[Pkg-gmagick-im-team] Bug#833485: CVE-2016-6520: imagemagick: buffer overflow
Bastien ROUCARIES
roucaries.bastien+imagemagick at gmail.com
Mon Aug 8 20:45:43 UTC 2016
control: fixed -1 8:6.8.9.9-7.2
according to http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=30259&p=136359#p136359
it is not for us
This is a ImageMagick 7 specific patch. We allocate the buffers based
on the number of image pixel channels, however, the method was not
returning the correct number of channels, 3 (RGB) instead of 4 (RGBA).
Calling SyncImagePixelCache() forces an update to the pixel cache
morphology and then GetImageChannels() correctly returns 4 channels. A
better fix, which we subsequently added, was to ensure that each
image, as it is returned by a coder, is synced such that
GetImageChannels() always returns the correct value. For this
particular case, we set the image trait to alpha but we did not
evaluate the image to update the change in the pixel cache morphology
from 3 to 4.
On Fri, Aug 5, 2016 at 4:19 AM, Henri Salo <henri at nerv.fi> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Package: imagemagick
> Version: 8:6.8.9.9-7.2
> Severity: important
> Tags: security, upstream, fixed-upstream
>
> A buffer overflow vulnerability has been fixed by following commit:
>
> https://github.com/ImageMagick/ImageMagick/commit/76401e172ea3a55182be2b8e2aca4d07270f6da6
>
> Related CVE request: http://www.openwall.com/lists/oss-security/2016/08/02/6
>
> - --
> Henri Salo
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1
>
> iQIcBAEBAgAGBQJXo/eaAAoJECet96ROqnV0u9QQANLAzG9TZtzzJ5PLCtr4ZeGZ
> 4HgWCG/QyZ050w3ytvmffRprsZIW05WrsAq9bOHqWE5pZEC9jBWNWs4bIlQtnD5n
> mw7onqbNQLVX/MToBFvCKz9/Ng9YjSvseRG9dAsNgZGSghg/OL6MF53fu14V4lOv
> J2zMGy7fLsgwSBQKNjpQAqKAfigZq+XSYFQ9UtV+kuiNk7Wjh+vJXn4GO/T1v5EM
> LhLdoZCb9ebmtvkfqlEFAESbCe1QTGeT09gRjbJ43aynAIz+gvt/mM4JUfiBpiDx
> ///+P056oOLTAPNmCSMcapdX2A5DedOJDh8e6zrurJmbAEnbvIUGvcPKmdFS34au
> y9w4RF2NGNFJNf9zJ/vNLbsbjsXQQEE6qZ8bBxdZ9u9lNwbaI6lLtriOOLdlWfX+
> a5Swe9Yt+sw0hY9TTmGxpyEfpXnzvggOWOs/4879g/+LjWc5waJlU+sSygi+JYHF
> srtK3U8gLr9jlG7nGa6zMG7euRmuc+ipoYcyjYEb89TOrBQq4U6MqhCpQutVsDq4
> 78KY9UEHfF8MSNWiWJUgKcQws2tGKFmJz3WhRqE4D6TXajKD0IfaFQ4oJwuhA9ty
> G8HuMT38mtIBjpVSv+jYT312XfZ0bWRmzuKWIGiTxl1tygTdV5OgPkkJWL0K+4dA
> f/jwBBIC7FnUx3vQ20S9
> =VOoc
> -----END PGP SIGNATURE-----
>
More information about the Pkg-gmagick-im-team
mailing list