Author: carnil Date: 2017-08-23 18:57:11 +0000 (Wed, 23 Aug 2017) New Revision: 55003
Modified: data/CVE/list Log: Record fixes for imagemagick done in experimental Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-08-23 18:54:51 UTC (rev 55002) +++ data/CVE/list 2017-08-23 18:57:11 UTC (rev 55003) @@ -1708,6 +1708,7 @@ - imagemagick 8:6.9.7.4+dfsg-14 (bug #870022) NOTE: https://github.com/ImageMagick/ImageMagick/issues/616 CVE-2017-12674 (In ImageMagick 7.0.6-2, a CPU exhaustion vulnerability was found in the ...) + [experimental] - imagemagick 8:6.9.9.6+dfsg-1 - imagemagick <unfixed> (bug #872609) NOTE: https://github.com/ImageMagick/ImageMagick/issues/604 NOTE: https://github.com/ImageMagick/ImageMagick/commit/91651bd482b6637cf650700ffd7b3b63de1cb049 @@ -1780,6 +1781,7 @@ CVE-2017-12645 (XSS exists in Liferay Portal before 7.0 CE GA4 via an invalid ...) NOT-FOR-US: Liferay Portal CVE-2017-12644 (ImageMagick 7.0.6-1 has a memory leak vulnerability in ReadDCMImage in ...) + [experimental] - imagemagick 8:6.9.9.6+dfsg-1 - imagemagick <unfixed> (unimportant) NOTE: https://github.com/ImageMagick/ImageMagick/issues/551 NOTE: https://github.com/ImageMagick/ImageMagick/commit/a33f7498f9052b50e8fe8c8422a11ba84474cb42 @@ -2320,6 +2322,7 @@ NOTE: https://github.com/ImageMagick/ImageMagick/commit/2dd8d55742fce7d079b6a16039c18e49c091224f NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/44cb8dfd4cbe6fc475c863a5946cff64e34c2088 CVE-2017-12433 (In ImageMagick 7.0.6-1, a memory leak vulnerability was found in the ...) + [experimental] - imagemagick 8:6.9.9.6+dfsg-1 - imagemagick <unfixed> (unimportant; bug #872481) NOTE: https://github.com/ImageMagick/ImageMagick/issues/548 NOTE: https://github.com/ImageMagick/ImageMagick/commit/7beec9a7a8a5701652b313e6e94bafd36b3627dc @@ -2367,6 +2370,7 @@ [wheezy] - mantis <end-of-life> (Not supported in Wheezy) NOTE: https://mantisbt.org/bugs/view.php?id=23173 CVE-2017-12418 (ImageMagick 7.0.6-5 has memory leaks in the parse8BIMW and format8BIM ...) + [experimental] - imagemagick 8:6.9.9.6+dfsg-1 - imagemagick <unfixed> (unimportant; bug #872498) NOTE: https://github.com/ImageMagick/ImageMagick/issues/643 NOTE: https://github.com/ImageMagick/ImageMagick/commit/46382526a3f09cebf9f2af680fc55b2a668fcbef @@ -2942,6 +2946,7 @@ - libytnef <unfixed> (bug #870815) NOTE: https://github.com/Yeraze/ytnef/issues/50 CVE-2017-12140 (The ReadDCMImage function in coders\dcm.c in ImageMagick 7.0.6-1 has an ...) + [experimental] - imagemagick 8:6.9.9.6+dfsg-1 - imagemagick <unfixed> NOTE: https://github.com/ImageMagick/ImageMagick/issues/533 NOTE: https://github.com/ImageMagick/ImageMagick/commit/94933146cb2d9d95889a385f08d5eb5f92d4e3cd @@ -19271,6 +19276,7 @@ NOTE: https://github.com/qbittorrent/qBittorrent/commit/6ca3e4f094da0a0017cb2d483ec1db6176bb0b16 NOTE: Fixed upstream in 3.3.11 CVE-2017-6502 (An issue was discovered in ImageMagick 6.9.7. A specially crafted webp ...) + [experimental] - imagemagick 8:6.9.9.6+dfsg-1 - imagemagick <unfixed> (unimportant; bug #856883) NOTE: webp is disable under Debian, cf. https://bugs.debian.org/856883#14 NOTE: https://github.com/ImageMagick/ImageMagick/commit/126c7c98ea788241922c30df4a5633ea692cf8df _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits