[Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2020-27766/imagemagick: reference fix, stretch triage
Sylvain Beucler
beuc at debian.org
Wed Dec 2 17:07:24 GMT 2020
Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker
Commits:
5af268f0 by Sylvain Beucler at 2020-12-02T18:02:22+01:00
CVE-2020-27766/imagemagick: reference fix, stretch triage
- - - - -
4df4e396 by Sylvain Beucler at 2020-12-02T18:03:26+01:00
imagemagick: stretch triage
CVE-2020-27774
CVE-2020-27770
CVE-2020-27751
clarifications
marked div0 issues as <postponed> rather than <ignored>
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -6481,7 +6481,7 @@ CVE-2020-27775
RESERVED
- imagemagick 8:6.9.11.24+dfsg-1
[buster] - imagemagick <ignored> (Minor issue)
- [stretch] - imagemagick <ignored> (Minor issue, UBSAN outside range)
+ [stretch] - imagemagick <ignored> (Minor issue, UBSAN outside range warning)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/1737
NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/a2166bfb1049bac4c0f7b8b5d3ef86a1f48470b2
NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/78d9987ae80a95865c9f139afde0dcf3fd832ddc
@@ -6489,6 +6489,7 @@ CVE-2020-27774
RESERVED
- imagemagick 8:6.9.11.24+dfsg-1
[buster] - imagemagick <ignored> (Minor issue)
+ [stretch] - imagemagick <ignored> (Minor issue, UBSAN shift exponent warning)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/1743
NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/29cee9152d1b5487cfd19443ca48935eea0cabe2
NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/052175e4b190598141fbcc64641cd5ee4db3602d
@@ -6496,7 +6497,7 @@ CVE-2020-27773
RESERVED
- imagemagick 8:6.9.11.24+dfsg-1
[buster] - imagemagick <ignored> (Minor issue)
- [stretch] - imagemagick <ignored> (Minor issue, DoS/div0 while package is mainly CLI)
+ [stretch] - imagemagick <postponed> (Minor issue, DoS/div0 while package is mainly CLI)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/1739
NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/3d71aa8265ffaaf686021a6fbd54c037f71ee3a2
NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/be6ffd9f283c2681d74469db8b000701665cf034
@@ -6504,7 +6505,7 @@ CVE-2020-27772
RESERVED
- imagemagick 8:6.9.11.24+dfsg-1
[buster] - imagemagick <ignored> (Minor issue)
- [stretch] - imagemagick <ignored> (Minor issue, UBSAN outside range)
+ [stretch] - imagemagick <ignored> (Minor issue, UBSAN outside range warning)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/1749
NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/a1142af44f61c038ad3eccc099c5b9548b507846
NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/7f819ef8855608d9cb1ded5e4f30cdfff1da7c11
@@ -6512,7 +6513,7 @@ CVE-2020-27771
RESERVED
- imagemagick 8:6.9.11.24+dfsg-1
[buster] - imagemagick <ignored> (Minor issue)
- [stretch] - imagemagick <ignored> (Minor issue, UBSAN outside range)
+ [stretch] - imagemagick <ignored> (Minor issue, UBSAN outside range warning)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/1753
NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/872ffe6d0131beec8b47568a4874ffaca91a872e
NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/9dd1c7e1f8f6c137bfd3293be2554f59456c7b62
@@ -6521,6 +6522,7 @@ CVE-2020-27770
RESERVED
- imagemagick 8:6.9.11.24+dfsg-1
[buster] - imagemagick <ignored> (Minor issue)
+ [stretch] - imagemagick <ignored> (Minor issue, UBSAN offset overflowed warning)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/1721
NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/be90a5395695f0d19479a5d46b06c678be7f7927
NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/c01495f91ac71c5205f52713430b68e80d851149
@@ -6528,7 +6530,7 @@ CVE-2020-27769
RESERVED
- imagemagick 8:6.9.11.24+dfsg-1
[buster] - imagemagick <ignored> (Minor issue)
- [stretch] - imagemagick <ignored> (Minor issue, UBSAN outside range)
+ [stretch] - imagemagick <ignored> (Minor issue, UBSAN outside range warning)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/1740
NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/7b058696133c6d36e0b48a454e357482db71982e
NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/7661113a654c9c822c23a8fb8aa1b021fc7fbe9d
@@ -6536,7 +6538,7 @@ CVE-2020-27768
RESERVED
- imagemagick 8:6.9.11.24+dfsg-1
[buster] - imagemagick <ignored> (Minor issue)
- [stretch] - imagemagick <ignored> (Minor issue, UBSAN outside range)
+ [stretch] - imagemagick <ignored> (Minor issue, UBSAN outside range warning)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/1751
NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/95d4e94e0353e503b71a53f5e6fad173c7c70c90
NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/8c6e86f81968fab1710317d87b00c608108e6a2a
@@ -6544,19 +6546,21 @@ CVE-2020-27767
