diff options
author | Markus Koschany <apo@debian.org> | 2020-09-07 19:06:39 +0200 |
---|---|---|
committer | Markus Koschany <apo@debian.org> | 2020-09-07 19:08:01 +0200 |
commit | bf2942e79f080b530ffab2df57092369e5d7422b (patch) | |
tree | bb5d84c9e8a2ff60cd2c2901705629d73ffcacff /data/CVE/2017.list | |
parent | daf4ce159f72a9f9dc3660183de27cacd8b8cf3b (diff) |
CVE-2017-12670,imagemagick: postponed
Upstream patch appears to be incomplete. Needs further investigation.
Diffstat (limited to 'data/CVE/2017.list')
-rw-r--r-- | data/CVE/2017.list | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/data/CVE/2017.list b/data/CVE/2017.list index 291653b439..9532cf216c 100644 --- a/data/CVE/2017.list +++ b/data/CVE/2017.list @@ -20408,9 +20408,11 @@ CVE-2017-11724 (The ReadMATImage function in coders/mat.c in ImageMagick through CVE-2017-12670 (In ImageMagick 7.0.6-3, missing validation was found in coders/mat.c, ...) {DLA-2366-1 DLA-1785-1 DLA-1081-1} - imagemagick 8:6.9.7.4+dfsg-14 (low; bug #870020) + [stretch] - imagemagick <postponed> (Minor issue) NOTE: https://github.com/ImageMagick/ImageMagick/issues/610 NOTE: https://github.com/ImageMagick/ImageMagick/commit/ab440f9ea11e0dbefb7a808cbb9441198758b0cb NOTE: https://github.com/ImageMagick/ImageMagick/commit/75db34b6a4d642cb6f88c792942de27490c900e0 + NOTE: Upstream patch is apparently incomplete. POC still triggers segfault. CVE-2017-13658 (In ImageMagick before 6.9.9-3 and 7.x before 7.0.6-3, there is a missi ...) {DLA-2366-1 DLA-1785-1 DLA-1081-1} - imagemagick 8:6.9.7.4+dfsg-14 (low; bug #870019) |