diff options
author | Moritz Muehlenhoff <jmm@debian.org> | 2017-12-27 12:30:28 +0000 |
---|---|---|
committer | Moritz Muehlenhoff <jmm@debian.org> | 2017-12-27 12:30:28 +0000 |
commit | 613c419850a964ef51dfcf138ec3f8df942055c5 (patch) | |
tree | 74d3d6e557306776061acced73c47d995ea13879 /data | |
parent | a391cf43ebdf2c90ca4ebe14f5d5e7bbac3c72a1 (diff) |
mark remaining imagemagick no-dsa issues as ignored
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@58961 e39458fd-73e7-0310-bf30-c45bca0a0e42
Diffstat (limited to 'data')
-rw-r--r-- | data/CVE/list | 168 |
1 files changed, 84 insertions, 84 deletions
diff --git a/data/CVE/list b/data/CVE/list index 6319893528..c5455b926e 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -5154,15 +5154,15 @@ CVE-2017-17683 (Panda Global Protection 17.0.1 allows a system crash via a 0xb37 NOT-FOR-US: Panda Global Protection CVE-2017-17682 (In ImageMagick 7.0.7-12 Q16, a large loop vulnerability was found in ...) - imagemagick <unfixed> (low) - [stretch] - imagemagick <no-dsa> (Minor issue) - [jessie] - imagemagick <no-dsa> (Minor issue) + [stretch] - imagemagick <ignored> (Minor issue) + [jessie] - imagemagick <ignored> (Minor issue) NOTE: https://github.com/ImageMagick/ImageMagick/issues/870 NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/da649f031e36753c69268c5c027e695b8ae45e9a NOTE: https://github.com/ImageMagick/ImageMagick/commit/06c8dd4de59e48d282d4f224faa64ab9012a711a CVE-2017-17681 (In ImageMagick 7.0.7-12 Q16, an infinite loop vulnerability was found ...) - imagemagick <unfixed> (low) - [stretch] - imagemagick <no-dsa> (Minor issue) - [jessie] - imagemagick <no-dsa> (Minor issue) + [stretch] - imagemagick <ignored> (Minor issue) + [jessie] - imagemagick <ignored> (Minor issue) NOTE: https://github.com/ImageMagick/ImageMagick/issues/869 NOTE: https://github.com/ImageMagick/ImageMagick/commit/f6ca1441a5260165dabc627d26f60c32af1d5678 NOTE: different fix: https://github.com/ImageMagick/ImageMagick/commit/73d59a74e0b0a864c1a9581b8a4bdbee427125e2 @@ -14774,8 +14774,8 @@ CVE-2017-15282 CVE-2017-15281 (ReadPSDImage in coders/psd.c in ImageMagick 7.0.7-6 allows remote ...) {DLA-1139-1} - imagemagick <unfixed> (low; bug #878579) - [stretch] - imagemagick <no-dsa> (Minor issue) - [jessie] - imagemagick <no-dsa> (Minor issue) + [stretch] - imagemagick <ignored> (Minor issue) + [jessie] - imagemagick <ignored> (Minor issue) NOTE: https://github.com/ImageMagick/ImageMagick/issues/832 NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/e9d1c2adae866861a291535997b2263f26becb1e NOTE: https://github.com/ImageMagick/ImageMagick/commit/32cbfceeee57962321b2ead627129c9d9ffbfcdb @@ -15702,8 +15702,8 @@ CVE-2017-15018 (LAME 3.99.5 has a heap-based buffer over-read when handling a ma CVE-2017-15017 (ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability in ...) {DLA-1131-1} - imagemagick <unfixed> (low; bug #878554) - [stretch] - imagemagick <no-dsa> (Minor issue) - [jessie] - imagemagick <no-dsa> (Minor issue) + [stretch] - imagemagick <ignored> (Minor issue) + [jessie] - imagemagick <ignored> (Minor issue) NOTE: https://github.com/ImageMagick/ImageMagick/issues/723 NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/5a1006a249516a875558c3d642e719b1eac8f820 NOTE: https://github.com/ImageMagick/ImageMagick/commit/0cff8bac0a47f8693cfe57f026fcd752689ff375 @@ -15716,8 +15716,8 @@ CVE-2017-15016 (ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerabi NOTE: emf.c not compiled under Debian CVE-2017-15015 (ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability in ...) - imagemagick <unfixed> (low; bug #878555) - [stretch] - imagemagick <no-dsa> (Minor issue) - [jessie] - imagemagick <no-dsa> (Minor issue) + [stretch] - imagemagick <ignored> (Minor issue) + [jessie] - imagemagick <ignored> (Minor issue) [wheezy] - imagemagick <not-affected> (Vulnerable code not present) NOTE: https://github.com/ImageMagick/ImageMagick/issues/724 NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/0cbb3b3b02e7af493a9aafa8f7e7d23fc70644e4 @@ -16525,8 +16525,8 @@ CVE-2017-14742 CVE-2017-14741 (The ReadCAPTIONImage function in coders/caption.c in ImageMagick ...) {DLA-1131-1} - imagemagick <unfixed> (low; bug #878548) - [stretch] - imagemagick <no-dsa> (Minor issue) - [jessie] - imagemagick <no-dsa> (Minor issue) + [stretch] - imagemagick <ignored> (Minor issue) + [jessie] - imagemagick <ignored> (Minor issue) NOTE: https://github.com/ImageMagick/ImageMagick/issues/771 NOTE: https://github.com/ImageMagick/ImageMagick/commit/7d8e14899c562157c7760a77fc91625a27cb596f NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/bb11d07139efe0f5e4ce0e4afda32abdbe82fa9d @@ -16535,8 +16535,8 @@ CVE-2017-14740 CVE-2017-14739 (The AcquireResampleFilterThreadSet function in ...) {DLA-1131-1} - imagemagick <unfixed> (low; bug #878547) - [stretch] - imagemagick <no-dsa> (Minor issue) - [jessie] - imagemagick <no-dsa> (Minor issue) + [stretch] - imagemagick <ignored> (Minor issue) + [jessie] - imagemagick <ignored> (Minor issue) NOTE: https://github.com/ImageMagick/ImageMagick/issues/780 NOTE: https://github.com/ImageMagick/ImageMagick/commit/6017a80fe8327fefb77fa677d81154db2b857d1d NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/700fcf95b2c3f554dfbe75833b91f19dde208089 @@ -16898,8 +16898,8 @@ CVE-2017-14627 (Stack-based buffer overflows in CyberLink LabelPrint 2.5 allow r NOT-FOR-US: CyberLink LabelPrint CVE-2017-14626 (ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in ...) - imagemagick <unfixed> (low; bug #878524) - [stretch] - imagemagick <no-dsa> (Minor issue) - [jessie] - imagemagick <no-dsa> (Minor issue) + [stretch] - imagemagick <ignored> (Minor issue) + [jessie] - imagemagick <ignored> (Minor issue) [wheezy] - imagemagick <not-affected> (Vulnerable code not present) NOTE: https://github.com/ImageMagick/ImageMagick/issues/720 NOTE: https://github.com/ImageMagick/ImageMagick/issues/721 @@ -16907,15 +16907,15 @@ CVE-2017-14626 (ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerabi NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/cc797c296c30f3ec31cd02418b58a2c27549b0a9 CVE-2017-14625 (ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in ...) - imagemagick <unfixed> (low; bug #877355) - [stretch] - imagemagick <no-dsa> (Minor issue) - [jessie] - imagemagick <no-dsa> (Minor issue) + [stretch] - imagemagick <ignored> (Minor issue) + [jessie] - imagemagick <ignored> (Minor issue) [wheezy] - imagemagick <not-affected> (Vulnerable code not present) NOTE: https://github.com/ImageMagick/ImageMagick/issues/721 NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/cc797c296c30f3ec31cd02418b58a2c27549b0a9 CVE-2017-14624 (ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in ...) - imagemagick <unfixed> (low; bug #877354) - [stretch] - imagemagick <no-dsa> (Minor issue) - [jessie] - imagemagick <no-dsa> (Minor issue) + [stretch] - imagemagick <ignored> (Minor issue) + [jessie] - imagemagick <ignored> (Minor issue) [wheezy] - imagemagick <not-affected> (Vulnerable code not present) NOTE: https://github.com/ImageMagick/ImageMagick/issues/722 NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/9ff805077fd5297dc41dc989f9dba59877e12f97 @@ -17144,8 +17144,8 @@ CVE-2017-14533 (ImageMagick 7.0.6-6 has a memory leak in ReadMATImage in coders/ NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/bdfc5538051ad0d1c2083ba2a29180ff6abea907 CVE-2017-14532 (ImageMagick 7.0.7-0 has a NULL Pointer Dereference in TIFFIgnoreTags in ...) - imagemagick <unfixed> (bug #878541) - [stretch] - imagemagick <no-dsa> (Minor issue) - [jessie] - imagemagick <no-dsa> (Minor issue) + [stretch] - imagemagick <ignored> (Minor issue) + [jessie] - imagemagick <ignored> (Minor issue) [wheezy] - imagemagick <not-affected> (Vulnerable code not present) NOTE: https://github.com/ImageMagick/ImageMagick/issues/719 NOTE: https://github.com/ImageMagick/ImageMagick/commit/1942317d9208ea17ee17d976a39768cd51d74160 @@ -17237,8 +17237,8 @@ CVE-2017-14506 (geminabox (aka Gem in a Box) before 0.13.6 has XSS, as demonstra CVE-2017-14505 (DrawGetStrokeDashArray in wand/drawing-wand.c in ImageMagick 7.0.7-1 ...) {DLA-1131-1} - imagemagick <unfixed> (low; bug #878545) - [stretch] - imagemagick <no-dsa> (Minor issue) - [jessie] - imagemagick <no-dsa> (Minor issue) + [stretch] - imagemagick <ignored> (Minor issue) + [jessie] - imagemagick <ignored> (Minor issue) NOTE: https://github.com/ImageMagick/ImageMagick/issues/716 NOTE: https://github.com/ImageMagick/ImageMagick/commit/6ad5fc3c9b652eec27fc0b1a0817159f8547d5d9 NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/f7b0cf098bc800c5b6181dc522a99997bfee8948 @@ -17574,8 +17574,8 @@ CVE-2017-14401 (The EyesOfNetwork web interface (aka eonweb) 5.1-0 has SQL injec CVE-2017-14400 (In ImageMagick 7.0.7-1 Q16, the PersistPixelCache function in ...) {DLA-1131-1} - imagemagick <unfixed> (low; bug #878546) - [stretch] - imagemagick <no-dsa> (Minor issue) - [jessie] - imagemagick <no-dsa> (Minor issue) + [stretch] - imagemagick <ignored> (Minor issue) + [jessie] - imagemagick <ignored> (Minor issue) NOTE: https://github.com/ImageMagick/ImageMagick/issues/746 NOTE: im6 patch: https://github.com/ImageMagick/ImageMagick/commit/04b863f15effa4375e4ee42f413f0246062b48af NOTE: im6 patch: https://github.com/ImageMagick/ImageMagick/commit/44a55580ac8c01d8cff1e6e0063820af113f8591 @@ -17704,8 +17704,8 @@ CVE-2017-14342 (ImageMagick 7.0.6-6 has a memory exhaustion vulnerability in ... CVE-2017-14341 (ImageMagick 7.0.6-6 has a large loop vulnerability in ReadWPGImage in ...) {DLA-1131-1} - imagemagick <unfixed> (low; bug #876105) - [stretch] - imagemagick <no-dsa> (Minor issue) - [jessie] - imagemagick <no-dsa> (Minor issue) + [stretch] - imagemagick <ignored> (Minor issue) + [jessie] - imagemagick <ignored> (Minor issue) NOTE: https://github.com/ImageMagick/ImageMagick/issues/654 NOTE: https://github.com/ImageMagick/ImageMagick/commit/7d63315a64267c565d1f34b9cb523a14616fed24 NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/4eae304e773bad8a876c3c26fdffac24d4253ae4 @@ -17962,8 +17962,8 @@ CVE-2017-14250 (In TP-LINK TL-WR741N / TL-WR741ND 150M Wireless Lite N Router wi CVE-2017-14249 (ImageMagick 7.0.6-8 Q16 mishandles EOF checks in ReadMPCImage in ...) {DLA-1131-1} - imagemagick <unfixed> (low; bug #876099) - [stretch] - imagemagick <no-dsa> (Minor issue) - [jessie] - imagemagick <no-dsa> (Minor issue) + [stretch] - imagemagick <ignored> (Minor issue) + [jessie] - imagemagick <ignored> (Minor issue) NOTE: https://github.com/ImageMagick/ImageMagick/issues/708 NOTE: https://github.com/ImageMagick/ImageMagick/commit/2071d67ebf729f76d73c33c1152df4816d1d79ac NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/66112b7a7b64f688efe6fec53a829874a74dea04 @@ -18180,30 +18180,30 @@ CVE-2017-14181 (DeleteBitBuffer in libbitbuf/bitbuffer.c in mp4tools aacplusenc CVE-2017-14175 (In coders/xbm.c in ImageMagick 7.0.6-1 Q16, a DoS in ReadXBMImage() due ...) {DLA-1131-1} - imagemagick <unfixed> (low; bug #875502) - [stretch] - imagemagick <no-dsa> (Minor issue) - [jessie] - imagemagick <no-dsa> (Minor issue) + [stretch] - imagemagick <ignored> (Minor issue) + [jessie] - imagemagick <ignored> (Minor issue) NOTE: https://github.com/ImageMagick/ImageMagick/issues/712 NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/b8c63b156bf26b52e710b1a0643c846a6cd01e56 CVE-2017-14174 (In coders/psd.c in ImageMagick 7.0.7-0 Q16, a DoS in ...) {DLA-1131-1} - imagemagick <unfixed> (low; bug #875503) - [stretch] - imagemagick <no-dsa> (Minor issue) - [jessie] - imagemagick <no-dsa> (Minor issue) + [stretch] - imagemagick <ignored> (Minor issue) + [jessie] - imagemagick <ignored> (Minor issue) NOTE: https://github.com/ImageMagick/ImageMagick/issues/714 NOTE: https://github.com/ImageMagick/ImageMagick/commit/04a567494786d5bb50894fc8bb8fea0cf496bea8 NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/f68a98a9d385838a1c73ec960a14102949940a64 CVE-2017-14173 (In the function ReadTXTImage() in coders/txt.c in ImageMagick 7.0.6-10, ...) {DLA-1131-1} - imagemagick <unfixed> (low; bug #875504) - [stretch] - imagemagick <no-dsa> (Minor issue) - [jessie] - imagemagick <no-dsa> (Minor issue) + [stretch] - imagemagick <ignored> (Minor issue) + [jessie] - imagemagick <ignored> (Minor issue) NOTE: https://github.com/ImageMagick/ImageMagick/issues/713 NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/48bcf7c39302cdf9b0d9202ad03bf1b95152c44d CVE-2017-14172 (In coders/ps.c in ImageMagick 7.0.7-0 Q16, a DoS in ReadPSImage() due ...) {DLA-1131-1} - imagemagick <unfixed> (low; bug #875506) - [stretch] - imagemagick <no-dsa> (Minor issue) - [jessie] - imagemagick <no-dsa> (Minor issue) + [stretch] - imagemagick <ignored> (Minor issue) + [jessie] - imagemagick <ignored> (Minor issue) NOTE: https://github.com/ImageMagick/ImageMagick/issues/715 NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/8598a497e2d1f556a34458cf54b40ba40674734c CVE-2017-14171 (In libavformat/nsvdec.c in FFmpeg 3.3.3, a DoS in ...) @@ -18618,8 +18618,8 @@ CVE-2017-14061 (Integer overflow in the _isBidi function in bidi.c in Libidn2 be CVE-2017-14060 (In ImageMagick 7.0.6-10, a NULL Pointer Dereference issue is present in ...) {DLA-1131-1} - imagemagick <unfixed> (low; bug #878506) - [stretch] - imagemagick <no-dsa> (Minor issue) - [jessie] - imagemagick <no-dsa> (Minor issue) + [stretch] - imagemagick <ignored> (Minor issue) + [jessie] - imagemagick <ignored> (Minor issue) NOTE: https://github.com/ImageMagick/ImageMagick/issues/710 NOTE: https://github.com/ImageMagick/ImageMagick/commit/c535e1f1a6b1faaa35e007df4fc535ec08daa97c NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/5bdfef29f5e6744f36f25ec04583c6b6f4a13b48 @@ -19295,8 +19295,8 @@ CVE-2017-13769 (The WriteTHUMBNAILImage function in coders/thumbnail.c in ImageM CVE-2017-13768 (Null Pointer Dereference in the IdentifyImage function in ...) {DLA-1131-1} - imagemagick <unfixed> (low; bug #875352) - [stretch] - imagemagick <no-dsa> (Minor issue) - [jessie] - imagemagick <no-dsa> (Minor issue) + [stretch] - imagemagick <ignored> (Minor issue) + [jessie] - imagemagick <ignored> (Minor issue) NOTE: https://github.com/ImageMagick/ImageMagick/issues/706 NOTE: https://github.com/ImageMagick/ImageMagick/commit/152e510e2b7858efe5992ed95090d8e0049417f3 NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/2c1b360d80e5f8f7c7108c0afedde64ab79318ff @@ -20853,8 +20853,8 @@ CVE-2017-13134 (In ImageMagick 7.0.6-6 and GraphicsMagick 1.3.26, a heap-based b CVE-2017-13133 (In ImageMagick 7.0.6-8, the load_level function in coders/xcf.c lacks ...) {DLA-1081-1} - imagemagick <unfixed> (low; bug #873100) - [stretch] - imagemagick <no-dsa> (Minor issue) - [jessie] - imagemagick <no-dsa> (Minor issue) + [stretch] - imagemagick <ignored> (Minor issue) + [jessie] - imagemagick <ignored> (Minor issue) NOTE: https://github.com/ImageMagick/ImageMagick/issues/679 NOTE: https://github.com/ImageMagick/ImageMagick/commit/19dbe11c5060f66abb393d1945107c5f54894fa8 NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/fad03699658d2607562a8487c944c300d59a1ca5 @@ -21057,7 +21057,7 @@ CVE-2017-13062 (In ImageMagick 7.0.6-6, a memory leak vulnerability was found in NOTE: https://github.com/ImageMagick/ImageMagick/issues/669 CVE-2017-13061 (In ImageMagick 7.0.6-5, a