subject:"\[Git\]\[security\-tracker\-team\/security\-tracker\]\[master\] 2 commits\: Triage imagemagick for Jessie."

[Git][security-tracker-team/security-tracker][master] 2 commits: Triage imagemagick for Jessie. Remove no-dsa/ignored tags for upcoming DLA

2019-05-13 Thread Markus Koschany



Markus Koschany pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
fb266560 by Markus Koschany at 2019-05-13T17:55:32Z
Triage imagemagick for Jessie. Remove no-dsa/ignored tags for upcoming DLA

- - - - -
14ba241c by Markus Koschany at 2019-05-13T17:55:32Z
Reserve DLA-1785-1 for imagemagick

- - - - -


3 changed files:

- data/CVE/list
- data/DLA/list
- data/dla-needed.txt


Changes:

=
data/CVE/list
=
@@ -53310,7 +53310,6 @@ CVE-2017-18273 (In ImageMagick 7.0.7-16 Q16 x86_64 
2017-12-22, an infinite loop
{DLA-1381-1}
- imagemagick 8:6.9.9.34+dfsg-3 (low)
[stretch] - imagemagick  (Minor issue)
-   [jessie] - imagemagick  (Minor issue)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/910
NOTE: 
https://github.com/ImageMagick/ImageMagick/commit/b8fcb59e9e1d1189caf2e0f5e39346944dcd6b9d
 CVE-2017-18272 (In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-25, there is a 
use-after-fr ...)
@@ -53324,7 +53323,6 @@ CVE-2017-18271 (In ImageMagick 7.0.7-16 Q16 x86_64 
2017-12-22, an infinite loop
{DLA-1381-1}
- imagemagick 8:6.9.9.34+dfsg-3 (low)
[stretch] - imagemagick  (Minor issue)
-   [jessie] - imagemagick  (Minor issue)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/911
NOTE: 
https://github.com/ImageMagick/ImageMagick/commit/7523250e2664028aa1d8f02d2d7ae49c769a851e
 CVE-2017-18269 (An SSE2-optimized memmove implementation for i386 in 
sysdeps/i386/i686 ...)
@@ -71658,7 +71656,6 @@ CVE-2017-1000476 (ImageMagick 7.0.7-12 Q16, a CPU 
exhaustion vulnerability was f
{DLA-1229-1}
- imagemagick 8:6.9.9.34+dfsg-3
[stretch] - imagemagick  (Minor issue)
-   [jessie] - imagemagick  (Minor issue)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/867
NOTE: ImageMagick-6: 
https://github.com/ImageMagick/ImageMagick/commit/e5dae180b9236bccd73ce93bfce81e99232a8533
 CVE-2017-1000473 (Linux Dash up to version v2 is vulnerable to multiple 
command injectio ...)
@@ -74145,7 +74142,6 @@ CVE-2017-1000445 (ImageMagick 7.0.7-1 and older version 
are vulnerable to null p
{DLA-1229-1}
- imagemagick 8:6.9.9.34+dfsg-3 (bug #886281)
[stretch] - imagemagick  (Minor issue)
-   [jessie] - imagemagick  (Minor issue)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/775
NOTE: 
https://github.com/ImageMagick/ImageMagick/commit/441fde32557eb3cec573b0f877ac324173feed7f
NOTE: ImageMagick-6: 
https://github.com/ImageMagick/ImageMagick/commit/839a14e43d0c88db7b3fffe8aa4ec57d80c93623
@@ -75031,7 +75027,6 @@ CVE-2017-17914 (In ImageMagick 7.0.7-16 Q16, a 
vulnerability was found in the fu
{DLA-1227-1}
- imagemagick 8:6.9.9.34+dfsg-3 (bug #886584)
[stretch] - imagemagick  (Minor issue)
-   [jessie] - imagemagick  (Minor issue)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/908
NOTE: 
https://github.com/ImageMagick/ImageMagick/commit/650ec57d84b7b1dce66435b8cd3b58f7ae66db1b
NOTE: ImageMagick-6: 
https://github.com/ImageMagick/ImageMagick/commit/42781eeebadf111a2e01559735ea504a78192046
@@ -80839,7 +80834,6 @@ CVE-2017-17682 (In ImageMagick 7.0.7-12 Q16, a large 
loop vulnerability was foun
{DLA-1227-1}
- imagemagick 8:6.9.9.34+dfsg-3 (low; bug #885942)
[stretch] - imagemagick  (Minor issue)
-   [jessie] - imagemagick  (Minor issue)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/870
NOTE: ImageMagick-6: 
https://github.com/ImageMagick/ImageMagick/commit/da649f031e36753c69268c5c027e695b8ae45e9a
NOTE: 
https://github.com/ImageMagick/ImageMagick/commit/06c8dd4de59e48d282d4f224faa64ab9012a711a
@@ -91269,7 +91263,6 @@ CVE-2017-15281 (ReadPSDImage in coders/psd.c in 
ImageMagick 7.0.7-6 allows remot
{DLA-1139-1}
- imagemagick 8:6.9.9.34+dfsg-3 (low; bug #878579)
[stretch] - imagemagick  (Minor issue)
-   [jessie] - imagemagick  (Minor issue)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/832
NOTE: ImageMagick-6: 
https://github.com/ImageMagick/ImageMagick/commit/e9d1c2adae866861a291535997b2263f26becb1e
NOTE: 
https://github.com/ImageMagick/ImageMagick/commit/32cbfc57962321b2ead627129c9d9ffbfcdb
@@ -92235,7 +92228,6 @@ CVE-2017-15017 (ImageMagick 7.0.7-0 Q16 has a NULL 
pointer dereference vulnerabi
{DLA-1131-1}
- imagemagick 8:6.9.9.34+dfsg-3 (low; bug #878554)
[stretch] - imagemagick  (Minor issue)
-   [jessie] - imagemagick  (Minor issue)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/723
NOTE: ImageMagick-6: 
https://github.com/ImageMagick/ImageMagick/commit/5a1006a249516a875558c3d642e719b1eac8f820
NOTE: 
https://github.com/ImageMagick/ImageMagick/commit/0cff8bac0a47f8693cfe57f026fcd752689ff375
@@ -92249,7 +922

