[Secure-testing-commits] r55707 - in data: . CVE

Tue, 12 Sep 2017 14:17:48 -0700 

Author: jmm
Date: 2017-09-12 21:16:58 +0000 (Tue, 12 Sep 2017)
New Revision: 55707

Modified:
   data/CVE/list
   data/dsa-needed.txt
Log:
xen DSA released
new imagemagick issues


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-09-12 21:14:25 UTC (rev 55706)
+++ data/CVE/list       2017-09-12 21:16:58 UTC (rev 55707)
@@ -7,11 +7,15 @@
 CVE-2017-14344 (This vulnerability allows local attackers to escalate 
privileges on ...)
        NOT-FOR-US: Jungo WinDriver
 CVE-2017-14343 (ImageMagick 7.0.6-6 has a memory leak vulnerability in 
ReadXCFImage in ...)
-       TODO: check
+       - imagemagick <unfixed> (unimportant)
+       NOTE: https://github.com/ImageMagick/ImageMagick/issues/649
 CVE-2017-14342 (ImageMagick 7.0.6-6 has a memory exhaustion vulnerability in 
...)
-       TODO: check
+       - imagemagick <unfixed> (unimportant)
+       NOTE: https://github.com/ImageMagick/ImageMagick/issues/650
 CVE-2017-14341 (ImageMagick 7.0.6-6 has a large loop vulnerability in 
ReadWPGImage in ...)
-       TODO: check
+       - imagemagick <unfixed> (low)
+       NOTE: https://github.com/ImageMagick/ImageMagick/issues/654
+       NOTE: 
https://github.com/ImageMagick/ImageMagick/commit/4eae304e773bad8a876c3c26fdffac24d4253ae4
 CVE-2017-14348 (LibRaw before 0.18.4 has a heap-based Buffer Overflow in the 
...)
        - libraw <unfixed>
        NOTE: https://github.com/LibRaw/LibRaw/issues/100

Modified: data/dsa-needed.txt
===================================================================
--- data/dsa-needed.txt 2017-09-12 21:14:25 UTC (rev 55706)
+++ data/dsa-needed.txt 2017-09-12 21:16:58 UTC (rev 55707)
@@ -104,7 +104,5 @@
 wordpress-shibboleth
   Dom preparing an update
 --
-xen (jmm)
---
 zendframework/oldstable
 --


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to