[Pkg-gmagick-im-team] Bug#832890: Bug#832890: CVE-2016-5687
Bastien ROUCARIES
roucaries.bastien at gmail.com
Fri Jul 29 21:28:51 UTC 2016
commit a988a2748af6d56057d00d61caed5ffc162015d1
Author: dirk <dirk at git.imagemagick.org>
Date: Thu May 12 21:55:05 2016 +0200
Raise warning instead of error because we return the image(s) read so far.
(cherry picked from commit c023c438c61801e68ea86efc93c3577269f1a1ac)
This is needed for fixing CVE-2016-5687
origin: upstream,https://github.com/ImageMagick/ImageMagick/commit/c023c438c61801e68ea86efc93c3577269f1a1ac
bug-debian: https://bugs.debian.org/832890
commit cc3677fff7e94c4e972aa09216cf8c03e3ab9da8
Author: dirk <dirk at git.imagemagick.org>
Date: Sat Jul 18 22:13:41 2015 +0000
Removed incorrect EOF check.
(cherry picked from commit 0b7172f2ba2c9e664d4df148e7d6e14a50edb57a)
This is needed for fixing CVE-2016-5687
origin: upstream,https://github.com/ImageMagick/ImageMagick/commit/0b7172f2ba2c9e664d4df148e7d6e14a50edb57a
bug-debian: https://bugs.debian.org/832890
On Fri, Jul 29, 2016 at 12:22 PM, Bastien ROUCARIES
<roucaries.bastien at gmail.com> wrote:
> Package: src:imagemagick
> Version: 8:6.7.7.10-5
> Severity: grave
> Tags: patch security
> X-Debbugs-CC: secure-testing-team at lists.alioth.debian.org
>
>
> An out of bounds memory read in the VerticalFilter() function can be
> triggered by a malformed DDS file.
>
> _______________________________________________
> Pkg-gmagick-im-team mailing list
> Pkg-gmagick-im-team at lists.alioth.debian.org
> http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-gmagick-im-team
More information about the Pkg-gmagick-im-team
mailing list