[Git][security-tracker-team/security-tracker][master] Record CVE fixes for imagemagick issues

Salvatore Bonaccorso carnil at debian.org
Mon Jul 30 14:57:41 BST 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
99cf81b1 by Salvatore Bonaccorso at 2018-07-30T13:57:17Z
Record CVE fixes for imagemagick issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -501,7 +501,7 @@ CVE-2016-10728 (An issue was discovered in Suricata before 3.1.2. If an ICMPv4 e
 CVE-2018-14552
 	RESERVED
 CVE-2018-14551 (The ReadMATImageV4 function in coders/mat.c in ImageMagick 7.0.8-7 uses ...)
-	- imagemagick <unfixed> (bug #904713)
+	- imagemagick 8:6.9.10.8+dfsg-1 (bug #904713)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1221
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/389ecc365a7c61404ba078a72c3fa5a3cf1b4101
 	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/db7a4be592328af06d776ce3bab24b8c6de5be20
@@ -770,22 +770,22 @@ CVE-2018-14438 (In Wireshark through 2.6.2, the create_app_running_mutex functio
 	- wireshark <not-affected> (Problem with SetSecurityDescriptorDacl() is Windows specific issue)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14921
 CVE-2018-14437 (ImageMagick 7.0.8-4 has a memory leak in parse8BIM in coders/meta.c. ...)
-	- imagemagick <unfixed> (unimportant)
+	- imagemagick 8:6.9.10.8+dfsg-1 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1190
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/082223fb992448dbb574747deac9a30f986c116e
 	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/0812674565df667b1b3e4122ad259096de311c6c
 CVE-2018-14436 (ImageMagick 7.0.8-4 has a memory leak in ReadMIFFImage in ...)
-	- imagemagick <unfixed> (unimportant)
+	- imagemagick 8:6.9.10.8+dfsg-1 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1191
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/4b352c0be410ad900469a079e389178f878aded8
 	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/ae3eecad2f59e27123c1a6c891be75d06fc03656
 CVE-2018-14435 (ImageMagick 7.0.8-4 has a memory leak in DecodeImage in coders/pcd.c. ...)
-	- imagemagick <unfixed> (unimportant)
+	- imagemagick 8:6.9.10.8+dfsg-1 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1193
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/957b6397b958a5881005df27eb97319b3175a3c9
 	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/e8f4f5e776002aa6ed490d7c6f65e10fa67359dd
 CVE-2018-14434 (ImageMagick 7.0.8-4 has a memory leak for a colormap in WriteMPCImage ...)
-	- imagemagick <unfixed> (unimportant)
+	- imagemagick 8:6.9.10.8+dfsg-1 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1192
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/98a2cceae0dceccbfe54051167c2c80be1f13c3f
 CVE-2018-14433
@@ -3729,7 +3729,7 @@ CVE-2018-13155 (The mintToken function of a smart contract implementation for GE
 CVE-2018-13154
 	RESERVED
 CVE-2018-13153 (In ImageMagick 7.0.8-4, there is a memory leak in the XMagickCommand ...)
-	- imagemagick <unfixed> (unimportant)
+	- imagemagick 8:6.9.10.8+dfsg-1 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1195
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/4ab4849d667e26df0e63ece9d63ae23bc7ab0fa1
 	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/6ce6d25b47caf9b6b2979a510b6202ce0f3dd2d4
@@ -14160,7 +14160,7 @@ CVE-2018-9137 (Open-AudIT before 2.2 has CSV Injection. ...)
 CVE-2018-9136 (windrvr1260.sys in Jungo DriverWizard WinDriver 12.6.0 allows attackers ...)
 	NOT-FOR-US: Jungo
 CVE-2018-9135 (In ImageMagick 7.0.7-24 Q16, there is a heap-based buffer over-read in ...)
-	- imagemagick <unfixed> (unimportant)
+	- imagemagick 8:6.9.10.8+dfsg-1 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1009
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/361ed689cc8e56fd125f9d0d6508e9eb303bdca6
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/4f7196b0b7539b113f2580b6a77aa496813d8899



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/99cf81b17f957d5e0d76023775ade6552fc5d23c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/99cf81b17f957d5e0d76023775ade6552fc5d23c
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180730/aa104c1c/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list