[Pkg-gmagick-im-team] Bug#665007: RE : Bug#665007: CVE-2012-1185 / CVE-2012-1186: incomplete ImageMagick fixes for CVE-2012-0247 / CVE-2012-0248

Bastien ROUCARIES roucaries.bastien at gmail.com
Wed Mar 28 06:32:11 UTC 2012


Thanks,

Patch are under git

My usual mentors may apply tomorrow or saturday

Bastien

Le 22 mars 2012 12:09, "Giuseppe Iuculano" <iuculano at debian.org> a écrit :

Package: imagemagick
Severity: serious
Tags: security

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi,

The original fixes for the ImageMagick issues CVE-2012-0247 and
CVE-2012-0248 are incomplete.

Please see:

http://seclists.org/oss-sec/2012/q1/685
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1185
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1186

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iEYEARECAAYFAk9q/WUACgkQNxpp46476arBQgCeLZLei0zKKvxadUhYfFUpLw6f
EF4An30VihPmJDQmyY8MzuOibIoIT5Yx
=mRjI
-----END PGP SIGNATURE-----
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/pkg-gmagick-im-team/attachments/20120328/403243d4/attachment.html>


More information about the Pkg-gmagick-im-team mailing list