2018-9133 (ImageMagick 7.0.7-26 Q16 has excessive iteration in the DecodeLab
 	- imagemagick <unfixed> (low; bug #894848)
 	[stretch] - imagemagick <ignored> (Minor issue)
 	[jessie] - imagemagick <ignored> (Minor issue)
+	[wheezy] - imagemagick <ignored> (Minor issue)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1072
 	NOTE: IM6: https://github.com/ImageMagick/ImageMagick/commit/089fca04e0130549fa15f48ace3f56e30a06049a
 	NOTE: IM7: https://github.com/ImageMagick/ImageMagick/commit/19b96ba61431914e2ac316b72c0789965f2b7c09
@@ -1905,6 +1906,7 @@ CVE-2017-18252 (An issue was discovered in ImageMagick 7.0.7. The MogrifyImageLi
 	- imagemagick <unfixed> (low)
 	[stretch] - imagemagick <ignored> (Minor issue)
 	[jessie] - imagemagick <ignored> (Minor issue)
+	[wheezy] - imagemagick <ignored> (Minor issue)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/802
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/12f34b60564de1cbec08e23e2413dab5b64daeb7
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/bb04ccb34fd45e9c3020786857fb79b09f44d7db
@@ -2063,6 +2065,7 @@ CVE-2018-8960 (The ReadTIFFImage function in coders/tiff.c in ImageMagick 7.0.7-
 	- imagemagick 8:6.9.9.39+dfsg-1 (low)
 	[stretch] - imagemagick <ignored> (Minor issue)
 	[jessie] - imagemagick <ignored> (Minor issue)
+	[wheezy] - imagemagick <ignored> (Minor issue)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1020
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/23f6beef78cfe806cabc090a015e73557d60788e
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/7c0b29f621ebcce1a35c0e6c1992c9043b3bb1bd
@@ -2478,6 +2481,7 @@ CVE-2018-8804 (WriteEPTImage in coders/ept.c in ImageMagick 7.0.7-25 Q16 allows 
 	- imagemagick 8:6.9.9.39+dfsg-1 (low)
 	[stretch] - imagemagick <ignored> (Minor issue)
 	[jessie] - imagemagick <ignored> (Minor issue)
+	[wheezy] - imagemagick <ignored> (Minor issue)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/f55d3a622d234e940fb99325b92c6d3df578fa9b
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/6355db269e03f879c516cf9d592c72e157bc75d6
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1025


=====================================
data/dla-needed.txt
=====================================
--- a/data/dla-needed.txt
+++ b/data/dla-needed.txt
@@ -36,8 +36,6 @@ gcc-4.7 (Roberto C. Sánchez)
   NOTE: Backport the retpoline support for spectre mitigation.
   NOTE: Do we want/need it on this gcc version as well?
 --
-imagemagick
---
 jruby
 --
 krb5



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/1c7528370d8d96d82ec9f1dadbcf5b49c52d2b64

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/1c7528370d8d96d82ec9f1dadbcf5b49c52d2b64
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180409/0fd7f7c4/attachment.html>