[Git][security-tracker-team/security-tracker][master] bugnums
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Mon Jun 20 16:42:37 BST 2022
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
a02ac962 by Moritz Muehlenhoff at 2022-06-20T17:42:12+02:00
bugnums
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -15286,7 +15286,7 @@ CVE-2022-28464 (Apifox through 2.1.6 is vulnerable to Cross Site Scripting (XSS)
NOT-FOR-US: Apifox
CVE-2022-28463 (ImageMagick 7.1.0-27 is vulnerable to Buffer Overflow. ...)
{DLA-3007-1}
- - imagemagick <unfixed>
+ - imagemagick <unfixed> (bug #1013282)
[bullseye] - imagemagick <no-dsa> (Minor issue)
[buster] - imagemagick <no-dsa> (Minor issue)
NOTE: https://github.com/ImageMagick/ImageMagick/commit/ca3654ebf7a439dc736f56f083c9aa98e4464b7f
@@ -16601,14 +16601,14 @@ CVE-2022-1116 (Integer Overflow or Wraparound vulnerability in io_uring of Linux
- linux <not-affected> (Vulnerable code not present; introduced in 5.4.24; fixed in 5.4.189)
CVE-2022-1115
RESERVED
- - imagemagick <unfixed>
+ - imagemagick <unfixed> (bug #1013282)
[bullseye] - imagemagick <no-dsa> (Minor issue)
[buster] - imagemagick <no-dsa> (Minor issue)
[stretch] - imagemagick <no-dsa> (Minor issue)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/4974
NOTE: https://github.com/ImageMagick/ImageMagick6/commit/1f860f52bd8d58737ad883072203391096b30b51
CVE-2022-1114 (A heap-use-after-free flaw was found in ImageMagick's RelinquishDCMInf ...)
- - imagemagick <unfixed>
+ - imagemagick <unfixed> (bug #1013282)
[bullseye] - imagemagick <no-dsa> (Minor issue)
[buster] - imagemagick <no-dsa> (Minor issue)
[stretch] - imagemagick <not-affected> (Vulnerable code not present)
@@ -24738,7 +24738,7 @@ CVE-2022-0613 (Authorization Bypass Through User-Controlled Key in NPM urijs pri
CVE-2021-4220
REJECTED
CVE-2021-4219 (A flaw was found in ImageMagick. The vulnerability occurs due to impro ...)
- - imagemagick <unfixed>
+ - imagemagick <unfixed> (bug #1013282)
[bullseye] - imagemagick <no-dsa> (Minor issue)
[buster] - imagemagick <no-dsa> (Minor issue)
[stretch] - imagemagick <postponed> (Minor issue, DoS)
@@ -106734,7 +106734,7 @@ CVE-2021-20314 (Stack buffer overflow in libspf2 versions below 1.2.11 when proc
CVE-2021-20313 (A flaw was found in ImageMagick in versions before 7.0.11. A potential ...)
{DLA-2672-1}
[experimental] - imagemagick 8:6.9.12.20+dfsg1-1
- - imagemagick <unfixed>
+ - imagemagick <unfixed> (bug #1013282)
[bullseye] - imagemagick <no-dsa> (Minor issue)
[buster] - imagemagick <ignored> (Minor issue)
NOTE: https://github.com/ImageMagick/ImageMagick/commit/70aa86f5d5d8aa605a918ed51f7574f433a18482
@@ -106742,7 +106742,7 @@ CVE-2021-20313 (A flaw was found in ImageMagick in versions before 7.0.11. A pot
CVE-2021-20312 (A flaw was found in ImageMagick in versions 7.0.11, where an integer o ...)
{DLA-2672-1}
[experimental] - imagemagick 8:6.9.12.20+dfsg1-1
- - imagemagick <unfixed>
+ - imagemagick <unfixed> (bug #1013282)
[bullseye] - imagemagick <ignored> (Minor issue)
[buster] - imagemagick <ignored> (Minor issue)
NOTE: https://github.com/ImageMagick/ImageMagick/commit/70aa86f5d5d8aa605a918ed51f7574f433a18482
@@ -106757,7 +106757,7 @@ CVE-2021-20310 (A flaw was found in ImageMagick in versions before 7.0.11, where
CVE-2021-20309 (A flaw was found in ImageMagick in versions before 7.0.11 and before 6 ...)
{DLA-2672-1}
[experimental] - imagemagick 8:6.9.12.20+dfsg1-1
- - imagemagick <unfixed>
+ - imagemagick <unfixed> (bug #1013282)
[bullseye] - imagemagick <ignored> (Minor issue)
[buster] - imagemagick <ignored> (Minor issue)
NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/94174beff065cb5683d09d79e992c3ebbdead311
@@ -107053,7 +107053,7 @@ CVE-2021-20247 (A flaw was found in mbsync before v1.3.5 and v1.4.1. Validations
CVE-2021-20246 (A flaw was found in ImageMagick in MagickCore/resample.c. An attacker ...)
{DLA-2602-1}
[experimental] - imagemagick 8:6.9.12.20+dfsg1-1
- - imagemagick <unfixed>
+ - imagemagick <unfixed> (bug #1013282)
[bullseye] - imagemagick <ignored> (Minor issue)
[buster] - imagemagick <ignored> (Minor issue)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/3195
@@ -107062,7 +107062,7 @@ CVE-2021-20246 (A flaw was found in ImageMagick in MagickCore/resample.c. An att
CVE-2021-20245 (A flaw was found in ImageMagick in coders/webp.c. An attacker who subm ...)
{DLA-2672-1}
[experimental] - imagemagick 8:6.9.12.20+dfsg1-1
- - imagemagick <unfixed>
+ - imagemagick <unfixed> (bug #1013282)
[bullseye] - imagemagick <ignored> (Minor issue)
[buster] - imagemagick <ignored> (Minor issue)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/3176
@@ -107071,7 +107071,7 @@ CVE-2021-20245 (A flaw was found in ImageMagick in coders/webp.c. An attacker wh
CVE-2021-20244 (A flaw was found in ImageMagick in MagickCore/visual-effects.c. An att ...)
{DLA-2602-1}
[experimental] - imagemagick 8:6.9.12.20+dfsg1-1
- - imagemagick <unfixed>
+ - imagemagick <unfixed> (bug #1013282)
[bullseye] - imagemagick <ignored> (Minor issue)
[buster] - imagemagick <ignored> (Minor issue)
NOTE: https://github.com/ImageMagick/ImageMagick/pull/3194
@@ -107080,7 +107080,7 @@ CVE-2021-20244 (A flaw was found in ImageMagick in MagickCore/visual-effects.c.
CVE-2021-20243 (A flaw was found in ImageMagick in MagickCore/resize.c. An attacker wh ...)
{DLA-2672-1}
[experimental] - imagemagick 8:6.9.12.20+dfsg1-1
- - imagemagick <unfixed>
+ - imagemagick <unfixed> (bug #1013282)
[bullseye] - imagemagick <ignored> (Minor issue)
[buster] - imagemagick <ignored> (Minor issue)
NOTE: https://github.com/ImageMagick/ImageMagick/pull/3193
@@ -107091,7 +107091,7 @@ CVE-2021-20242
CVE-2021-20241 (A flaw was found in ImageMagick in coders/jp2.c. An attacker who submi ...)
{DLA-2602-1}
[experimental] - imagemagick 8:6.9.12.20+dfsg1-1
- - imagemagick <unfixed>
+ - imagemagick <unfixed> (bug #1013282)
[bullseye] - imagemagick <ignored> (Minor issue)
[buster] - imagemagick <ignored> (Minor issue)
NOTE: https://github.com/ImageMagick/ImageMagick/pull/3177
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a02ac962d4aca916f26d4446d5389bbb2557634b
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a02ac962d4aca916f26d4446d5389bbb2557634b
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220620/963ec294/attachment.htm>
More information about the debian-security-tracker-commits
mailing list