[Git][security-tracker-team/security-tracker][master] Add CVE-2019-11470/imagemagick

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
4f0330c0 by Salvatore Bonaccorso at 2019-04-23T20:51:28Z
Add CVE-2019-11470/imagemagick

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -37,7 +37,9 @@ CVE-2019-11471 (libheif 1.4.0 has a use-after-free in 
heif::HeifContext::Image::
        NOTE: 
https://github.com/strukturag/libheif/commit/995a4283d8ed2d0d2c1ceb1a577b993df2f0e014
        NOTE: https://github.com/strukturag/libheif/issues/123
 CVE-2019-11470 (The cineon parsing component in ImageMagick 7.0.8-26 Q16 
allows attack ...)
-       TODO: check
+       - imagemagick <unfixed>
+       NOTE: https://github.com/ImageMagick/ImageMagick/issues/1472
+       NOTE: 
https://github.com/ImageMagick/ImageMagick6/commit/a0473b29add9521ffd4c74f6f623b418811762b0
 CVE-2018-20822 (LibSass 3.5.4 allows attackers to cause a denial-of-service 
(uncontrol ...)
        TODO: check
 CVE-2018-20821 (The parsing component in LibSass through 3.5.5 allows 
attackers to cau ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/4f0330c040ab4fedd9035baa8c5c4782a6464d6d

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/4f0330c040ab4fedd9035baa8c5c4782a6464d6d
You're receiving this email because of your account on salsa.debian.org.


_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits