Summary: | media-gfx/imagemagick < 6.3.3-5 DCM and XWD overflows CVE-2007-1797 | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Matt Drew (RETIRED) <aetius> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | graphics+disabled, karsten.elfenbein, sekretarz |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=496 | ||
Whiteboard: | B2 [glsa] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | |||
Bug Blocks: | 152672, 159567 |
Description
Matt Drew (RETIRED)
2007-04-02 19:23:39 UTC
setting status. from the idefense advisory: "iDefense has confirmed the existence of these vulnerabilities in ImageMagick version 6.3.x. Additionally, the source code for versions 6.3.1, 6.3.2, 6.3.3-3 and 6.2.9 contain the affected code. It is suspected that earlier versions of ImageMagick are also vulnerable." Pulling in herd. this issue has been assigned CVE-2007-1797 Bumped to 6.3.3-8 in CVS which should fix all these issues afaik. Thx Kloeri (I had hoped for a real maintainer though) Arches please test and mark stable. Target keywords are: imagemagick-6.3.3.ebuild:KEYWORDS="alpha amd64 arm hppa ia64 mips ppc ppc64 s390 sh sparc x86 ~x86-fbsd" sparc stable. ia64 + x86 stable amd64 stable Stable for HPPA. alpha done ppc64 stable ppc stable, this one is ready for GLSA. GLSA 200705-13 arm, mips, s390, sh don't forget to mark stable to benifit from the GLSA. |