Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 626660 (CVE-2017-11750)

Summary: <media-gfx/imagemagick-{6.9.9-4,7.0.6-4}: DoS (NULL pointer deference) via crafted file (CVE-2017-11750)
Product: Gentoo Security Reporter: Christopher Díaz Riveros (RETIRED) <chrisadr>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Severity: trivial CC: graphics+disabled
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard: ~3 [noglsa cve]
Package list:
Runtime testing required: ---

Description Christopher Díaz Riveros (RETIRED) gentoo-dev Security 2017-07-30 20:11:55 UTC
From URL:

Description: The ReadOneJNGImage function in coders/png.c in ImageMagick 6.9.9-4 and 7.0.6-4 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.
Comment 1 Christopher Díaz Riveros (RETIRED) gentoo-dev Security 2017-08-22 20:27:55 UTC

From the new URL:

A CVE will have to say bug was introduced in and 7.0.6-4, fixed in 6.9.9-5 and 7.0.6-5.

those versions were never stable but even in the case they were, they are already fixed.

Could you please confirm the new whiteboard and proceed to add the CVE with CVETool to be able to close the report?


Gentoo Security Padawan