Skip to content

Commit c9af737

Browse files
author
kikadf
committed
doc/pkg-vulnerabilities: ImageMagick6 alarm fine-tuning
CVE-2017-9499: ImageMagick6 is not affected, problematic code released in ImageMagick7, https://github.com/ImageMagick/ImageMagick/blame/7fd419441bc7103398e313558171d342c6315f44/coders/mpc.c#L564 CVE-2017-10928: Fixed in 6.9.10-6, ImageMagick/ImageMagick#1089 CVE-2017-1116: Fixed in 6.9.8-5, ImageMagick/ImageMagick#471 CVE-2017-11141: Fixed in 6.9.8-5, ImageMagick/ImageMagick#469 CVE-2017-10995: Fixed in 6.9.9-1, ImageMagick/ImageMagick#538 CVE-2017-11188: Fixed in 6.9.8-10, ImageMagick/ImageMagick#509 CVE-2017-11170: Fixed in 6.9.8-5, ImageMagick/ImageMagick#472 CVE-2017-11478: Fixed in 6.9.9-0, ImageMagick/ImageMagick#528 CVE-2017-14739: Fixed in 6.9.9-17, ImageMagick/ImageMagick#780 CVE-2017-17914: Fixed in 6.9.9-28, ImageMagick/ImageMagick#908 CVE-2017-17934: Fixed in 6.9.9-29, ImageMagick/ImageMagick#920 CVE-2018-5357: Fixed in 6.9.9-34, ImageMagick/ImageMagick#941 CVE-2018-5358: Fixed in 6.9.9-34, ImageMagick/ImageMagick#939 CVE-2018-10804: Fixed in 6.9.9-40, ImageMagick/ImageMagick#1053 CVE-2018-10805: Fixed in 6.9.9-40, ImageMagick/ImageMagick#1054
1 parent 2ccbf57 commit c9af737

1 file changed

Lines changed: 16 additions & 16 deletions

File tree

doc/pkg-vulnerabilities

Lines changed: 16 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
# $NetBSD: pkg-vulnerabilities,v 1.485 2025/08/03 10:45:22 wiz Exp $
1+
# $NetBSD: pkg-vulnerabilities,v 1.486 2025/08/04 13:22:03 kikadf Exp $
22
#
33
#FORMAT 1.0.0
44
#
@@ -12316,7 +12316,7 @@ ImageMagick6<6.9.8.10 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cg
1231612316
ImageMagick<7.0.6.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9407
1231712317
ImageMagick6<6.9.8.10 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9407
1231812318
ImageMagick<7.0.6.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9499
12319-
ImageMagick6-[0-9]* denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9499
12319+
#ImageMagick6-[0-9]* denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9499
1232012320
ImageMagick<7.0.6.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9500
1232112321
ImageMagick6<6.9.8.10 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9500
1232212322
poppler-utils<0.56.0 null-dereference https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7511
@@ -12540,17 +12540,17 @@ xenkernel48<4.8.2 multiple-vulnerabilities https://xenbits.xen.org/xsa/advisory-
1254012540
py{27,34,35,36}-tlslite<0.4.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-3220
1254112541
radare2<1.6.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-10929
1254212542
ImageMagick<7.0.6.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-10928
12543-
ImageMagick6-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-10928
12543+
ImageMagick6<6.9.10.6 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-10928
1254412544
ImageMagick<7.0.5.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11166
12545-
ImageMagick6-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11166
12545+
ImageMagick6<6.9.8.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11166
1254612546
ImageMagick<7.0.5.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11141
12547-
ImageMagick6-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11141
12547+
ImageMagick6<6.9.8.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11141
1254812548
ImageMagick<7.0.6.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-10995
12549-
ImageMagick6-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-10995
12549+
ImageMagick6<6.9.9.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-10995
1255012550
ImageMagick<7.0.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11188
12551-
ImageMagick6-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11188
12551+
ImageMagick6<6.9.8.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11188
1255212552
ImageMagick<7.0.5.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11170
12553-
ImageMagick6-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11170
12553+
ImageMagick6<6.9.8.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11170
1255412554
modular-xorg-server<1.19.4 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-10971
1255512555
modular-xorg-server<1.19.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-10972
1255612556
qemu<2.10.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9524
@@ -12591,7 +12591,7 @@ poppler<0.56 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-2818
1259112591
poppler<0.55 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-2814
1259212592
gnome-session<2.29.92 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11171
1259312593
ImageMagick<7.0.6.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11478
12594-
ImageMagick6-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11478
12594+
ImageMagick6<6.9.9.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11478
1259512595
ImageMagick<7.0.6.1 multiple-vulnerabilities https://github.com/ImageMagick/ImageMagick/issues/556
1259612596
ImageMagick6<6.9.9.0 multiple-vulnerabilities https://github.com/ImageMagick/ImageMagick/issues/556
1259712597
ImageMagick<7.0.7.2 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-11540
@@ -13303,7 +13303,7 @@ botan<1.10.17 weak-cryptography https://nvd.nist.gov/vuln/detail/CVE-2017-14737
1330313303
ImageMagick<7.0.7.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14741
1330413304
ImageMagick6<6.9.9.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14741
1330513305
ImageMagick<7.0.7.7 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-14739
13306-
ImageMagick6-[0-9]* null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-14739
13306+
ImageMagick6<6.9.9.17 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-14739
1330713307
ffmpeg2<2.8.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14222
1330813308
ffmpeg3<3.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14222
1330913309
ffmpeg2<2.8.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14223
@@ -13854,9 +13854,9 @@ nss<3.49 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-11696
1385413854
nss<3.49 floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2017-11697
1385513855
nss<3.49 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-11698
1385613856
ImageMagick<7.0.7.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17914
13857-
ImageMagick6-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17914
13857+
ImageMagick6<6.9.9.28 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17914
1385813858
ImageMagick<7.0.7.17 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2017-17934
13859-
ImageMagick6-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2017-17934
13859+
ImageMagick6<6.9.9.29 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2017-17934
1386013860
ImageMagick<7.0.7.16 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2017-17884
1386113861
ImageMagick6<6.9.9.28 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2017-17884
1386213862
ImageMagick<7.0.7.12 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2017-17885
@@ -14111,9 +14111,9 @@ wireshark>=2.4<2.4.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018
1411114111
cups<1.6 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2014-8166
1411214112
qemu<1.7.2 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2014-3471
1411314113
ImageMagick<7.0.7.22 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5357
14114-
ImageMagick6-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5357
14114+
ImageMagick6<6.9.9.34 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5357
1411514115
ImageMagick<7.0.7.22 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5358
14116-
ImageMagick6-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5358
14116+
ImageMagick6<6.9.9.34 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5358
1411714117
ImageMagick<7.0.7.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-1000476
1411814118
ImageMagick6<6.9.9.24 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-1000476
1411914119
ImageMagick<7.0.7.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-18027
@@ -15017,9 +15017,9 @@ exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10958
1501715017
haproxy<1.8.8 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-10184
1501815018
prosody<0.10.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-18265
1501915019
ImageMagick<7.0.7.28 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-10804
15020-
ImageMagick6-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-10804
15020+
ImageMagick6<6.9.9.40 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-10804
1502115021
ImageMagick<7.0.7.28 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-10805
15022-
ImageMagick6-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-10805
15022+
ImageMagick6<6.9.9.40 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-10805
1502315023
ImageMagick<7.0.7.17 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-11251
1502415024
ImageMagick6<6.9.9.29 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-11251
1502515025
ImageMagick<7.0.7.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18271

0 commit comments

Comments
 (0)