Author: opal Date: 2017-11-06 20:53:43 +0000 (Mon, 06 Nov 2017) New Revision: 57381
Modified: data/CVE/list Log: Note fix. Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-11-06 20:51:28 UTC (rev 57380) +++ data/CVE/list 2017-11-06 20:53:43 UTC (rev 57381) @@ -57,12 +57,12 @@ NOTE: https://github.com/ImageMagick/ImageMagick/issues/851 CVE-2017-16545 (The ReadWPGImage function in coders/wpg.c in GraphicsMagick 1.3.26 does ...) - graphicsmagick 1.3.26-18 + [wheezy] - graphicsmagick <no-dsa> (Not possible to trigger with presented test case) NOTE: http://hg.code.sf.net/p/graphicsmagick/code/rev/e8086faa52d0 NOTE: https://sourceforge.net/p/graphicsmagick/bugs/519/ NOTE: The wheezy version gives an assert before the vulnerability can be triggered. Due to this NOTE: the severity of the wheezy version is low even though the vulnerable code is still present. NOTE: The patch is trivial so it may be worth fixing in combination with some other fix. - [wheezy] - graphicsmagick <no-dsa> (Not possible to trigger with presented test case) CVE-2017-16544 RESERVED CVE-2017-16543 (Zoho ManageEngine Applications Manager 13 allows SQL injection via ...) _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits