[Git][security-tracker-team/security-tracker][master] Add CVE-2019-739{5,6,7,8}/imagemagick

Salvatore Bonaccorso carnil at debian.org
Tue Feb 5 08:43:14 GMT 2019 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
86558167 by Salvatore Bonaccorso at 2019-02-05T08:42:17Z
Add CVE-2019-739{5,6,7,8}/imagemagick

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3,13 +3,20 @@ CVE-2019-7400 (Rukovoditel before 2.4.1 allows XSS. ...)
 CVE-2019-7399
 	RESERVED
 CVE-2019-7398 (In ImageMagick before 7.0.8-25, a memory leak exists in WriteDIBImage ...)
-	TODO: check
+	- imagemagick <unfixed> (unimportant)
+	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1453
 CVE-2019-7397 (In ImageMagick before 7.0.8-25, several memory leaks exist in ...)
-	TODO: check
+	- imagemagick <unfixed> (unimportant)
+	NOTE: https://github.com/ImageMagick/ImageMagick/commit/306c1f0fa5754ca78efd16ab752f0e981d4f6b82
+	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1454
 CVE-2019-7396 (In ImageMagick before 7.0.8-25, a memory leak exists in ReadSIXELImage ...)
-	TODO: check
+	- imagemagick <unfixed> (unimportant)
+	NOTE: https://github.com/ImageMagick/ImageMagick/commit/748a03651e5b138bcaf160d15133de2f4b1b89ce
+	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1452
 CVE-2019-7395 (In ImageMagick before 7.0.8-25, a memory leak exists in WritePSDChannel ...)
-	TODO: check
+	- imagemagick <unfixed> (unimportant)
+	NOTE: https://github.com/ImageMagick/ImageMagick/commit/8a43abefb38c5e29138e1c9c515b313363541c06
+	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1451
 CVE-2019-7394
 	RESERVED
 CVE-2019-7393



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/865581675501ce2a57583ec41d3de9f7958a5bf1

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/865581675501ce2a57583ec41d3de9f7958a5bf1
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190205/491c112b/attachment.html>

More information about the debian-security-tracker-commits mailing list