[Secure-testing-commits] r55679 - data/CVE

Salvatore Bonaccorso Tue, 12 Sep 2017 01:25:32 -0700

Author: carnil
Date: 2017-09-12 08:15:55 +0000 (Tue, 12 Sep 2017)
New Revision: 55679


Modified:
   data/CVE/list
Log:
Clarify note for CVE-2017-14103

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-09-12 06:37:35 UTC (rev 55678)
+++ data/CVE/list       2017-09-12 08:15:55 UTC (rev 55679)
@@ -591,8 +591,8 @@
        NOTE: Fixed by: 
https://git.kernel.org/linus/499350a5a6e7512d9ed369ed63a4244b6536f4f8 
(v4.12-rc3)
 CVE-2017-14103 (The ReadJNGImage and ReadOneJNGImage functions in coders/png.c 
in ...)
        - graphicsmagick 1.3.26-8
-       [stretch] - graphicsmagick <not-affected> (Incomplete fix not applied)
-       [jessie] - graphicsmagick <not-affected> (Incomplete fix not applied)
+       [stretch] - graphicsmagick <not-affected> (Incomplete fix for 
CVE-2017-11403 not applied)
+       [jessie] - graphicsmagick <not-affected> (Incomplete fix for 
CVE-2017-11403 not applied)
        NOTE: Fixed by: 
http://hg.code.sf.net/p/graphicsmagick/code/rev/98721124e51f
        NOTE: http://www.openwall.com/lists/oss-security/2017/09/01/6
        NOTE: 
https://blogs.gentoo.org/ago/2017/07/12/graphicsmagick-use-after-free-in-closeblob-blob-c/


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r55679 - data/CVE

Reply via email to