An updated version of Imagemagick is available: 6.1.3 The changelog mentions a buffer-overflow in the exif-loader code, which was fixed in 6.1.2: 2004-10-25 Daniel Kobras <kobras@debian.org> * Fix EXIF code to prevent an overflow of the ifdstack array by one entry.
Graphics please bump
imagemagick-6.1.3.2 added to portage
Arches please mark imagemagick and dev-perl/perlmagick 6.1.3.2 stable.
Stable on amd64.
Stable on ppc.
Ok, arches DON'T MARK STABLE. This ebuild as it is breaks libtool...
*** Bug 67553 has been marked as a duplicate of this bug. ***
sparc stable, sekretarz fixed the ebuild.
Stable on alpha.
hppa/ia64 stable
stable on x86
I am not sure "Fix EXIF code to prevent an overflow of the ifdstack array by one entry" means it could be exploited to execute arbitrary code... Any other advisory or upstream confirmation ?
Secunia thinks so: http://secunia.com/advisories/12995/
Looks ok to me... go for a GLSA CAN-2004-0981
Back to stable, missing stable on ppc and ppc64. Please mark 6.1.3.2 stable
stable on ppc64
ppc finally done
GLSA 200411-11
Stable on mips.