Author: sectracker
Date: 2016-12-27 09:10:12 +0000 (Tue, 27 Dec 2016)
New Revision: 47485
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-12-27 07:56:35 UTC (rev 47484)
+++ data/CVE/list 2016-12-27 09:10:12 UTC (rev 47485)
@@ -9214,18 +9214,21 @@
- tomcat6 6.0.41-3
NOTE: Since 6.0.41-3, src:tomcat6 only builds a servlet and docs in
Jessie
CVE-2016-10071 [mat file out of bound]
+ {DSA-3726-1 DLA-756-1}
- imagemagick 8:6.9.6.2+dfsg-2 (bug #845246)
NOTE: https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1545366
NOTE: https://github.com/ImageMagick/ImageMagick/issues/131
NOTE:
https://github.com/ImageMagick/ImageMagick/commit/f3b483e8b054c50149912523b4773687e18afe25
NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
CVE-2016-10070 [mat file out of bound]
+ {DSA-3726-1 DLA-756-1}
- imagemagick 8:6.9.6.2+dfsg-2 (bug #845246)
NOTE: https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1545366
NOTE: https://github.com/ImageMagick/ImageMagick/issues/131
NOTE:
https://github.com/ImageMagick/ImageMagick/commit/b173a352397877775c51c9a0e9d59eb6ce24c455
NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
CVE-2016-10069 [Add check for invalid mat file]
+ {DSA-3726-1 DLA-756-1}
- imagemagick 8:6.9.6.2+dfsg-2 (bug #845244)
NOTE:
https://github.com/ImageMagick/ImageMagick/commit/8a370f9ab120faf182aa160900ba692ba8e2bcf0
NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
@@ -9251,6 +9254,7 @@
NOTE:
https://github.com/ImageMagick/ImageMagick/commit/174de08d7c81ce147689f3b1c73fadd6bf1c023c
NOTE:
https://github.com/ImageMagick/ImageMagick/commit/ce98a7acbcfca7f0a178f4b1e7b957e419e0cc99
(master)
CVE-2016-10068 [Prevent fault in MSL interpreter]
+ {DLA-756-1}
- imagemagick 8:6.9.6.5+dfsg-1 (bug #845241)
NOTE:
https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=30797
NOTE:
https://github.com/ImageMagick/ImageMagick/commit/56d6e20de489113617cbbddaf41e92600a34db22
@@ -9262,24 +9266,29 @@
NOTE:
https://github.com/ImageMagick/ImageMagick/commit/4ec444f4eab88cf4bec664fafcf9cab50bc5ff6a
NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
CVE-2016-10067
+ {DSA-3726-1 DLA-756-1}
- imagemagick 8:6.9.6.2+dfsg-2 (bug #845213)
NOTE:
https://github.com/ImageMagick/ImageMagick/commit/0474237508f39c4f783208123431815f1ededb76
NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
CVE-2016-10066
+ {DSA-3726-1 DLA-756-1}
- imagemagick 8:6.9.6.2+dfsg-2 (bug #845213)
NOTE:
https://github.com/ImageMagick/ImageMagick/commit/0474237508f39c4f783208123431815f1ededb76
NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
CVE-2016-10065 [Fix out of bound read in viff file handling]
+ {DSA-3726-1 DLA-756-1}
- imagemagick 8:6.9.6.2+dfsg-2 (bug #845212)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/129
NOTE:
https://github.com/ImageMagick/ImageMagick/commit/134463b926fa965571aa4febd61b810be5e7da05
NOTE: https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1545183
NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
CVE-2016-10064 [Better check for bufferoverflow for TIFF handling]
+ {DSA-3726-1 DLA-756-1}
- imagemagick 8:6.9.6.2+dfsg-2 (bug #845202)
NOTE:
https://github.com/ImageMagick/ImageMagick/commit/f8877abac8e568b2f339cca70c2c3c1b6eaec288
NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
CVE-2016-10063 [Check validity of extend during TIFF file reading]
+ {DSA-3726-1 DLA-756-1}
- imagemagick 8:6.9.6.2+dfsg-2 (bug #845198)
NOTE:
https://github.com/ImageMagick/ImageMagick/commit/2bb6941a2d557f26a2f2049ade466e118eeaab91
NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
@@ -9293,17 +9302,20 @@
NOTE: 4e914bbe371433f0590cefdf3bd5f3a5710069f9 upstream. It is not the
same
NOTE: as the fputc issue in ReadGROUP4Image.
CVE-2016-10061 [Check return of write function]
+ {DSA-3726-1 DLA-756-1}
- imagemagick 8:6.9.6.2+dfsg-2 (bug #845196)
NOTE:
https://github.com/ImageMagick/ImageMagick/commit/4e914bbe371433f0590cefdf3bd5f3a5710069f9
NOTE: https://github.com/ImageMagick/ImageMagick/issues/196
NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
CVE-2016-10060 [Check return of write function]
+ {DLA-756-1}
- imagemagick 8:6.9.6.2+dfsg-2 (bug #845196)
NOTE:
https://github.com/ImageMagick/ImageMagick/commit/933e96f01a8c889c7bf5ffd30020e86a02a046e7
NOTE: https://github.com/ImageMagick/ImageMagick/issues/196
NOTE: latter patch was missing from 8:6.8.9.9-5+deb8u6 upload so
DSA-3726-1 was incomplete
NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
CVE-2016-10059 [Imagemagick (jessie and older) buffer overflow]
+ {DSA-3726-1 DLA-756-1}
- imagemagick 8:6.9.6.2+dfsg-2 (bug #845195)
NOTE: Fixed by:
https://github.com/ImageMagick/ImageMagick/commit/58cf5bf4fade82e3b510e8f3463a967278a3e410
NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
@@ -16792,22 +16804,27 @@
- linux 4.1.3-1
NOTE: Fixed by:
https://git.kernel.org/linus/8fff105e13041e49b82f92eef034f363a6b1c071 (4.1-rc1)
CVE-2016-10057
+ {DSA-3675-1 DLA-731-1}
- imagemagick 8:6.9.6.2+dfsg-2 (bug #836172)
NOTE:
https://github.com/ImageMagick/ImageMagick/commit/10b3823a7619ed22d42764733eb052c4159bc8c1
NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
CVE-2016-10056
+ {DSA-3675-1 DLA-731-1}
- imagemagick 8:6.9.6.2+dfsg-2 (bug #836172)
NOTE:
https://github.com/ImageMagick/ImageMagick/commit/10b3823a7619ed22d42764733eb052c4159bc8c1
NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
CVE-2016-10055
+ {DSA-3675-1 DLA-731-1}
- imagemagick 8:6.9.6.2+dfsg-2 (bug #836172)
NOTE:
https://github.com/ImageMagick/ImageMagick/commit/10b3823a7619ed22d42764733eb052c4159bc8c1
NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
CVE-2016-10054
+ {DSA-3675-1 DLA-731-1}
- imagemagick 8:6.9.6.2+dfsg-2 (bug #836172)
NOTE:
https://github.com/ImageMagick/ImageMagick/commit/10b3823a7619ed22d42764733eb052c4159bc8c1
NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
CVE-2016-10053 [TIFF divide by zero]
+ {DSA-3675-1}
- imagemagick 8:6.9.6.2+dfsg-2 (bug #836171)
[wheezy] - imagemagick <not-affected> (Vulnerability likely introduced
in a version after 6.7.7.10)
NOTE:
https://github.com/ImageMagick/ImageMagick/commit/f983dcdf9c178e0cbc49608a78713c5669aa1bb5
@@ -17737,6 +17754,7 @@
- imagemagick 8:6.9.6.2+dfsg-2 (bug #834504)
NOTE:
https://github.com/ImageMagick/ImageMagick/commit/4cc6ec8a4197d4c008577127736bf7985d632323
CVE-2016-10052 [Out-of-bound in exif (jpeg) reader]
+ {DSA-3652-1 DLA-731-1}
- imagemagick 8:6.9.6.2+dfsg-2 (bug #834501)
NOTE:
https://github.com/ImageMagick/ImageMagick/commit/9e187b73a8a1290bb0e1a1c878f8be1917aa8742
NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
@@ -17992,6 +18010,7 @@
[jessie] - linux 3.16.7-ckt17-1
NOTE: Fixed by:
https://git.kernel.org/linus/6829e274a623187c24f7cfc0e3d35f25d087fcc5 (4.1-rc2)
CVE-2016-10051 [Double free]
+ {DSA-3652-1 DLA-731-1}
- imagemagick 8:6.9.6.2+dfsg-2 (bug #834183)
NOTE:
https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=30245
NOTE:
https://github.com/ImageMagick/ImageMagick/commit/ecc03a2518c2b7dd375fde3a040fdae0bdf6a521
@@ -18156,25 +18175,30 @@
CVE-2016-1000038
RESERVED
CVE-2016-10050 [RLE check for pixel offset less than 0]
+ {DSA-3652-1 DLA-731-1}
- imagemagick 8:6.9.6.2+dfsg-2 (bug #833744)
NOTE:
https://github.com/ImageMagick/ImageMagick/commit/73fb0aac5b958521e1511e179ecc0ad49f70ebaf
NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
CVE-2016-10049 [Segfault in ReadRLEImage]
+ {DSA-3652-1}
- imagemagick 8:6.9.6.2+dfsg-2 (bug #833743)
[wheezy] - imagemagick <not-affected> (Vulnerability likely introduced
in a version after 6.7.7.10)
NOTE:
https://github.com/ImageMagick/ImageMagick/commit/3e9165285eda6e1bb71172031d3048b51bb443a4
NOTE:
https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=29710
NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
CVE-2016-10048 [Coder path transversal]
+ {DSA-3652-1 DLA-731-1}
- imagemagick 8:6.9.5.7+dfsg-1 (bug #833735)
NOTE:
https://github.com/ImageMagick/ImageMagick/commit/fc6080f1321fd21e86ef916195cc110b05d9effb
NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
CVE-2016-10047 [memory leak]
+ {DSA-3652-1}
- imagemagick 8:6.9.6.2+dfsg-2 (bug #833732)
[wheezy] - imagemagick <not-affected> (Vulnerable code not present in
version 6.7.7.10)
NOTE:
https://github.com/ImageMagick/ImageMagick/commit/fc6080f1321fd21e86ef916195cc110b05d9effb
NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
CVE-2016-10046 [Buffer overflow in draw.c]
+ {DSA-3652-1 DLA-731-1}
- imagemagick 8:6.9.6.2+dfsg-2 (bug #833730)
NOTE:
https://github.com/ImageMagick/ImageMagick/commit/989f9f88ea6db09b99d25586e912c921c0da8d3f
NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
