| Summary: | <media-gfx/graphicsmagick-1.3.24: DoS | ||
|---|---|---|---|
| Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
| Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
| Status: | RESOLVED FIXED | ||
| Severity: | minor | CC: | graphics+disabled |
| Priority: | Normal | ||
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| URL: | http://seclists.org/oss-sec/2016/q2/460 | ||
| Whiteboard: | B3 [noglsa cve] | ||
| Package list: | Runtime testing required: | --- | |
v1.3.24 which fixed the reported issues hit Gentoo repository via https://gitweb.gentoo.org/repo/gentoo.git/commit/media-gfx/graphicsmagick?id=68407a602cc64231cd887123da2d33dbe5756230 =media-gfx/graphicsmagick-1.3.25 is the current stable version in the repository. No vulnerable version left. @ Security: Please vote! Code fixing the issue: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/ddc999ec896c Additional details: https://sources.debian.net/src/graphicsmagick/1.3.25-5/debian/changelog/#L31 As previously noted by Whissi the fixed code was introduced to the tree in 1.3.24. GLSA Vote: No *** Bug 582236 has been marked as a duplicate of this bug. *** |
From ${URL} : We recently tested GraphicsMagick with our tool and found two issues that causes DoS: * Infinite loop caused by converting a circularly defined svg file. * Arithmetic exception converting a svg file caused by a X%0 operation in magick/render.c:3800 (long) (y-fill_pattern->tile_info.y) % fill_pattern->rows, Reproducers for both issues are attached. They are triggered by converting a svg to another format. Identification is not affected. These issues affect 1.3.18 and 1.3.23. Most likely other versions are vulnerable too. @maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.