data/CVE/list

@@ -41,7 +41,7 @@ CVE-2019-13302 (ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read in Ma
 CVE-2019-13301 (ImageMagick 7.0.8-50 Q16 has memory leaks in AcquireMagickMemory becau ...)
 	TODO: check
 CVE-2019-13300 (ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCor ...)
-	- imagemagick <unfixed>
+	- imagemagick <unfixed> (bug #931454)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1586
 	NOTE: https://github.com/ImageMagick/ImageMagick6/commit/5e409ae7a389cdf2ed17469303be3f3f21cec450
 CVE-2019-13299 (ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCo ...)
@@ -49,7 +49,11 @@ CVE-2019-13299 (ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at Ma
 CVE-2019-13298 (ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCor ...)
 	TODO: check
 CVE-2019-13297 (ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCo ...)
-	TODO: check
+	- imagemagick <unfixed>
+	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1609
+	NOTE: https://github.com/ImageMagick/ImageMagick6/commit/35c7032723d85eee7318ff6c82f031fa2666b773
+	NOTE: Some older version before the fixing commit did as well not check for
+	NOTE: width size.
 CVE-2019-13296 (ImageMagick 7.0.8-50 Q16 has direct memory leaks in AcquireMagickMemor ...)
 	TODO: check
 CVE-2019-13295 (ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCo ...)