[Secure-testing-commits] r56599 - data/CVE

Wed, 11 Oct 2017 02:18:08 -0700 

Author: carnil
Date: 2017-10-11 09:17:30 +0000 (Wed, 11 Oct 2017)
New Revision: 56599

Modified:
   data/CVE/list
Log:
Add two imagemagick issues

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-10-11 09:14:53 UTC (rev 56598)
+++ data/CVE/list       2017-10-11 09:17:30 UTC (rev 56599)
@@ -100,9 +100,15 @@
 CVE-2017-15219 (The dotCMS 4.1.1 application is vulnerable to Stored 
Cross-Site ...)
        TODO: check
 CVE-2017-15218 (ImageMagick 7.0.7-2 has a memory leak in ReadOneJNGImage in 
...)
-       TODO: check
+       - imagemagick <unfixed> (unimportant)
+       NOTE: https://github.com/ImageMagick/ImageMagick/issues/760
+       NOTE: ImageMagick-6: 
https://github.com/ImageMagick/ImageMagick/commit/698c09d05a749664288281012f319cd51da664ee
+       NOTE: 
https://github.com/ImageMagick/ImageMagick/commit/6387479aa974709d5c329c8efbde38175f386844
 CVE-2017-15217 (ImageMagick 7.0.7-2 has a memory leak in ReadSGIImage in 
coders/sgi.c. ...)
-       TODO: check
+       - imagemagick <unfixed> (unimportant)
+       NOTE: https://github.com/ImageMagick/ImageMagick/issues/759
+       NOTE: ImageMagick-6: 
https://github.com/ImageMagick/ImageMagick/commit/9bad9cd6752bf8dc5825f555fd1117855bd2fc47
+       NOTE: 
https://github.com/ImageMagick/ImageMagick/commit/8fa3c10977f668c92688272a4802f4477df61076
 CVE-2016-10514 (url_check_format in include/functions.inc.php in Piwigo before 
2.8.3 ...)
        - piwigo <removed>
 CVE-2016-10513 (Cross Site Scripting (XSS) exists in Piwigo before 2.8.3 via a 
crafted ...)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to