[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2017-18211/imagemagick

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
2f05b8c3 by Salvatore Bonaccorso at 2018-03-01T22:30:01+01:00
Add CVE-2017-18211/imagemagick

The issue is first fixed in Debian with 8:6.9.9.34+dfsg-1 as uploaded to
experimental, and 8:6.9.9.34+dfsg-3 beeing the first version in unstable
containing the fix.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -17,7 +17,10 @@ CVE-2018-7581
 CVE-2018-7580
 	RESERVED
 CVE-2017-18211 (In ImageMagick 7.0.7, a NULL pointer dereference vulnerability was ...)
-	TODO: check
+	- imagemagick 8:6.9.9.34+dfsg-3
+	NOTE: https://github.com/ImageMagick/ImageMagick/issues/792
+	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/96c2fab85e1699c87080271254c5a01387805564
+	NOTE: https://github.com/ImageMagick/ImageMagick/commit/22eec833cd72b5abab2627fcacc27d2dfb6aa6e7
 CVE-2017-18210 (In ImageMagick 7.0.7, a NULL pointer dereference vulnerability was ...)
 	TODO: check
 CVE-2017-18209 (In the GetOpenCLCachedFilesDirectory function in magick/opencl.c in ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/2f05b8c36d7da6b7d9822919501e44cb66a022fc

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/2f05b8c36d7da6b7d9822919501e44cb66a022fc
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180301/ce86464a/attachment.html>