[Git][security-tracker-team/security-tracker][master] Add CVE-2019-15139/imagemagick
Salvatore Bonaccorso
carnil at debian.org
Thu Oct 3 16:38:40 BST 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
4c143a09 by Salvatore Bonaccorso at 2019-10-03T15:35:27Z
Add CVE-2019-15139/imagemagick
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -5362,7 +5362,10 @@ CVE-2019-15141 (WriteTIFFImage in coders/tiff.c in ImageMagick 7.0.8-43 Q16 allo
CVE-2019-15140 (coders/mat.c in ImageMagick 7.0.8-43 Q16 allows remote attackers to ca ...)
TODO: check
CVE-2019-15139 (The XWD image (X Window System window dumping file) parsing component ...)
- TODO: check
+ - imagemagick <unfixed>
+ NOTE: https://github.com/ImageMagick/ImageMagick/commit/c78993d138bf480ab4652b5a48379d4ff75ba5f7
+ NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/6d46f0a046a58e7c4567a86ba1b9cb847d5b1968
+ NOTE: https://github.com/ImageMagick/ImageMagick/issues/1553
CVE-2019-15138 (The html-pdf package 2.2.0 for Node.js has an arbitrary file read vuln ...)
NOT-FOR-US: node html-pdf
CVE-2019-15137 (The Access Control plugin in eProsima Fast RTPS through 1.9.0 allows f ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/4c143a09790a301db528a6a79af21f27dfcc6966
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/4c143a09790a301db528a6a79af21f27dfcc6966
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191003/da05f30f/attachment.html>
More information about the debian-security-tracker-commits
mailing list