| Summary: | <media-gfx/graphicsmagick-1.3.27: in GraphicsMagick 1.3.26 (Null Pointer Deference in coders/pnm.c) | ||
|---|---|---|---|
| Product: | Gentoo Security | Reporter: | D'juan McDonald (domhnall) <flopwiki> |
| Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
| Status: | RESOLVED FIXED | ||
| Severity: | minor | CC: | graphics+disabled |
| Priority: | Normal | ||
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| URL: | https://sourceforge.net/p/graphicsmagick/bugs/466/ | ||
| Whiteboard: | B3 [noglsa cve] | ||
| Package list: | Runtime testing required: | --- | |
@maintainer(s), please clean the vulnerable version from the tree. cleanup will be tracked in bug #640690 GLSA Vote: No |
from {URL}: ReadPNMImage in coders/pnm.c in GraphicsMagick 1.3.26 does not ensure the correct number of colors for the XV 332 format, leading to a NULL Pointer Dereference. Patch:(http://hg.graphicsmagick.org/hg/GraphicsMagick?cmd=changeset;node=fb09ca6dd22c) CVE Details:(https://nvd.nist.gov/vuln/detail/CVE-2017-14504) @maintainer(s), please test and call stable if needed, thank you. Daj Uan (jmbailey) Gentoo Security Padawan