length-validation vulnerability was found in ...) - imagemagick <unfixed> (bug #873131) - [stretch] - imagemagick <no-dsa> (Minor issue) + [stretch] - imagemagick <ignored> (Minor issue) [jessie] - imagemagick <not-affected> (Vulnerable code not present) [wheezy] - imagemagick <not-affected> (Vulnerable code not present) NOTE: https://github.com/ImageMagick/ImageMagick/issues/645 @@ -22211,8 +22211,8 @@ CVE-2017-12876 (Heap-based buffer overflow in enhance.c in ImageMagick before 7. CVE-2017-12875 (The WritePixelCachePixels function in ImageMagick 7.0.6-6 allows ...) {DLA-1131-1} - imagemagick <unfixed> (low; bug #873871) - [stretch] - imagemagick <no-dsa> (Minor issue) - [jessie] - imagemagick <no-dsa> (Minor issue) + [stretch] - imagemagick <ignored> (Minor issue) + [jessie] - imagemagick <ignored> (Minor issue) NOTE: https://github.com/ImageMagick/ImageMagick/issues/659 NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/6f95e543c80319721e22d623bb23712cd29afa9e NOTE: https://github.com/ImageMagick/ImageMagick/commit/d96b55ea41e71de43663818ccd17c6af3fa6c4fd @@ -22732,24 +22732,24 @@ CVE-2017-1000099 (When asking to get a file from a file:// URL, libcurl provides CVE-2017-12693 (The ReadBMPImage function in coders/bmp.c in ImageMagick 7.0.6-6 ...) {DLA-1131-1} - imagemagick <unfixed> (low; bug #875341) - [stretch] - imagemagick <no-dsa> (Minor issue) - [jessie] - imagemagick <no-dsa> (Minor issue) + [stretch] - imagemagick <ignored> (Minor issue) + [jessie] - imagemagick <ignored> (Minor issue) NOTE: https://github.com/ImageMagick/ImageMagick/issues/652 NOTE: https://github.com/ImageMagick/ImageMagick/commit/75fcbf5d649bba046c6a0db650a518f7bfc0fb3f NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/6709bd585b9609a9cf98a7042089f3e725886d5e CVE-2017-12692 (The ReadVIFFImage function in coders/viff.c in ImageMagick 7.0.6-6 ...) {DLA-1131-1} - imagemagick <unfixed> (low; bug #875339) - [stretch] - imagemagick <no-dsa> (Minor issue) - [jessie] - imagemagick <no-dsa> (Minor issue) + [stretch] - imagemagick <ignored> (Minor issue) + [jessie] - imagemagick <ignored> (Minor issue) NOTE: https://github.com/ImageMagick/ImageMagick/issues/653 NOTE: https://github.com/ImageMagick/ImageMagick/commit/4a25fe5447bfb3a1918a2e9d595928e853b09d2e NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/5919dc606bc1d6022d3d2d205a91fdbe98de9e15 CVE-2017-12691 (The ReadOneLayer function in coders/xcf.c in ImageMagick 7.0.6-6 ...) {DLA-1131-1} - imagemagick <unfixed> (low; bug #875338) - [stretch] - imagemagick <no-dsa> (Minor issue) - [jessie] - imagemagick <no-dsa> (Minor issue) + [stretch] - imagemagick <ignored> (Minor issue) + [jessie] - imagemagick <ignored> (Minor issue) NOTE: https://github.com/ImageMagick/ImageMagick/issues/656 NOTE: https://github.com/ImageMagick/ImageMagick/commit/f1ea048a3a34df293764502401d966aeacf9179d NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/68bbe7b8b226ed79e339296793f68f1b2bebc519 @@ -22803,8 +22803,8 @@ CVE-2017-12674 (In ImageMagick 7.0.6-2, a CPU exhaustion vulnerability was found {DLA-1081-1} [experimental] - imagemagick 8:6.9.9.6+dfsg-1 - imagemagick <unfixed> (low; bug #872609) - [stretch] - imagemagick <no-dsa> (Minor issue) - [jessie] - imagemagick <no-dsa> (Minor issue) + [stretch] - imagemagick <ignored> (Minor issue) + [jessie] - imagemagick <ignored> (Minor issue) NOTE: https://github.com/ImageMagick/ImageMagick/issues/604 NOTE: https://github.com/ImageMagick/ImageMagick/commit/91651bd482b6637cf650700ffd7b3b63de1cb049 NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/5a91708c6b70bd4e3d2b931465307e0aeababb3c @@ -23100,7 +23100,7 @@ CVE-2017-12588 (The zmq3 input and output modules in rsyslog before 8.28.0 inter CVE-2017-12587 (ImageMagick 7.0.6-1 has a large loop vulnerability in the ReadPWPImage ...) {DSA-4019-1 