[Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for two imagemagick issues

Salvatore Bonaccorso carnil at debian.org
Tue Jan 12 05:22:16 GMT 2021 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
0017dca0 by Salvatore Bonaccorso at 2021-01-12T06:20:09+01:00
Track fixed version via unstable for two imagemagick issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -11920,7 +11920,7 @@ CVE-2020-29600 (In AWStats through 7.7, cgi-bin/awstats.pl?config= accepts an ab
 	NOTE: https://github.com/eldy/awstats/issues/90
 	NOTE: https://github.com/eldy/awstats/commit/d4d815d0caae3dbae83ac70a1ae4581bd57cf376
 CVE-2020-29599 (ImageMagick before 6.9.11-40 and 7.x before 7.0.10-40 mishandles the - ...)
-	- imagemagick <unfixed> (bug #977205)
+	- imagemagick 8:6.9.11.57+dfsg-1 (bug #977205)
 	NOTE: https://github.com/ImageMagick/ImageMagick/discussions/2851
 	NOTE: https://insert-script.blogspot.com/2020/11/imagemagick-shell-injection-via-pdf.html
 	NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/a9e63436aa04c805fe3f9e2ed242dfa4621df823
@@ -20232,7 +20232,7 @@ CVE-2020-27562
 CVE-2020-27561
 	RESERVED
 CVE-2020-27560 (ImageMagick 7.0.10-34 allows Division by Zero in OptimizeLayerFrames i ...)
-	- imagemagick <unfixed> (bug #972797)
+	- imagemagick 8:6.9.11.57+dfsg-1 (bug #972797)
 	[buster] - imagemagick <ignored> (Minor issue)
 	[stretch] - imagemagick <no-dsa> (Minor issue)
 	NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/ef59bd764f88d893f1219fee8ba696a5d3f8c1c4



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0017dca0967c4ee0386891b3a9422f9a55d41ffd

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0017dca0967c4ee0386891b3a9422f9a55d41ffd
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210112/f842601a/attachment.html>

More information about the debian-security-tracker-commits mailing list