pkgsrc-Changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
CVS commit: pkgsrc/doc
Module Name: pkgsrc
Committed By: kikadf
Date: Mon Aug 4 13:22:03 UTC 2025
Modified Files:
pkgsrc/doc: pkg-vulnerabilities
Log Message:
doc/pkg-vulnerabilities: ImageMagick6 alarm fine-tuning
CVE-2017-9499: ImageMagick6 is not affected, problematic code released in ImageMagick7,
https://github.com/ImageMagick/ImageMagick/blame/7fd419441bc7103398e313558171d342c6315f44/coders/mpc.c#L564
CVE-2017-10928: Fixed in 6.9.10-6, https://github.com/ImageMagick/ImageMagick/issues/1089
CVE-2017-1116: Fixed in 6.9.8-5, https://github.com/ImageMagick/ImageMagick/issues/471
CVE-2017-11141: Fixed in 6.9.8-5, https://github.com/ImageMagick/ImageMagick/issues/469
CVE-2017-10995: Fixed in 6.9.9-1, https://github.com/ImageMagick/ImageMagick/issues/538
CVE-2017-11188: Fixed in 6.9.8-10, https://github.com/ImageMagick/ImageMagick/issues/509
CVE-2017-11170: Fixed in 6.9.8-5, https://github.com/ImageMagick/ImageMagick/issues/472
CVE-2017-11478: Fixed in 6.9.9-0, https://github.com/ImageMagick/ImageMagick/issues/528
CVE-2017-14739: Fixed in 6.9.9-17, https://github.com/ImageMagick/ImageMagick/issues/780
CVE-2017-17914: Fixed in 6.9.9-28, https://github.com/ImageMagick/ImageMagick/issues/908
CVE-2017-17934: Fixed in 6.9.9-29, https://github.com/ImageMagick/ImageMagick/issues/920
CVE-2018-5357: Fixed in 6.9.9-34, https://github.com/ImageMagick/ImageMagick/issues/941
CVE-2018-5358: Fixed in 6.9.9-34, https://github.com/ImageMagick/ImageMagick/issues/939
CVE-2018-10804: Fixed in 6.9.9-40, https://github.com/ImageMagick/ImageMagick/issues/1053
CVE-2018-10805: Fixed in 6.9.9-40, https://github.com/ImageMagick/ImageMagick/issues/1054
To generate a diff of this commit:
cvs rdiff -u -r1.485 -r1.486 pkgsrc/doc/pkg-vulnerabilities
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: pkgsrc/doc/pkg-vulnerabilities
diff -u pkgsrc/doc/pkg-vulnerabilities:1.485 pkgsrc/doc/pkg-vulnerabilities:1.486
--- pkgsrc/doc/pkg-vulnerabilities:1.485 Sun Aug 3 10:45:22 2025
+++ pkgsrc/doc/pkg-vulnerabilities Mon Aug 4 13:22:03 2025
@@ -1,4 +1,4 @@
-# $NetBSD: pkg-vulnerabilities,v 1.485 2025/08/03 10:45:22 wiz Exp $
+# $NetBSD: pkg-vulnerabilities,v 1.486 2025/08/04 13:22:03 kikadf Exp $
#
#FORMAT 1.0.0
#
@@ -12316,7 +12316,7 @@ ImageMagick6<6.9.8.10 denial-of-service
ImageMagick<7.0.6.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9407
ImageMagick6<6.9.8.10 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9407
ImageMagick<7.0.6.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9499
-ImageMagick6-[0-9]* denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9499
+#ImageMagick6-[0-9]* denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9499
ImageMagick<7.0.6.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9500
ImageMagick6<6.9.8.10 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9500
poppler-utils<0.56.0 null-dereference https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7511
@@ -12540,17 +12540,17 @@ xenkernel48<4.8.2 multiple-vulnerabiliti
py{27,34,35,36}-tlslite<0.4.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-3220
radare2<1.6.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-10929
ImageMagick<7.0.6.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-10928
-ImageMagick6-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-10928
+ImageMagick6<6.9.10.6 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-10928
ImageMagick<7.0.5.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11166
-ImageMagick6-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11166
+ImageMagick6<6.9.8.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11166
ImageMagick<7.0.5.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11141
-ImageMagick6-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11141
+ImageMagick6<6.9.8.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11141
ImageMagick<7.0.6.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-10995
-ImageMagick6-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-10995
+ImageMagick6<6.9.9.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-10995
ImageMagick<7.0.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11188
-ImageMagick6-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11188
+ImageMagick6<6.9.8.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11188
ImageMagick<7.0.5.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11170
-ImageMagick6-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11170
+ImageMagick6<6.9.8.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11170
modular-xorg-server<1.19.4 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-10971
modular-xorg-server<1.19.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-10972
qemu<2.10.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9524
@@ -12591,7 +12591,7 @@ poppler<0.56 heap-overflow https://nvd.
