[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Process three imagemagick issues

Tue, 20 Mar 2018 04:13:31 -0700 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
32b4dc81 by Salvatore Bonaccorso at 2018-03-20T12:12:28+01:00
Process three imagemagick issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -3340,7 +3340,7 @@ CVE-2018-7472 (INVT Studio 1.2 allows remote attackers to 
cause a denial of serv
 CVE-2018-7471 (KingView 7.5SP1 has an integer overflow during stgopenstorage 
API read ...)
        NOT-FOR-US: KingView
 CVE-2018-7470 (An issue was discovered in ImageMagick 7.0.7-22 Q16. The ...)
-       - imagemagick <unfixed> (unimportant; bug #891420)
+       - imagemagick 8:6.9.9.39+dfsg-1 (unimportant; bug #891420)
        NOTE: https://github.com/ImageMagick/ImageMagick/issues/998
        NOTE: 
https://github.com/ImageMagick/ImageMagick/commit/9e80713e5132a3bd26702ee0a833306f7e801469
        NOTE: ImageMagick-6: 
https://github.com/ImageMagick/ImageMagick/commit/8130e12eb30685ef958f4e62fe624da393920be7
@@ -3435,7 +3435,7 @@ CVE-2017-18197 (In mxGraphViewImageReader.java in mxGraph 
before 3.7.6, the ...)
        NOTE: 
https://bitbucket.org/jgraph/mxgraph2/commits/7d159ca3259b961cbb1c51b4ea42cb408c624ff1
 CVE-2018-7443 (The ReadTIFFImage function in coders/tiff.c in ImageMagick 
7.0.7-23 Q16 ...)
        {DLA-1293-1}
-       - imagemagick <unfixed> (low; bug #891291)
+       - imagemagick 8:6.9.9.39+dfsg-1 (low; bug #891291)
        [stretch] - imagemagick <ignored> (Minor issue)
        [jessie] - imagemagick <ignored> (Minor issue)
        NOTE: https://github.com/ImageMagick/ImageMagick/issues/999
@@ -13974,7 +13974,7 @@ CVE-2017-17881 (In ImageMagick 7.0.7-12 Q16, a memory 
leak vulnerability was fou
        NOTE: 
https://github.com/ImageMagick/ImageMagick/commit/ece953bbe14e8514afc23e05e4030eea872e29da
        NOTE: ImageMagick-6: 
https://github.com/ImageMagick/ImageMagick/commit/aa601d79a630f6de0694fadbeee31456a357fa73
 CVE-2017-17880 (In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-21, there is a 
stack-based ...)
-       - imagemagick <unfixed> (unimportant)
+       - imagemagick 8:6.9.9.39+dfsg-1 (unimportant)
        NOTE: https://github.com/ImageMagick/ImageMagick/issues/907
        NOTE: 
https://github.com/ImageMagick/ImageMagick/commit/4b5d1edb02c432040e3ff894d0c461bcce6fd2c9
        NOTE: ImageMagick-6: 
https://github.com/ImageMagick/ImageMagick/commit/663b3b432c202cd2aeda7ea7e82b74cce51ab1cf



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/32b4dc814c2d943d71b318e6a58dedb0c274dd87

---
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/32b4dc814c2d943d71b318e6a58dedb0c274dd87
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to