DLA-1081-1} - imagemagick 8:6.9.7.4+dfsg-16 (bug #870526) - [jessie] - imagemagick <no-dsa> (Minor issue) + [jessie] - imagemagick <ignored> (Minor issue) NOTE: https://github.com/ImageMagick/ImageMagick/issues/535 NOTE: https://github.com/ImageMagick/ImageMagick/commit/bb5b16c512977e8134701063e0adb05a4a342add NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/d4192df5eb03892089806d52a317cc3101856726 @@ -23168,8 +23168,8 @@ CVE-2017-12564 (In ImageMagick 7.0.6-2, a memory leak vulnerability was found in CVE-2017-12563 (In ImageMagick 7.0.6-2, a memory exhaustion vulnerability was found in ...) {DLA-1081-1} - imagemagick 8:6.9.7.4+dfsg-16 (low; bug #870530) - [stretch] - imagemagick <no-dsa> (Minor issue) - [jessie] - imagemagick <no-dsa> (Minor issue) + [stretch] - imagemagick <ignored> (Minor issue) + [jessie] - imagemagick <ignored> (Minor issue) NOTE: https://github.com/ImageMagick/ImageMagick/issues/599 NOTE: https://github.com/ImageMagick/ImageMagick/commit/82b53bd74df1489332e4043035a51b43f54d43f1 NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/7d3af83d8b946f952bfd028451e6dfb1f7ace07a @@ -23506,8 +23506,8 @@ CVE-2017-12436 CVE-2017-12435 (In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in ...) {DLA-1081-1} - imagemagick 8:6.9.7.4+dfsg-16 (low; bug #870504) - [stretch] - imagemagick <no-dsa> (Minor issue) - [jessie] - imagemagick <no-dsa> (Minor issue) + [stretch] - imagemagick <ignored> (Minor issue) + [jessie] - imagemagick <ignored> (Minor issue) NOTE: https://github.com/ImageMagick/ImageMagick/issues/543 NOTE: https://github.com/ImageMagick/ImageMagick/commit/2dd8d55742fce7d079b6a16039c18e49c091224f NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/44cb8dfd4cbe6fc475c863a5946cff64e34c2088 @@ -23521,16 +23521,16 @@ CVE-2017-12433 (In ImageMagick 7.0.6-1, a memory leak vulnerability was found in CVE-2017-12432 (In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in ...) {DSA-4019-1 DLA-1081-1} - imagemagick 8:6.9.7.4+dfsg-16 (low; bug #870491) - [stretch] - imagemagick <no-dsa> (Minor issue) - [jessie] - imagemagick <no-dsa> (Minor issue) + [stretch] - imagemagick <ignored> (Minor issue) + [jessie] - imagemagick <ignored> (Minor issue) NOTE: https://github.com/ImageMagick/ImageMagick/issues/536 NOTE: https://github.com/ImageMagick/ImageMagick/commit/061de02095a56d438409c63f723f340b2d9d36c7 NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/3ded916c5da6febe9660c3cfa44c3114567adf74 CVE-2017-12429 (In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in ...) {DLA-1081-1} - imagemagick 8:6.9.7.4+dfsg-13 - [stretch] - imagemagick <no-dsa> (Minor issue) - [jessie] - imagemagick <no-dsa> (Minor issue) + [stretch] - imagemagick <ignored> (Minor issue) + [jessie] - imagemagick <ignored> (Minor issue) NOTE: https://github.com/ImageMagick/ImageMagick/issues/545 NOTE: https://github.com/ImageMagick/ImageMagick/commit/30a74ed25a4890acfa94f452d653d54c9628c87e NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/3ac6c73d39d59a7b0285b3756810272121759a31 @@ -24285,8 +24285,8 @@ CVE-2017-12140 (The ReadDCMImage function in coders\dcm.c in ImageMagick 7.0.6-1 {DLA-1081-1} [experimental] - imagemagick 8:6.9.9.6+dfsg-1 - imagemagick <unfixed> (low; bug #873059) - [stretch] - imagemagick <no-dsa> (Minor issue) - [jessie] - imagemagick <no-dsa> (Minor issue) + [stretch] - imagemagick <ignored> (Minor issue) + [jessie] - imagemagick <ignored> (Minor issue) NOTE: https://github.com/ImageMagick/ImageMagick/issues/533 NOTE: https://github.com/ImageMagick/ImageMagick/commit/94933146cb2d9d95889a385f08d5eb5f92d4e3cd NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/6bf56fbe1fc551f198c3491ed58d56bb5efea23c @@ -25112,7 +25112,7 @@ CVE-2017-XXXX [executes javascript code downloaded from insecure URL] CVE-2017-13140 (In ImageMagick before 6.9.9-1 and 7.x before 