[Secure-testing-commits] r39823 - data/CVE

Mon, 22 Feb 2016 15:30:06 -0800 

Author: bam
Date: 2016-02-22 23:29:33 +0000 (Mon, 22 Feb 2016)
New Revision: 39823

Modified:
   data/CVE/list
Log:
Add link to latest CVE request; imagemagic issues


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2016-02-22 22:42:40 UTC (rev 39822)
+++ data/CVE/list       2016-02-22 23:29:33 UTC (rev 39823)
@@ -1958,7 +1958,7 @@
        NOTE: fawour of the C version.
 CVE-2016-XXXX [Multiple minor security issues]
        - imagemagick 8:6.8.9.9-7 (bug #811308)
-       TODO: check, needs possibly CVEs
+       NOTE: CVE Request: 
http://www.openwall.com/lists/oss-security/2016/02/22/4
 CVE-2016-1925 [Improper handling of length parameter inconsitency]
        RESERVED
        - lha <removed> (unimportant)
@@ -9858,6 +9858,7 @@
        NOTE: https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1448803
        NOTE: 
https://github.com/ImageMagick/ImageMagick/commit/0f6fc2d5bf8f500820c3dbcf0d23ee14f2d9f734
        NOTE: CVE Request: 
http://www.openwall.com/lists/oss-security/2015/10/07/2
+       NOTE: CVE Request: 
http://www.openwall.com/lists/oss-security/2016/02/22/4
 CVE-2015-XXXX [Double free in coders/tga.c:221]
        - imagemagick 8:6.8.9.9-6 (bug #806442; bug #799524)
        [jessie] - imagemagick <not-affected> (Can't reproduce crash with file)
@@ -9866,6 +9867,7 @@
        NOTE: https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1490362
        NOTE: 
https://github.com/ImageMagick/ImageMagick/commit/4f68e9661518463fca523c9726bb5d940a2aa6d8
        NOTE: CVE Request: 
http://www.openwall.com/lists/oss-security/2015/10/07/2
+       NOTE: CVE Request: 
http://www.openwall.com/lists/oss-security/2016/02/22/4
        NOTE: The problem can only be triggered with recent versions of 
ImageMagick (8:6.9.1.2-1 in experimental is vulnerable, 8:6.8.9.9-6 in sid is 
not vulnerable, older versions are not vulnerable)
 CVE-2015-XXXX [Integer and Buffer overflow in coders/icon.c]
        - imagemagick 8:6.8.9.9-7 (bug #806441)
@@ -9876,6 +9878,7 @@
        NOTE: https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1459747
        NOTE: 
https://github.com/ImageMagick/ImageMagick/commit/0f6fc2d5bf8f500820c3dbcf0d23ee14f2d9f734
        NOTE: CVE Request: 
http://www.openwall.com/lists/oss-security/2015/10/07/2
+       NOTE: CVE Request: 
http://www.openwall.com/lists/oss-security/2016/02/22/4
        NOTE: The issue is only exploitable on 32 bit architectures.
 CVE-2015-XXXX [EncryptedType uses static IV per key]
        - python-sqlalchemy-utils <unfixed>


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to