graphicsmagick DSA

1 files changed, 3 insertions, 0 deletions

diff --git a/data/CVE/2018.list b/data/CVE/2018.list
index 6a2fe2a395..73e81a87d6 100644
--- a/data/CVE/2018.list
+++ b/data/CVE/2018.list
@@ -2598,6 +2598,7 @@ CVE-2018-20190 (In LibSass 3.5.5, a NULL Pointer Dereference in the function Sas
 CVE-2018-20189 (In GraphicsMagick 1.3.31, the ReadDIBImage function of coders/dib.c ha ...)
 	{DLA-1619-1}
 	- graphicsmagick 1.4~hg15873-1 (bug #916752)
+	[stretch] - graphicsmagick 1.3.30+hg15796-1~deb9u3
 	NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/648e2b406589
 	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/585/
 CVE-2018-20188 (FUEL CMS 1.4.3 has CSRF via users/create/ to add an administrator acco ...)
@@ -2613,6 +2614,7 @@ CVE-2018-20186 (An issue was discovered in Bento4 1.5.1-627. AP4_Sample::ReadDat
 CVE-2018-20185 (In GraphicsMagick 1.4 snapshot-20181209 Q8 on 32-bit platforms, there  ...)
 	{DLA-1619-1}
 	- graphicsmagick 1.4~hg15880-1 (bug #916719)
+	[stretch] - graphicsmagick 1.3.30+hg15796-1~deb9u3
 	NOTE: Partial fix: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/648e3977a293
 	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/582/
 	NOTE: Partial fix adressed in 1.4~hg15873-1, but according to maintainer not yet
@@ -2622,6 +2624,7 @@ CVE-2018-20185 (In GraphicsMagick 1.4 snapshot-20181209 Q8 on 32-bit platforms,
 CVE-2018-20184 (In GraphicsMagick 1.4 snapshot-20181209 Q8, there is a heap-based buff ...)
 	{DLA-1619-1}
 	- graphicsmagick 1.4~hg15873-1 (bug #916721)
+	[stretch] - graphicsmagick 1.3.30+hg15796-1~deb9u3
 	NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/15d1b5fd003b
 	NOTE: Upstream patch contains unrelated refactoring, trimmed down version available on
 	NOTE: the Debian bug report: https://bugs.debian.org/916721#15