diff options
author | Moritz Mühlenhoff <jmm@debian.org> | 2024-02-22 19:46:12 +0100 |
---|---|---|
committer | Moritz Mühlenhoff <jmm@debian.org> | 2024-02-22 19:52:46 +0100 |
commit | 7be9fc498323335ae74a8e9f3bbdfbc5a499680c (patch) | |
tree | 445f7711d119b49ae7936daec4de7af49aeb5233 /data | |
parent | 2b41cf60d5d814dee838af8c8a2bdff7b78b6dee (diff) |
imagemagick DSA
Diffstat (limited to 'data')
-rw-r--r-- | data/CVE/list | 10 | ||||
-rw-r--r-- | data/DSA/list | 4 | ||||
-rw-r--r-- | data/dsa-needed.txt | 2 |
3 files changed, 4 insertions, 12 deletions
diff --git a/data/CVE/list b/data/CVE/list index 34a3957063..a95ca19ecd 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -50948,8 +50948,6 @@ CVE-2023-1907 RESERVED CVE-2023-1906 (A heap-based buffer overflow issue was discovered in ImageMagick's Imp ...) - imagemagick 8:6.9.12.98+dfsg1-2 (bug #1034373) - [bookworm] - imagemagick <no-dsa> (Minor issue) - [bullseye] - imagemagick <no-dsa> (Minor issue) [buster] - imagemagick <not-affected> (Vulnerable code introduced later) NOTE: https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-35q2-86c7-9247 NOTE: https://github.com/ImageMagick/ImageMagick6/commit/e30c693b37c3b41723f1469d1226a2c814ca443d (ImageMagick 6.9.12-84) @@ -56193,8 +56191,6 @@ CVE-2023-1290 (A vulnerability, which was classified as critical, has been found NOT-FOR-US: SourceCodester Sales Tracker Management System CVE-2023-1289 (A vulnerability was discovered in ImageMagick where a specially create ...) - imagemagick 8:6.9.12.98+dfsg1-2 - [bookworm] - imagemagick <no-dsa> (Minor issue) - [bullseye] - imagemagick <no-dsa> (Minor issue) NOTE: https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-j96m-mjp6-99xr NOTE: https://github.com/ImageMagick/ImageMagick/commit/c5b23cbf2119540725e6dc81f4deb25798ead6a4 (7.1.1-0) NOTE: https://github.com/ImageMagick/ImageMagick6/commit/706d381b7eb79927d328c96f7b7faab5dc109368 (6.9.12-78) @@ -121847,8 +121843,6 @@ CVE-2022-32547 (In ImageMagick, there is load of misaligned address for type 'do NOTE: https://github.com/ImageMagick/ImageMagick6/commit/dc070da861a015d3c97488fdcca6063b44d47a7b (6.9.12-45) CVE-2023-34151 (A vulnerability was found in ImageMagick. This security flaw ouccers a ...) - imagemagick 8:6.9.12.98+dfsg1-2 (bug #1036999) - [bookworm] - imagemagick <no-dsa> (Minor issue) - [bullseye] - imagemagick <no-dsa> (Minor issue) NOTE: https://github.com/ImageMagick/ImageMagick/issues/6341 NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/3d6d98d8a2be30d74172ab43b5b8e874d2deb158 (7.1.1-10) NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/133089f716f23ce0b80d89ccc1fd680960235512 (6.9.12-88) @@ -135373,8 +135367,6 @@ CVE-2022-1116 (Integer Overflow or Wraparound vulnerability in io_uring of Linux - linux <not-affected> (Vulnerable code not present; introduced in 5.4.24; fixed in 5.4.189) CVE-2022-1115 (A heap-buffer-overflow flaw was found in ImageMagick\u2019s PushShortP ...) - imagemagick 8:6.9.12.98+dfsg1-2 (bug #1013282) - [bookworm] - imagemagick <no-dsa> (Minor issue) - [bullseye] - imagemagick <no-dsa> (Minor issue) [buster] - imagemagick <not-affected> (code is introduced later) [stretch] - imagemagick <not-affected> (code is introduced later) NOTE: https://github.com/ImageMagick/ImageMagick/issues/4974 @@ -188329,8 +188321,6 @@ CVE-2021-3611 (A stack overflow vulnerability was found in the Intel HD Audio de CVE-2021-3610 (A heap-based buffer overflow vulnerability was found in ImageMagick in ...) [experimental] - imagemagick 8:6.9.12.20+dfsg1-1 - imagemagick 8:6.9.12.98+dfsg1-2 (bug #1037090) - [bookworm] - imagemagick <no-dsa> (Minor issue) - [bullseye] - imagemagick <no-dsa> (Minor issue) [buster] - imagemagick <not-affected> (Vulnerable code introduced later) NOTE: https://github.com/ImageMagick/ImageMagick/commit/930ff0d1a9bc42925a7856e9ea53f5fc9f318bf3 NOTE: ImageMagick6 prerequisite for <= 6.9.10-92: https://github.com/ImageMagick/ImageMagick6/commit/2d96228eec9fbea62ddb6c1450fa8d43e2c6b68a diff --git a/data/DSA/list b/data/DSA/list index 0e98cea2a9..ca4e983c58 100644 --- a/data/DSA/list +++ b/data/DSA/list @@ -1,3 +1,7 @@ +[22 Feb 2024] DSA-5628-1 imagemagick - security update + {CVE-2021-3610 CVE-2022-1115 CVE-2023-1289 CVE-2023-1906 CVE-2023-3428 CVE-2023-5341 CVE-2023-34151} + [bullseye] - imagemagick 8:6.9.11.60+dfsg-1.3+deb11u3 + [bookworm] - imagemagick 8:6.9.11.60+dfsg-1.6+deb12u1 [21 Feb 2024] DSA-5627-1 firefox-esr - security update {CVE-2024-1546 CVE-2024-1547 CVE-2024-1548 CVE-2024-1549 CVE-2024-1550 CVE-2024-1551 CVE-2024-1552 CVE-2024-1553} [bullseye] - firefox-esr 115.8.0esr-1~deb11u1 diff --git a/data/dsa-needed.txt b/data/dsa-needed.txt index fc4ae58486..286026449f 100644 --- a/data/dsa-needed.txt +++ b/data/dsa-needed.txt @@ -35,8 +35,6 @@ gtkwave -- h2o (jmm) -- -imagemagick (jmm) --- iwd (carnil) -- libreswan (jmm) |