[Secure-testing-commits] r57526 - data/CVE

Moritz Muehlenhoff Fri, 10 Nov 2017 01:32:31 -0800

Author: jmm
Date: 2017-11-10 09:32:03 +0000 (Fri, 10 Nov 2017)
New Revision: 57526


Modified:
   data/CVE/list
Log:
imagemagick n/a
NFUs


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-11-10 09:10:26 UTC (rev 57525)
+++ data/CVE/list       2017-11-10 09:32:03 UTC (rev 57526)
@@ -9,11 +9,11 @@
 CVE-2017-16760
        RESERVED
 CVE-2017-16759 (The installation process in LibreNMS before 2017-08-18 allows 
remote ...)
-       TODO: check
+       NOT-FOR-US: LibreNMS
 CVE-2017-16758 (Cross-site scripting (XSS) vulnerability in ...)
-       TODO: check
+       NOT-FOR-US: Wordpress plugin
 CVE-2017-16757 (Hola VPN 1.34 has weak permissions (Everyone:F) under 
%PROGRAMFILES%, ...)
-       TODO: check
+       NOT-FOR-US: Hola VPN
 CVE-2017-16756
        RESERVED
 CVE-2017-16755
@@ -11062,8 +11062,8 @@
        NOTE: ImageMagick-6: 
https://github.com/ImageMagick/ImageMagick/commit/98dda239ec398dd56453460849b4c9057fc424e5
        NOTE: ImageMagick-7: 
https://github.com/ImageMagick/ImageMagick/commit/04178de2247e353fc095846784b9a10fefdbf890
 CVE-2017-12876 (Heap-based buffer overflow in enhance.c in ImageMagick before 
7.0.6-6 ...)
-       - imagemagick <unfixed> (bug #872374)
-       [wheezy] - imagemagick <not-affected> (Vulnerable code not present)
+       [experimental] - imagemagick <unfixed> (bug #872374)
+       - imagemagick <not-affected> (Specific to Imagemagick 7, 6.x uses fixed 
pixel cache morphology)
        NOTE: https://github.com/ImageMagick/ImageMagick/issues/663
        NOTE: 
https://github.com/ImageMagick/ImageMagick/commit/1cc6f0ccc92c20c7cab6c4a7335daf29c91f0d8e
 CVE-2017-12875 (The WritePixelCachePixels function in ImageMagick 7.0.6-6 
allows ...)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r57526 - data/CVE

Reply via email to