[Git][security-tracker-team/security-tracker][master] CVE-2019-13306/imagemagick: update commit links

[Hugo Lefeuvre]

Hugo Lefeuvre pushed to branch master at Debian Security Tracker / security-tracker


Commits:
36f1a4e7 by Hugo Lefeuvre at 2019-08-09T09:09:56Z
CVE-2019-13306/imagemagick: update commit links

Reverting cb5ec7d was intentional, the CVE-2019-13305 fix appears to also
be the fix for CVE-2019-13306.

More information on the Debian bug report: #931449

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -5116,8 +5116,10 @@ CVE-2019-13307 (ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at Mag
 CVE-2019-13306 (ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/p ...)
 	- imagemagick <unfixed> (bug #931449)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1612
+	NOTE: initial fix:
 	NOTE: https://github.com/ImageMagick/ImageMagick6/commit/cb5ec7d98195aa74d5ed299b38eff2a68122f3fa
-	NOTE: this patch is reverted by the patch for CVE-2019-13305.
+	NOTE: later reverted by the CVE-2019-13305 fix which is the right one:
+	NOTE: https://github.com/ImageMagick/ImageMagick6/commit/5c7fbf9a14fb83c9685ad69d48899f490a37609d
 CVE-2019-13305 (ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/p ...)
 	- imagemagick <unfixed> (bug #931452)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1613



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/36f1a4e72c24808b921c1a28e01e25fd7783d5a6

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/36f1a4e72c24808b921c1a28e01e25fd7783d5a6
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190809/f02cf7d1/attachment.html>