[Pkg-gmagick-im-team] Bug#740250: imagemagick: CVE-2014-1947 CVE-2014-1958 CVE-2014-2030

Bastien ROUCARIES roucaries.bastien+imagemagick at gmail.com
Sun Mar 2 07:57:04 UTC 2014


Sorry to all we are affected by 1947,

commit 43a7754127073ebf0dce2b59cb370c27ae5fbd58
Author: cristy <cristy at aa41f4f7-0bf4-0310-aa73-e5a19afd5a74>
Date:   Sun Feb 16 21:48:05 2014 +0000

Link are incomplete. Will fix asap

On Fri, Feb 28, 2014 at 11:20 AM, Bastien ROUCARIES
<roucaries.bastien+imagemagick at gmail.com> wrote:
> We are not affected by CVE-2014-1947: but by CVE-2014-2030
>
> On Thu, Feb 27, 2014 at 2:45 PM, Moritz Muehlenhoff <jmm at inutil.org> wrote:
>> Package: imagemagick
>> Severity: grave
>> Tags: security
>> Justification: user security hole
>>
>> The CVE assignments are a bit tricky, please see http://www.openwall.com/lists/oss-security/2014/02/12/2
>> for the thread on oss-security.
>>
>> CVE-2014-1958
>> http://trac.imagemagick.org/changeset/14801
>>
>> CVE-2014-1947:
>> http://trac.imagemagick.org/changeset/13736
>>
>> Cheers,
>>         Moritz
>>



More information about the Pkg-gmagick-im-team mailing list