[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-8804/imagemagick
Salvatore Bonaccorso
carnil at debian.org
Tue Mar 20 09:21:43 UTC 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
8a347db7 by Salvatore Bonaccorso at 2018-03-20T10:21:16+01:00
Add CVE-2018-8804/imagemagick
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -33,7 +33,10 @@ CVE-2018-8806 (In libming 0.4.8, there is a use-after-free in the ...)
CVE-2018-8805 (Yxcms building system (compatible cell phone) v1.4.7 has XSS via the ...)
TODO: check
CVE-2018-8804 (WriteEPTImage in coders/ept.c in ImageMagick 7.0.7-25 Q16 allows remote ...)
- TODO: check
+ - imagemagick <unfixed>
+ NOTE: https://github.com/ImageMagick/ImageMagick/commit/f55d3a622d234e940fb99325b92c6d3df578fa9b
+ NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/6355db269e03f879c516cf9d592c72e157bc75d6
+ NOTE: https://github.com/ImageMagick/ImageMagick/issues/1025
CVE-2018-8803
RESERVED
CVE-2018-8802
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/8a347db7b4cc24f778bf327292e1e864b4b0dd6a
---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/8a347db7b4cc24f778bf327292e1e864b4b0dd6a
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180320/513ea1e0/attachment.html>
More information about the Secure-testing-commits
mailing list