7.0.6-2, the ...) {DSA-4019-1} - imagemagick 8:6.9.7.4+dfsg-15 (bug #870111) - [stretch] - imagemagick <no-dsa> (Minor issue) + [stretch] - imagemagick <ignored> (Minor issue) [jessie] - imagemagick <not-affected> (Vulnerable code not present) [wheezy] - imagemagick <not-affected> (Vulnerable code not present) NOTE: https://github.com/ImageMagick/ImageMagick/issues/596 @@ -25125,14 +25125,14 @@ CVE-2017-13139 (In ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1, the ...) CVE-2017-12643 (ImageMagick 7.0.6-1 has a memory exhaustion vulnerability in ...) {DLA-1081-1} - imagemagick 8:6.9.7.4+dfsg-15 (low; bug #870107) - [stretch] - imagemagick <no-dsa> (Minor issue) - [jessie] - imagemagick <no-dsa> (Minor issue) + [stretch] - imagemagick <ignored> (Minor issue) + [jessie] - imagemagick <ignored> (Minor issue) NOTE: https://github.com/ImageMagick/ImageMagick/issues/549 NOTE: https://github.com/ImageMagick/ImageMagick/commit/9eedb5660f1704cde8e8cd784c5c2a09dd2fd60f CVE-2017-13142 (In ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1, a crafted PNG ...) {DSA-4019-1 DLA-1081-1} - imagemagick 8:6.9.7.4+dfsg-15 (low; bug #870105) - [jessie] - imagemagick <no-dsa> (Minor issue) + [jessie] - imagemagick <ignored> (Minor issue) NOTE: https://github.com/ImageMagick/ImageMagick/commit/46e3aabbf8d59a1bdebdbb65acb9b9e0484577d3 NOTE: https://github.com/ImageMagick/ImageMagick/commit/aa84944b405acebbeefe871d0f64969b9e9f31ac CVE-2017-11756 (In Earcms Ear Music through 4.1 build 20170710, remote authenticated ...) @@ -25255,23 +25255,23 @@ CVE-2017-11724 (The ReadMATImage function in coders/mat.c in ImageMagick through CVE-2017-12670 (In ImageMagick 7.0.6-3, missing validation was found in coders/mat.c, ...) {DLA-1081-1} - imagemagick 8:6.9.7.4+dfsg-14 (low; bug #870020) - [stretch] - imagemagick <no-dsa> (Minor issue) - [jessie] - imagemagick <no-dsa> (Minor issue) + [stretch] - imagemagick <ignored> (Minor issue) + [jessie] - imagemagick <ignored> (Minor issue) NOTE: https://github.com/ImageMagick/ImageMagick/issues/610 NOTE: https://github.com/ImageMagick/ImageMagick/commit/ab440f9ea11e0dbefb7a808cbb9441198758b0cb NOTE: https://github.com/ImageMagick/ImageMagick/commit/75db34b6a4d642cb6f88c792942de27490c900e0 CVE-2017-13658 (In ImageMagick before 6.9.9-3 and 7.x before 7.0.6-3, there is a ...) {DLA-1081-1} - imagemagick 8:6.9.7.4+dfsg-14 (low; bug #870019) - [stretch] - imagemagick <no-dsa> (Minor issue) - [jessie] - imagemagick <no-dsa> (Minor issue) + [stretch] - imagemagick <ignored> (Minor issue) + [jessie] - imagemagick <ignored> (Minor issue) NOTE: https://github.com/ImageMagick/ImageMagick/issues/598 NOTE: https://github.com/ImageMagick/ImageMagick/commit/e5c063a1007506ba69e97a35effcdef944421c89 CVE-2017-12434 (In ImageMagick 7.0.6-1, a missing NULL check vulnerability was found in ...) {DSA-4019-1} - imagemagick 8:6.9.7.4+dfsg-14 (bug #870014) - [stretch] - imagemagick <no-dsa> (Minor issue) - [jessie] - imagemagick <no-dsa> (Minor issue) + [stretch] - imagemagick <ignored> (Minor issue) + [jessie] - imagemagick <ignored> (Minor issue) [wheezy] - imagemagick <not-affected> (vulnerable code not present) NOTE: https://github.com/ImageMagick/ImageMagick/issues/547 NOTE: https://github.com/ImageMagick/ImageMagick/commit/6767f31cac3eacdc9dc41b3193a73bdd37610375 @@ -25468,7 +25468,7 @@ CVE-2017-11668 (An out-of-bounds read flaw related to the assess_packet function CVE-2017-13145 (In ImageMagick before 6.9.8-8 and 7.x before 7.0.5-9, the ReadJP2Image ...) {DSA-4019-1} - imagemagick 8:6.9.7.4+dfsg-13 (bug #869830) - [jessie] - imagemagick <no-dsa> (Minor issue) + [jessie] - imagemagick <ignored> (Minor issue) [wheezy] - imagemagick <not-affected> (Vulnerable code not present) NOTE: https://github.com/ImageMagick/ImageMagick/issues/501 NOTE: