Author: jmm
Date: 2017-08-30 21:22:55 +0000 (Wed, 30 Aug 2017)
New Revision: 55273
Modified:
data/CVE/list
Log:
new imagemagick issues
NFU
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-08-30 21:14:46 UTC (rev 55272)
+++ data/CVE/list 2017-08-30 21:22:55 UTC (rev 55273)
@@ -505,7 +505,7 @@
CVE-2017-13781
RESERVED
CVE-2017-13780 (The EyesOfNetwork web interface (aka eonweb) 5.1-0 allows
directory ...)
- TODO: check
+ NOT-FOR-US: EyesOfNetwork (EON)
CVE-2017-14032 (ARM mbed TLS before 1.3.21 and 2.x before 2.1.9, if optional
...)
- mbedtls 2.6.0-1 (bug #873557)
- polarssl <removed>
@@ -539,9 +539,14 @@
CVE-2017-13770
RESERVED
CVE-2017-13769 (The WriteTHUMBNAILImage function in coders/thumbnail.c in
ImageMagick ...)
- TODO: check
+ - imagemagick <unfixed> (low)
+ NOTE: https://github.com/ImageMagick/ImageMagick/issues/705
+ NOTE:
https://github.com/ImageMagick/ImageMagick/commit/abb9d1322317733b799e8b87b2e346b3038f3260
+ NOTE:
ttps://github.com/ImageMagick/ImageMagick/commit/457e63263de6f732785608504b6e607799ad3dd5
CVE-2017-13768 (Null Pointer Dereference in the IdentifyImage function in ...)
- TODO: check
+ - imagemagick <unfixed> (low)
+ NOTE: https://github.com/ImageMagick/ImageMagick/issues/706
+ NOTE:
https://github.com/ImageMagick/ImageMagick/commit/2c1b360d80e5f8f7c7108c0afedde64ab79318ff
CVE-2017-13767 (In Wireshark 2.4.0, 2.2.0 to 2.2.8, and 2.0.0 to 2.0.14, the
MSDP ...)
- wireshark <unfixed>
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13933
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
