Author: sectracker
Date: 2016-10-10 21:10:11 +0000 (Mon, 10 Oct 2016)
New Revision: 45195
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-10-10 20:58:28 UTC (rev 45194)
+++ data/CVE/list 2016-10-10 21:10:11 UTC (rev 45195)
@@ -2298,6 +2298,7 @@
RESERVED
CVE-2016-7800
RESERVED
+ {DLA-651-1}
- graphicsmagick 1.3.25-3
NOTE:
https://sourceforge.net/p/graphicsmagick/code/ci/5c7b6d6094a25e99c57f8b18343914ebfd8213ef/
CVE-2016-7799 [mogrify global buffer overflow]
@@ -3046,6 +3047,7 @@
NOTE:
https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/ac8ac46641adef208485baebc3734463bf0bd266
(n3.1.4)
CVE-2016-7449 [all TIFF related problems due to use of strlcpy use]
RESERVED
+ {DLA-651-1}
- graphicsmagick 1.3.25-1
NOTE: The scope of the CVE is for all of these reported TIFF problems.
NOTE: The ultimate vulnerability was use of:
@@ -3063,10 +3065,12 @@
NOTE: Fixed by
http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/d972c761b55d
CVE-2016-7447 [heap overflow of the EscapeParenthesis() function]
RESERVED
+ {DLA-651-1}
- graphicsmagick 1.3.25-1
NOTE: Fixed by
http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/d580e3c3c034
CVE-2016-7446 [heap buffer overflow issue in MVG/SVG rendering]
RESERVED
+ {DLA-651-1}
- graphicsmagick 1.3.25-1
NOTE: For the http://www.graphicsmagick.org/NEWS.html#september-5-2016
case
NOTE: which remained present in the 1.3.24 release (and was not fixed
until 1.3.25)
@@ -10317,7 +10321,7 @@
- firefox-esr 45.3.0esr-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-72/
CVE-2016-5257 (Multiple unspecified vulnerabilities in the browser engine in
Mozilla ...)
- {DSA-3674-1 DLA-636-1}
+ {DSA-3690-1 DSA-3674-1 DLA-636-1}
- firefox 49.0-1
- firefox-esr 45.4.0esr-1
- icedove 1:45.4.0-1
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
