[Git][security-tracker-team/security-tracker][master] Add CVE-2018-1802{3,4,5}/imagemagick

Salvatore Bonaccorso carnil at debian.org
Mon Oct 8 06:36:30 BST 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
92fbf1b4 by Salvatore Bonaccorso at 2018-10-08T05:35:51Z
Add CVE-2018-1802{3,4,5}/imagemagick

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,11 +1,18 @@
 CVE-2018-18026
 	RESERVED
 CVE-2018-18025 (In ImageMagick 7.0.8-13 Q16, there is a heap-based buffer over-read in ...)
-	TODO: check
+	- imagemagick <unfixed>
+	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1335
 CVE-2018-18024 (In ImageMagick 7.0.8-13 Q16, there is an infinite loop in the ...)
-	TODO: check
+	- imagemagick <unfixed>
+	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1337
+	NOTE: https://github.com/ImageMagick/ImageMagick/commit/948f1c86d649a29df08a38d2ff8b91cdf3e92b82
+	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/b268ce7a59440972f4476b9fd98104b6a836d971
 CVE-2018-18023 (In ImageMagick 7.0.8-13 Q16, there is a heap-based buffer over-read in ...)
-	TODO: check
+	- imagemagick <unfixed>
+	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1336
+	NOTE: https://github.com/ImageMagick/ImageMagick/commit/5d71e23b853461dd3628cd1218834fcf13938365
+	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/a5db4873626f702d2ddd8bc293573493e0a412c0
 CVE-2018-18022
 	RESERVED
 CVE-2012-6710 (ext_find_user in eXtplorer through 2.1.2 allows remote attackers to ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/92fbf1b48d3ea011a4cbe6d5fa4a648d160ae2e2

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/92fbf1b48d3ea011a4cbe6d5fa4a648d160ae2e2
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181008/f092325c/attachment.html>

More information about the debian-security-tracker-commits mailing list