poppler<0.55 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-2814
gnome-session<2.29.92 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11171
ImageMagick<7.0.6.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11478
-ImageMagick6-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11478
+ImageMagick6<6.9.9.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11478
ImageMagick<7.0.6.1 multiple-vulnerabilities https://github.com/ImageMagick/ImageMagick/issues/556
ImageMagick6<6.9.9.0 multiple-vulnerabilities https://github.com/ImageMagick/ImageMagick/issues/556
ImageMagick<7.0.7.2 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-11540
@@ -13303,7 +13303,7 @@ botan<1.10.17 weak-cryptography https:/
ImageMagick<7.0.7.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14741
ImageMagick6<6.9.9.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14741
ImageMagick<7.0.7.7 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-14739
-ImageMagick6-[0-9]* null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-14739
+ImageMagick6<6.9.9.17 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-14739
ffmpeg2<2.8.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14222
ffmpeg3<3.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14222
ffmpeg2<2.8.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14223
@@ -13854,9 +13854,9 @@ nss<3.49 heap-overflow https://nvd.nist
nss<3.49 floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2017-11697
nss<3.49 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-11698
ImageMagick<7.0.7.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17914
-ImageMagick6-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17914
+ImageMagick6<6.9.9.28 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17914
ImageMagick<7.0.7.17 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2017-17934
-ImageMagick6-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2017-17934
+ImageMagick6<6.9.9.29 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2017-17934
ImageMagick<7.0.7.16 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2017-17884
ImageMagick6<6.9.9.28 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2017-17884
ImageMagick<7.0.7.12 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2017-17885
@@ -14111,9 +14111,9 @@ wireshark>=2.4<2.4.4 denial-of-service h
cups<1.6 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2014-8166
qemu<1.7.2 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2014-3471
ImageMagick<7.0.7.22 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5357
-ImageMagick6-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5357
+ImageMagick6<6.9.9.34 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5357
ImageMagick<7.0.7.22 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5358
-ImageMagick6-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5358
+ImageMagick6<6.9.9.34 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5358
ImageMagick<7.0.7.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-1000476
ImageMagick6<6.9.9.24 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-1000476
ImageMagick<7.0.7.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-18027
@@ -15017,9 +15017,9 @@ exiv2<0.27 denial-of-service https://nv
haproxy<1.8.8 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-10184
prosody<0.10.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-18265
ImageMagick<7.0.7.28 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-10804
-ImageMagick6-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-10804
+ImageMagick6<6.9.9.40 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-10804
ImageMagick<7.0.7.28 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-10805
-ImageMagick6-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-10805
+ImageMagick6<6.9.9.40 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-10805
ImageMagick<7.0.7.17 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-11251
ImageMagick6<6.9.9.29 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-11251
ImageMagick<7.0.7.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18271
Home |
Main Index |
Thread Index |
Old Index