Author: jmm
Date: 2017-11-14 15:11:08 +0000 (Tue, 14 Nov 2017)
New Revision: 57620
Modified:
data/CVE/list
Log:
new firefox issues
one im issue no-dsa
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-11-14 11:21:08 UTC (rev 57619)
+++ data/CVE/list 2017-11-14 15:11:08 UTC (rev 57620)
@@ -11238,6 +11238,7 @@
NOTE: https://github.com/ImageMagick/ImageMagick/issues/662
NOTE: ImageMagick-6:
https://github.com/ImageMagick/ImageMagick/commit/98dda239ec398dd56453460849b4c9057fc424e5
NOTE: ImageMagick-7:
https://github.com/ImageMagick/ImageMagick/commit/04178de2247e353fc095846784b9a10fefdbf890
+ NOTE: This doesn't affect the base releases, but got introduced via
security fixes, which got backported to older suites
CVE-2017-12876 (Heap-based buffer overflow in enhance.c in ImageMagick before
7.0.6-6 ...)
- imagemagick <not-affected> (Specific to Imagemagick 7, 6.x uses fixed
pixel cache morphology)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/663
@@ -14464,6 +14465,7 @@
CVE-2017-13145 (In ImageMagick before 6.9.8-8 and 7.x before 7.0.5-9, the
ReadJP2Image ...)
{DSA-4019-1}
- imagemagick 8:6.9.7.4+dfsg-13 (bug #869830)
+ [jessie] - imagemagick <no-dsa> (Minor issue)
[wheezy] - imagemagick <not-affected> (Vulnerable code not present)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/501
NOTE:
https://github.com/ImageMagick/ImageMagick/commit/acee073df34aa4d491bf5cb74d3a15fc80f0a3aa
@@ -25784,38 +25786,69 @@
RESERVED
CVE-2017-7842
RESERVED
+ - firefox <unfixed>
+ NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2017-24/#CVE-2017-7842
CVE-2017-7841
RESERVED
CVE-2017-7840
RESERVED
+ - firefox <unfixed>
+ NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2017-24/#CVE-2017-7840
CVE-2017-7839
RESERVED
+ - firefox <unfixed>
+ NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2017-24/#CVE-2017-7839
CVE-2017-7838
RESERVED
+ - firefox <unfixed>
+ NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2017-24/#CVE-2017-7838
CVE-2017-7837
RESERVED
+ - firefox <unfixed>
+ NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2017-24/#CVE-2017-7837
CVE-2017-7836
RESERVED
+ - firefox <unfixed>
+ NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2017-24/#CVE-2017-7836
CVE-2017-7835
RESERVED
+ - firefox <unfixed>
+ NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2017-24/#CVE-2017-7835
CVE-2017-7834
RESERVED
+ - firefox <unfixed>
+ NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2017-24/#CVE-2017-7834
CVE-2017-7833
RESERVED
+ - firefox <unfixed>
+ NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2017-24/#CVE-2017-7833
CVE-2017-7832
RESERVED
+ - firefox <unfixed>
+ NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2017-24/#CVE-2017-7832
CVE-2017-7831
RESERVED
+ - firefox <unfixed>
+ NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2017-24/#CVE-2017-7831
CVE-2017-7830
RESERVED
+ - firefox <unfixed>
+ NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2017-24/#CVE-2017-7830
CVE-2017-7829
RESERVED
CVE-2017-7828
RESERVED
+ - firefox <unfixed>
+ NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2017-24/#CVE-2017-7828
CVE-2017-7827
RESERVED
+ - firefox <unfixed>
+ NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2017-24/#CVE-2017-7827
CVE-2017-7826
RESERVED
+ - firefox <unfixed>
+ - firefox-esr <unfixed>
+ NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2017-24/#CVE-2017-7826
CVE-2017-7825
RESERVED
- firefox <not-affected> (Only affects Firefox on OS X)
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