RESERVED
- imagemagick 8:6.9.11.24+dfsg-1
[buster] - imagemagick <ignored> (Minor issue)
- [stretch] - imagemagick <ignored> (Minor issue, UBSAN outside range)
+ [stretch] - imagemagick <ignored> (Minor issue, UBSAN outside range warning)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/1741
NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/564f2a35e523e2b6cce9485018157f03ec05a947
NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/c2f66e7fc9189a652f77a021bd047c4146d634d1
CVE-2020-27766
RESERVED
- imagemagick <undetermined>
+ [stretch] - imagemagick <ignored> (Minor issue, UBSAN outside range warning)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/1734
+ NOTE: Same fix as CVE-2020-27774
CVE-2020-27765
RESERVED
- imagemagick 8:6.9.11.24+dfsg-1
[buster] - imagemagick <ignored> (Minor issue)
- [stretch] - imagemagick <ignored> (Minor issue, DoS/div0 while package is mainly CLI)
+ [stretch] - imagemagick <postponed> (Minor issue, DoS/div0 while package is mainly CLI)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/1730
NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/a4c89f2a61069ad7637bc7749cc1a839de442526
NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/4321934be544bc2888c6799fd6b50d8188a3d832
@@ -6564,14 +6568,14 @@ CVE-2020-27764
RESERVED
- imagemagick 8:6.9.11.24+dfsg-1
[buster] - imagemagick <ignored> (Minor issue)
- [stretch] - imagemagick <ignored> (Minor issue, UBSAN outside range)
+ [stretch] - imagemagick <ignored> (Minor issue, UBSAN outside range warning)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/1735
NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/3e21bc8a58b4ae38d24c7e283837cc279f35b6a5
CVE-2020-27763
RESERVED
- imagemagick 8:6.9.11.24+dfsg-1
[buster] - imagemagick <ignored> (Minor issue)
- [stretch] - imagemagick <ignored> (Minor issue, DoS/div0 while package is mainly CLI)
+ [stretch] - imagemagick <postponed> (Minor issue, DoS/div0 while package is mainly CLI)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/1718
NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/43539e67a47d2f8de832d33a5b26dc2a7a12294f
NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/cc0944d57f846c839905d573503ab055b34090e4
@@ -6579,7 +6583,7 @@ CVE-2020-27762
RESERVED
- imagemagick 8:6.9.11.24+dfsg-1
[buster] - imagemagick <ignored> (Minor issue)
- [stretch] - imagemagick <ignored> (Minor issue, UBSAN outside range)
+ [stretch] - imagemagick <ignored> (Minor issue, UBSAN outside range warning)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/1713
NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/7db3fa20893d557259da6e99e111954de83d2495
NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/3e10f7c3c9f0394dfd6ebd372bc34a172dabc8ff
@@ -6587,7 +6591,7 @@ CVE-2020-27761
RESERVED
- imagemagick 8:6.9.11.24+dfsg-1
[buster] - imagemagick <ignored> (Minor issue)
- [stretch] - imagemagick <ignored> (Minor issue, UBSAN outside range)
+ [stretch] - imagemagick <ignored> (Minor issue, UBSAN outside range warning)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/1726
NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/db5e12e24f1378ce8c93a5c35991dcdd23a67bb0
NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/14c90fb315eb3666a4cf6d784cbde74c69c934ec
@@ -6595,7 +6599,7 @@ CVE-2020-27760
RESERVED
- imagemagick 8:6.9.11.24+dfsg-1
[buster] - imagemagick <ignored> (Minor issue)
- [stretch] - imagemagick <ignored> (Minor issue, DoS/div0 while package is mainly CLI)
+ [stretch] - imagemagick <postponed> (Minor issue, DoS/div0 while package is mainly CLI)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/1717
NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/c5fcdea6a6ae27cf3db20c28b176e87b1a584e06
NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/83cd04f580ccf4cc194813777c1fcfba78e602aa
@@ -6603,7 +6607,7 @@ CVE-2020-27759
RESERVED
- imagemagick 8:6.9.11.24+dfsg-1
[buster] - imagemagick <ignored> (Minor issue)
- [stretch] - imagemagick <ignored> (Minor issue, UBSAN outside range)
+ [stretch] - imagemagick <ignored> (Minor issue, UBSAN outside range warning)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/1720
NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/d44f8a35558951a21367d306a42e5a097f3a43fe
NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/460dea07066e2001bc4671fcd8d53233f0fc29b3
@@ -6611,7 +6615,7 @@ CVE-2020-27758
RESERVED
- imagemagick 8:6.9.11.24+dfsg-1
[buster] - imagemagick <ignored> (Minor issue)
- [stretch] - imagemagick <ignored> (Minor issue, UBSAN outside range)
+ [stretch] - imagemagick <ignored> (Minor issue, UBSAN outside range warning)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/1719
NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/f0a8d407b2801174fd8923941a9e7822f7f9a506
NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/e5e15b4456c825f78554e2ef1cc6344fa1218448
@@ -6619,7 +6623,7 @@ CVE-2020-27757
RESERVED
- imagemagick 8:6.9.11.24+dfsg-1
[buster] - imagemagick <ignored> (Minor issue)
- [stretch] - imagemagick <ignored> (Minor issue, UBSAN outside range)
+ [stretch] - imagemagick <ignored> (Minor issue, UBSAN outside range warning)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/1712
NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/e88532bd4418e95b70cbc415fe911d22ab27a5fd
NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/ded073520c133421f842160d3a9e207788f55a90
@@ -6627,7 +6631,7 @@ CVE-2020-27756
RESERVED
- imagemagick 8:6.9.11.24+dfsg-1
[buster] - imagemagick <ignored> (Minor issue)
- [stretch] - imagemagick <ignored> (Minor issue, DoS/div0 while package is mainly CLI)
+ [stretch] - imagemagick <postponed> (Minor issue, DoS/div0 while package is mainly CLI)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/1725
NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/f35eca82b0c294ff9d0ccad104a881c3ae2ba913
NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/d3d96f05950275b916207bf9df03640ef3e9fd6e
@@ -6641,7 +6645,7 @@ CVE-2020-27754
RESERVED
- imagemagick 8:6.9.11.24+dfsg-1
[buster] - imagemagick <ignored> (Minor issue)
- [stretch] - imagemagick <ignored> (Minor issue, UBSAN outside range)
+ [stretch] - imagemagick <ignored> (Minor issue, UBSAN outside range warning)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/1754
NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick6/commit/d5df600d43c8706df513a3273d09aee6f54a9233
NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/d5df600d43c8706df513a3273d09aee6f54a9233
@@ -6660,6 +6664,7 @@ CVE-2020-27751
RESERVED
- imagemagick 8:6.9.11.24+dfsg-1
[buster] - imagemagick <ignored> (Minor issue)
+ [stretch] - imagemagick <ignored> (Minor issue, UBSAN shift exponent warning)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/1727
NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/f60d59cc3a7e3402d403361e0985ffa56f746a82
NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/879bb6a13ece5508cd983bc3d64ced23900b60ee
@@ -6667,7 +6672,7 @@ CVE-2020-27750
RESERVED
- imagemagick 8:6.9.11.24+dfsg-1
[buster] - imagemagick <ignored> (Minor issue)
- [stretch] - imagemagick <ignored> (Minor issue, DoS/div0 while package is mainly CLI)
+ [stretch] - imagemagick <postponed> (Minor issue, DoS/div0 while package is mainly CLI)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/1711
NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/a81ca9a1b46a96be83682af3389f0a6f3d0d389d
NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/c7038e710ad0204d6cb37a0229fc55f6f8a8662f
@@ -11730,7 +11735,7 @@ CVE-2020-25677
CVE-2020-25676
RESERVED
- imagemagick 8:6.9.11.24+dfsg-1
- [stretch] - imagemagick <ignored> (Minor issue, UBSAN outside range)
+ [stretch] - imagemagick <ignored> (Minor issue, UBSAN outside range warning)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/1732
NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/406da3af9e09649cda152663c179902edf5ab3ac
NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/94aeb3c40d25aee1051ba8eb3a31601558ef2506
@@ -11738,7 +11743,7 @@ CVE-2020-25675
RESERVED
- imagemagick 8:6.9.11.24+dfsg-1
[buster] - imagemagick <ignored> (Minor issue)
- [stretch] - imagemagick <ignored> (Minor issue, UBSAN outside range)
+ [stretch] - imagemagick <ignored> (Minor issue, UBSAN outside range warning)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/1731
NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/64dc80b2e1907f7f20bf34d4df9483f938b0de71
NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/6b169173585127299f4724f7880b575879c7f033
@@ -11783,7 +11788,7 @@ CVE-2020-25666
RESERVED
- imagemagick 8:6.9.11.24+dfsg-1
[buster] - imagemagick <ignored> (Minor issue)
- [stretch] - imagemagick <ignored> (Minor issue, UBSAN outside range)
+ [stretch] - imagemagick <ignored> (Minor issue, UBSAN outside range warning)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/1750
NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/94691f00839dbdf43edb1508af945ab19b388573
NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/91ae12c57f3b9b23f2072462c27a8378b59f395e
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/95905150fe261a0fe539453640cc81a04cc7d931...4df4e396a7747482af3fb2c4f335e2a6daedea49
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/95905150fe261a0fe539453640cc81a04cc7d931...4df4e396a7747482af3fb2c4f335e2a6daedea49
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201202/099cbb6d/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list