[Pkg-gmagick-im-team] Bug#799524: multiple security issues
Vincent Fourmond
fourmond at debian.org
Sat Sep 19 20:10:02 UTC 2015
Package: src:imagemagick
Version: 8:6.8.9.9-5
Severity: serious
Tags: security
Current version of imagemagick in stable/unstable is affected by
multiple security bugs:
- A DOS on specially crafted MIFF file (TEMP-0000000-FDAC72).
- A DOS on specially crafted Vicar file (TEMP-0000000-EEF23C).
- A DOS on specially crafted HDR file (TEMP-0000000-7C079F).
- A DOS on specially crafted PDB file (TEMP-0000000-2FC21E).
- Avoid a null pointer dereference in JNG decoder.
- Avoid a DOS for RLE file.
- Avoid double free on TGA file.
- Avoid a bufer overflow by using field limit in sprintf.
- Avoid a stack overflow in fx handling.
More info there:
https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1490362
This bug report is just for tracking.
Vincent
-- System Information:
Debian Release: stretch/sid
APT prefers unstable
APT policy: (500, 'unstable'), (500, 'stable'), (500, 'oldstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.0.0-1-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_GB.utf8, LC_CTYPE=en_GB.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
More information about the Pkg-gmagick-im-team
mailing list