[Git][security-tracker-team/security-tracker][master] 2 commits: Triage imagemagick for Jessie.

2018-10-14 Thread Markus Koschany

Markus Koschany pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
b48aa5dc by Markus Koschany at 2018-10-14T19:55:05Z
Triage imagemagick for Jessie.

- - - - -
2a1a767f by Markus Koschany at 2018-10-14T19:55:29Z
Merge branch 'master' of 
salsa.debian.org:security-tracker-team/security-tracker

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -764,12 +764,14 @@ CVE-2018-18025 (In ImageMagick 7.0.8-13 Q16, there is a 
heap-based buffer over-r
 CVE-2018-18024 (In ImageMagick 7.0.8-13 Q16, there is an infinite loop in the 
...)
- imagemagick  (low)
[stretch] - imagemagick  (Minor issue)
+   [jessie] - imagemagick  (Minor issue)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/1337
NOTE: 
https://github.com/ImageMagick/ImageMagick/commit/948f1c86d649a29df08a38d2ff8b91cdf3e92b82
NOTE: ImageMagick6: 
https://github.com/ImageMagick/ImageMagick6/commit/b268ce7a59440972f4476b9fd98104b6a836d971
 CVE-2018-18023 (In ImageMagick 7.0.8-13 Q16, there is a heap-based buffer 
over-read in ...)
- imagemagick 
[stretch] - imagemagick  (Vulnerable code not present)
+   [jessie] - imagemagick  (Vulnerable code not present)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/1336
NOTE: 
https://github.com/ImageMagick/ImageMagick/commit/5d71e23b853461dd3628cd1218834fcf13938365
NOTE: ImageMagick6: 
https://github.com/ImageMagick/ImageMagick6/commit/a5db4873626f702d2ddd8bc293573493e0a412c0



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/compare/6526309ed859686fa19469392830f0221460c96b...2a1a767fc6ea89ff867fff49d5dca3f676258c11

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/compare/6526309ed859686fa19469392830f0221460c96b...2a1a767fc6ea89ff867fff49d5dca3f676258c11
You're receiving this email because of your account on salsa.debian.org.
___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] 2 commits: Triage imagemagick for Jessie. Remove no-dsa/ignored tags for upcoming DLA

[Git][security-tracker-team/security-tracker][master] 2 commits: Triage imagemagick for Jessie.

2 matches

Site Navigation

Mail list logo

Footer information