[Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2018-10177,imagemagick: Mark as no-dsa for Wheezy. Minor issue.

Markus Koschany apo at debian.org
Sun May 6 19:15:08 BST 2018 

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a0f1bbb9 by Markus Koschany at 2018-05-06T20:13:47+02:00
CVE-2018-10177,imagemagick: Mark as no-dsa for Wheezy. Minor issue.

- - - - -
1f1d6e2f by Markus Koschany at 2018-05-06T20:14:26+02:00
Remove imagemagick from dla-needed.txt. Security update for Jessie was sent to

the security team.

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1411,6 +1411,7 @@ CVE-2018-10177 (In ImageMagick 7.0.7-28, there is an infinite loop in the ...)
 	- imagemagick <unfixed> (bug #896018)
 	[stretch] - imagemagick <ignored> (Minor issue)
 	[jessie] - imagemagick <ignored> (Minor issue)
+	[wheezy] - imagemagick <ignored> (Minor issue)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1095
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/9fdda6391e38aaad3bfd6a30bd6a72bd31aeee02
 CVE-2018-10176 (Digital Guardian Management Console 7.1.2.0015 has a Directory ...)


=====================================
data/dla-needed.txt
=====================================
--- a/data/dla-needed.txt
+++ b/data/dla-needed.txt
@@ -27,10 +27,6 @@ glusterfs
   NOTE: 20180419: Maintainer not contacted yet because issue is too new. Patch
   NOTE: does not apply cleanly in Wheezy. (apo)
 --
-imagemagick (Markus Koschany)
-  NOTE: 20180417: Maybe wait for more issues or fix some no-dsa bugs or invest
-  NOTE: the time to get Jessie into shape. (apo)
---
 krb5 (Thorsten Alteholz)
   NOTE: 20180131: lts-do-not-call
   NOTE: 20180411: Details not public yet. Security team in contact with  upstream. (anarcat)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/bf5656e8048611cc1e0f2fdf4e9414da52bc92cb...1f1d6e2fe9e81925ffce7b747aeab21ce55cf63f

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/bf5656e8048611cc1e0f2fdf4e9414da52bc92cb...1f1d6e2fe9e81925ffce7b747aeab21ce55cf63f
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180506/5bf1b5ad/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list