[Pkg-gmagick-im-team] Bug#740250: imagemagick: CVE-2014-1947 CVE-2014-1958 CVE-2014-2030
Bastien ROUCARIES
roucaries.bastien at gmail.com
Fri Feb 28 17:37:09 UTC 2014
We are affectés by another buffer overflow that upstream call 1947...
Will add patch soon
I am really confused
Le 28 févr. 2014 11:20, "Bastien ROUCARIES" <
roucaries.bastien+imagemagick at gmail.com> a écrit :
> We are not affected by CVE-2014-1947: but by CVE-2014-2030
>
> On Thu, Feb 27, 2014 at 2:45 PM, Moritz Muehlenhoff <jmm at inutil.org>
> wrote:
> > Package: imagemagick
> > Severity: grave
> > Tags: security
> > Justification: user security hole
> >
> > The CVE assignments are a bit tricky, please see
> http://www.openwall.com/lists/oss-security/2014/02/12/2
> > for the thread on oss-security.
> >
> > CVE-2014-1958
> > http://trac.imagemagick.org/changeset/14801
> >
> > CVE-2014-1947:
> > http://trac.imagemagick.org/changeset/13736
> >
> > Cheers,
> > Moritz
> >
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/pkg-gmagick-im-team/attachments/20140228/1ca09fa4/attachment.html>
More information about the Pkg-gmagick-im-team
mailing list