[Secure-testing-team] Bug#814732: graphicsmagick: SVG parsing issues (CVE-2016-2317, CVE-2016-2318)
Salvatore Bonaccorso
carnil at debian.org
Sun Feb 14 19:24:12 UTC 2016
Source: graphicsmagick
Version: 1.3.23-1
Severity: important
Tags: security upstream
Hi,
Two CVEs were assigned for SVG parsing issues in graphicsmagick. The
original CVE request is in
http://seclists.org/oss-sec/2016/q1/297 containing as well
reproducers.
If you fix the vulnerabilities please also make sure to include the
CVE (Common Vulnerabilities & Exposures) ids in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2016-2317
[1] https://security-tracker.debian.org/tracker/CVE-2016-2318
Please adjust the affected versions in the BTS as needed.
Regards,
Salvatore
More information about the Secure-testing-team
mailing list