Author: carnil Date: 2017-09-12 08:15:55 +0000 (Tue, 12 Sep 2017) New Revision: 55679
Modified: data/CVE/list Log: Clarify note for CVE-2017-14103 Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-09-12 06:37:35 UTC (rev 55678) +++ data/CVE/list 2017-09-12 08:15:55 UTC (rev 55679) @@ -591,8 +591,8 @@ NOTE: Fixed by: https://git.kernel.org/linus/499350a5a6e7512d9ed369ed63a4244b6536f4f8 (v4.12-rc3) CVE-2017-14103 (The ReadJNGImage and ReadOneJNGImage functions in coders/png.c in ...) - graphicsmagick 1.3.26-8 - [stretch] - graphicsmagick <not-affected> (Incomplete fix not applied) - [jessie] - graphicsmagick <not-affected> (Incomplete fix not applied) + [stretch] - graphicsmagick <not-affected> (Incomplete fix for CVE-2017-11403 not applied) + [jessie] - graphicsmagick <not-affected> (Incomplete fix for CVE-2017-11403 not applied) NOTE: Fixed by: http://hg.code.sf.net/p/graphicsmagick/code/rev/98721124e51f NOTE: http://www.openwall.com/lists/oss-security/2017/09/01/6 NOTE: https://blogs.gentoo.org/ago/2017/07/12/graphicsmagick-use-after-free-in-closeblob-blob-c/ _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits