Bug#832890: [Pkg-gmagick-im-team] Bug#832890: CVE-2016-5687

Bastien ROUCARIES Fri, 29 Jul 2016 14:33:28 -0700

commit a988a2748af6d56057d00d61caed5ffc162015d1
Author: dirk <d...@git.imagemagick.org>
Date:   Thu May 12 21:55:05 2016 +0200


    Raise warning instead of error because we return the image(s) read so far.

    (cherry picked from commit c023c438c61801e68ea86efc93c3577269f1a1ac)

    This is needed for fixing CVE-2016-5687

    origin: 
upstream,https://github.com/ImageMagick/ImageMagick/commit/c023c438c61801e68ea86efc93c3577269f1a1ac
    bug-debian: https://bugs.debian.org/832890

commit cc3677fff7e94c4e972aa09216cf8c03e3ab9da8
Author: dirk <d...@git.imagemagick.org>
Date:   Sat Jul 18 22:13:41 2015 +0000

    Removed incorrect EOF check.

    (cherry picked from commit 0b7172f2ba2c9e664d4df148e7d6e14a50edb57a)

    This is needed for fixing CVE-2016-5687

    origin: 
upstream,https://github.com/ImageMagick/ImageMagick/commit/0b7172f2ba2c9e664d4df148e7d6e14a50edb57a
    bug-debian: https://bugs.debian.org/832890

On Fri, Jul 29, 2016 at 12:22 PM, Bastien ROUCARIES
<roucaries.bast...@gmail.com> wrote:
> Package: src:imagemagick
> Version: 8:6.7.7.10-5
> Severity: grave
> Tags: patch security
> X-Debbugs-CC: secure-testing-t...@lists.alioth.debian.org
>
>
> An out of bounds memory read in the VerticalFilter() function can be
> triggered by a malformed DDS file.
>
> _______________________________________________
> Pkg-gmagick-im-team mailing list
> pkg-gmagick-im-t...@lists.alioth.debian.org
> http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-gmagick-im-team

Bug#832890: [Pkg-gmagick-im-team] Bug#832890: CVE-2016-5687

Reply via email to