Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits: 04168784 by Moritz Muehlenhoff at 2018-03-27T22:40:15+02:00 nm no-dsa imagemagick no-dsa jasper unimportant - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== --- a/data/CVE/list +++ b/data/CVE/list @@ -3,8 +3,9 @@ CVE-2018-9057 (aws/resource_aws_iam_user_login_profile.go in the HashiCorp Terra CVE-2018-9056 (Systems with microprocessors utilizing speculative execution may allow ...) TODO: check CVE-2018-9055 (JasPer 2.0.14 allows denial of service via a reachable assertion in the ...) - - jasper <removed> + - jasper <removed> (unimportant) NOTE: https://github.com/mdadams/jasper/issues/172 + NOTE: Negligable impact CVE-2018-9054 (In Windows Master (aka Windows Optimization Master) 7.99.13.604, the ...) NOT-FOR-US: Windows Master (aka Windows Optimization Master) CVE-2018-9053 (In Windows Master (aka Windows Optimization Master) 7.99.13.604, the ...) @@ -83,7 +84,9 @@ CVE-2017-18253 (An issue was discovered in ImageMagick 7.0.7. A NULL pointer ... NOTE: https://github.com/ImageMagick/ImageMagick/issues/794 NOTE: https://github.com/ImageMagick/ImageMagick/commit/de5deab202c340162b65f65bafbbe17b1eda2c1a CVE-2017-18252 (An issue was discovered in ImageMagick 7.0.7. The MogrifyImageList ...) - - imagemagick <unfixed> + - imagemagick <unfixed> (low) + [stretch] - imagemagick <ignored> (Minor issue) + [jessie] - imagemagick <ignored> (Minor issue) NOTE: https://github.com/ImageMagick/ImageMagick/issues/802 NOTE: https://github.com/ImageMagick/ImageMagick/commit/12f34b60564de1cbec08e23e2413dab5b64daeb7 NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/bb04ccb34fd45e9c3020786857fb79b09f44d7db @@ -234,7 +237,9 @@ CVE-2018-8961 (In libming 0.4.8, the decompilePUSHPARAM function of decompile.c - ming <removed> NOTE: https://github.com/libming/libming/issues/130 CVE-2018-8960 (The ReadTIFFImage function in coders/tiff.c in ImageMagick 7.0.7-26 Q16 ...) - - imagemagick 8:6.9.9.39+dfsg-1 + - imagemagick 8:6.9.9.39+dfsg-1 (low) + [stretch] - imagemagick <ignored> (Minor issue) + [jessie] - imagemagick <ignored> (Minor issue) NOTE: https://github.com/ImageMagick/ImageMagick/issues/1020 NOTE: https://github.com/ImageMagick/ImageMagick/commit/23f6beef78cfe806cabc090a015e73557d60788e NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/7c0b29f621ebcce1a35c0e6c1992c9043b3bb1bd @@ -591,6 +596,8 @@ CVE-2018-8822 (Incorrect buffer length handling in the ncp_read_kernel function - linux <unfixed> CVE-2018-1000135 (GNOME NetworkManager version 1.10.2 and earlier contains a Information ...) - network-manager <unfixed> + [stretch] - network-manager <no-dsa> (Minor issue) + [jessie] - network-manager <no-dsa> (Minor issue) NOTE: https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1754671 NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=746422 NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1553634 @@ -637,7 +644,9 @@ CVE-2018-8806 (In libming 0.4.8, there is a use-after-free in the ...) CVE-2018-8805 (Yxcms building system (compatible cell phone) v1.4.7 has XSS via the ...) NOT-FOR-US: Yxcms CVE-2018-8804 (WriteEPTImage in coders/ept.c in ImageMagick 7.0.7-25 Q16 allows remote ...) - - imagemagick 8:6.9.9.39+dfsg-1 + - imagemagick 8:6.9.9.39+dfsg-1 (low) + [stretch] - imagemagick <ignored> (Minor issue) + [jessie] - imagemagick <ignored> (Minor issue) NOTE: https://github.com/ImageMagick/ImageMagick/commit/f55d3a622d234e940fb99325b92c6d3df578fa9b NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/6355db269e03f879c516cf9d592c72e157bc75d6 NOTE: https://github.com/ImageMagick/ImageMagick/issues/1025 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/041687847aed2515ffcb187b696125f6f83b6b6c --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/041687847aed2515ffcb187b696125f6f83b6b6c You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits