Summary: | <media-gfx/imagemagick-{6.9.8.6,7.0.5.7}: memory leak in ReadARTImage (CVE-2017-9143) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Volkan <vBugZilla> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | ||
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://bugzilla.redhat.com/show_bug.cgi?id=1455583 | ||
Whiteboard: | B3 [noglsa cve] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 612668 | ||
Bug Blocks: |
Description
Volkan
2017-06-05 15:02:11 UTC
CVE-2017-9143 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-9143): In ImageMagick 7.0.5-5, the ReadARTImage function in coders/art.c allows attackers to cause a denial of service (memory leak) via a crafted .art file. For 6.x, fixed in >=6.9.8-5 by 7b8c1df65b25d6671f113e2306982eded44ce3b4 Gentoo has =media-gfx/imagemagick-6.9.8.6 (which gets currently stabilized in bug 612668). For 7.x, fixed in >=7.0.5-6 by 3b0fe05cddd8910f84e51b4d50099702ea45ba4a Gentoo has =media-gfx/imagemagick-7.0.5.7 GLSA Vote: No |