https://github.com/ImageMagick/ImageMagick/commit/acee073df34aa4d491bf5cb74d3a15fc80f0a3aa @@ -25670,8 +25670,8 @@ CVE-2017-13144 (In ImageMagick before 6.9.7-10, there is a crash (rather than a CVE-2017-12430 (In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in ...) {DLA-1081-1} - imagemagick 8:6.9.7.4+dfsg-13 (low; bug #869727) - [stretch] - imagemagick <no-dsa> (Minor issue) - [jessie] - imagemagick <no-dsa> (Minor issue) + [stretch] - imagemagick <ignored> (Minor issue) + [jessie] - imagemagick <ignored> (Minor issue) NOTE: https://github.com/ImageMagick/ImageMagick/issues/546 NOTE: https://github.com/ImageMagick/ImageMagick/commit/98e5d0001cda195da0e8ea7650ab85c6f8333ff5 NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/8d537f6d778675e08ef9d238606d05101bf471b9 @@ -25978,7 +25978,7 @@ CVE-2017-11538 (When ImageMagick 7.0.6-1 processes a crafted file in convert, it CVE-2017-11537 (When ImageMagick 7.0.6-1 processes a crafted file in convert, it can ...) {DSA-4019-1 DLA-1081-1} - imagemagick 8:6.9.7.4+dfsg-13 (low; bug #869712) - [jessie] - imagemagick <no-dsa> (Minor issue) + [jessie] - imagemagick <ignored> (Minor issue) NOTE: https://github.com/ImageMagick/ImageMagick/issues/560 NOTE: https://github.com/ImageMagick/ImageMagick/commit/2bbc1b96f0d9371df675fdf7b8fc9bd4a42ae9cd NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/bac384563f557d1ac7413d2eaec00dd59c3cc29b @@ -26069,7 +26069,7 @@ CVE-2017-11565 (debian/tor.init in the Debian tor_0.2.9.11-1~deb9u1 package for CVE-2017-11523 (The ReadTXTImage function in coders/txt.c in ImageMagick through ...) {DSA-4019-1 DLA-1081-1} - imagemagick 8:6.9.7.4+dfsg-14 (low; bug #869210) - [jessie] - imagemagick <no-dsa> (Minor issue) + [jessie] - imagemagick <ignored> (Minor issue) NOTE: https://github.com/ImageMagick/ImageMagick/issues/591 NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/83e0f8ffd7eeb7661b0ff83257da23d24ca7f078 NOTE: Fixed by (ImageMagick-6): https://github.com/ImageMagick/ImageMagick/commit/a8f9c2aabed37cd6a728532d1aed13ae0f3dfd78 @@ -26229,7 +26229,7 @@ CVE-2017-11447 (The ReadSCREENSHOTImage function in coders/screenshot.c in Image CVE-2017-11446 (The ReadPESImage function in coders\pes.c in ImageMagick 7.0.6-1 has an ...) {DSA-4019-1 DLA-1081-1} - imagemagick 8:6.9.7.4+dfsg-13 (low; bug #868950) - [jessie] - imagemagick <no-dsa> (Minor issue) + [jessie] - imagemagick <ignored> (Minor issue) NOTE: https://github.com/ImageMagick/ImageMagick/issues/537 NOTE: ImageMagick-7: https://github.com/ImageMagick/ImageMagick/commit/787ee25e9fb0e4e0509121342371d925fe5044f8 NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/96182884778bfc43d6a9a0abd90cedb5d8cf8977 @@ -26594,7 +26594,7 @@ CVE-2017-11526 (The ReadOneMNGImage function in coders/png.c in ImageMagick befo CVE-2017-11505 (The ReadOneJNGImage function in coders/png.c in ImageMagick through ...) {DSA-3914-1 DLA-1081-1} - imagemagick 8:6.9.7.4+dfsg-12 (bug #867824) - [jessie] - imagemagick <no-dsa> (Minor issue) + [jessie] - imagemagick <ignored> (Minor issue) NOTE: https://github.com/ImageMagick/ImageMagick/issues/526 CVE-2017-11530 (The ReadEPTImage function in coders/ept.c in ImageMagick before 6.9.9-0 ...) {DSA-3914-1 DLA-1081-1} @@ -31844,7 +31844,7 @@ CVE-2017-9501 (In ImageMagick 7.0.5-7 Q16, an assertion failure was found in the CVE-2017-9500 (In ImageMagick 7.0.5-8 Q16, an assertion failure was found in the ...) {DSA-4019-1 DLA-1000-1} - imagemagick 8:6.9.7.4+dfsg-13 (low; bug #867778) - [jessie] - imagemagick <no-dsa> (Minor issue) + [jessie] - imagemagick <ignored> (Minor issue) NOTE: https://github.com/ImageMagick/ImageMagick/issues/500 NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/5d95b4c24a964114e2b1ae85c2b36769251ed11d NOTE: Fixed by (6.x): https://github.com/ImageMagick/ImageMagick/commit/837085e7725f6eb591eb019e299c1ddcf34b9a79 |