[Git][security-tracker-team/security-tracker][master] imagemagick update

Moritz Muehlenhoff jmm at debian.org
Tue Dec 18 19:17:54 GMT 2018 

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a9c9441c by Moritz Muehlenhoff at 2018-12-18T19:17:12Z
imagemagick update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -16525,6 +16525,7 @@ CVE-2018-16324 (In IceWarp Server 12.0.3.1 and before, there is XSS in the /webm
 	NOT-FOR-US: IceWarp Server
 CVE-2018-16323 (ReadXBMImage in coders/xbm.c in ImageMagick before 7.0.8-9 leaves data ...)
 	- imagemagick 8:6.9.10.14+dfsg-1 (bug #907776)
+	[stretch] - imagemagick <not-affected> (Introduced by b8c63b156bf26b52e710b1a0643c846a6cd01e56 which wasn't backported to stretch)
 	[jessie] - imagemagick <ignored> (Minor issue)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/216d117f05bff87b9dc4db55a1b1fadb38bcb786
 	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/57565dace66d550042522e203f522da711d551a6
@@ -21033,6 +21034,7 @@ CVE-2018-14552
 	RESERVED
 CVE-2018-14551 (The ReadMATImageV4 function in coders/mat.c in ImageMagick 7.0.8-7 uses ...)
 	- imagemagick 8:6.9.10.8+dfsg-1 (bug #904713)
+	[stretch] - imagemagick <postponed> (Can be fixed along in a future DSA)
 	[jessie] - imagemagick <not-affected> (vulnerable code not present)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1221
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/389ecc365a7c61404ba078a72c3fa5a3cf1b4101



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a9c9441c9c9eba62a4cd843408fd975ad2d4590a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a9c9441c9c9eba62a4cd843408fd975ad2d4590a
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181218/3f34513e/attachment.html>

More information about the debian-security-tracker-commits mailing list