Summary: | <media-gfx/imagemagick-6.8.9: multiple vulnerabilities | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | graphics+disabled |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://www.openwall.com/lists/oss-security/2015/10/07/2 | ||
Whiteboard: | B2 [glsa] | ||
Package list: | Runtime testing required: | --- |
Description
Agostino Sarubbo
2015-10-12 07:57:31 UTC
(In reply to Agostino Sarubbo from comment #0) > From ${URL} : > > Moshe Kaplan has reported three flaws in ImageMagick to the Ubuntu > bugtracker and ImageMagick upstream. > > https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1459747 > Reportedly fixed with: > https://github.com/ImageMagick/ImageMagick/commit/ > 0f6fc2d5bf8f500820c3dbcf0d23ee14f2d9f734 > > https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1490362 > Reportedly fixed with: > https://github.com/ImageMagick/ImageMagick/commit/ > 4f68e9661518463fca523c9726bb5d940a2aa6d8 > > https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1448803 > Fix unknown. > > The bugs include stacktraces and reproducer inputs. > > > > @maintainer(s): after the bump, in case we need to stabilize the package, > please let us know if it is ready for the stabilization or not. Following those links shows that the bug was fixed in imagemagick 6.8.9. 6.9.0.3 is in Portage already stable. Added to existing GLSA This issue was resolved and addressed in GLSA 201606-14 at https://security.gentoo.org/glsa/201606-14 by GLSA coordinator Aaron Bauman (b-man). |