Summary: | media-gfx/imagemagick 6.1.3 buffer overflow fix | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Andreas Kobara <abusch> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | major | CC: | graphics+disabled, sekretarz |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | All | ||
URL: | http://www.imagemagick.org/www/Changelog.html | ||
Whiteboard: | A2 [glsa] jaervosz | ||
Package list: | Runtime testing required: | --- |
Description
Andreas Kobara
2004-11-02 04:42:38 UTC
Graphics please bump imagemagick-6.1.3.2 added to portage Arches please mark imagemagick and dev-perl/perlmagick 6.1.3.2 stable. Stable on amd64. Stable on ppc. Ok, arches DON'T MARK STABLE. This ebuild as it is breaks libtool... *** Bug 67553 has been marked as a duplicate of this bug. *** sparc stable, sekretarz fixed the ebuild. Stable on alpha. hppa/ia64 stable stable on x86 I am not sure "Fix EXIF code to prevent an overflow of the ifdstack array by one entry" means it could be exploited to execute arbitrary code... Any other advisory or upstream confirmation ? Secunia thinks so: http://secunia.com/advisories/12995/ Looks ok to me... go for a GLSA CAN-2004-0981 Back to stable, missing stable on ppc and ppc64. Please mark 6.1.3.2 stable stable on ppc64 ppc finally done GLSA 200411-11 Stable on mips. |