[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Process three imagemagick issues

Salvatore Bonaccorso carnil at debian.org
Tue Mar 20 11:12:50 UTC 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
32b4dc81 by Salvatore Bonaccorso at 2018-03-20T12:12:28+01:00
Process three imagemagick issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -3340,7 +3340,7 @@ CVE-2018-7472 (INVT Studio 1.2 allows remote attackers to cause a denial of serv
 CVE-2018-7471 (KingView 7.5SP1 has an integer overflow during stgopenstorage API read ...)
 	NOT-FOR-US: KingView
 CVE-2018-7470 (An issue was discovered in ImageMagick 7.0.7-22 Q16. The ...)
-	- imagemagick <unfixed> (unimportant; bug #891420)
+	- imagemagick 8:6.9.9.39+dfsg-1 (unimportant; bug #891420)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/998
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/9e80713e5132a3bd26702ee0a833306f7e801469
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/8130e12eb30685ef958f4e62fe624da393920be7
@@ -3435,7 +3435,7 @@ CVE-2017-18197 (In mxGraphViewImageReader.java in mxGraph before 3.7.6, the ...)
 	NOTE: https://bitbucket.org/jgraph/mxgraph2/commits/7d159ca3259b961cbb1c51b4ea42cb408c624ff1
 CVE-2018-7443 (The ReadTIFFImage function in coders/tiff.c in ImageMagick 7.0.7-23 Q16 ...)
 	{DLA-1293-1}
-	- imagemagick <unfixed> (low; bug #891291)
+	- imagemagick 8:6.9.9.39+dfsg-1 (low; bug #891291)
 	[stretch] - imagemagick <ignored> (Minor issue)
 	[jessie] - imagemagick <ignored> (Minor issue)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/999
@@ -13974,7 +13974,7 @@ CVE-2017-17881 (In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was fou
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/ece953bbe14e8514afc23e05e4030eea872e29da
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/aa601d79a630f6de0694fadbeee31456a357fa73
 CVE-2017-17880 (In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-21, there is a stack-based ...)
-	- imagemagick <unfixed> (unimportant)
+	- imagemagick 8:6.9.9.39+dfsg-1 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/907
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/4b5d1edb02c432040e3ff894d0c461bcce6fd2c9
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/663b3b432c202cd2aeda7ea7e82b74cce51ab1cf



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/32b4dc814c2d943d71b318e6a58dedb0c274dd87

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/32b4dc814c2d943d71b318e6a58dedb0c274dd87
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180320/53392387/attachment.html>

More information about the Secure-testing-commits mailing list