Summary: | <media-gfx/graphicsmagick-1.3.27: Out-of-bounds read in mat.c (CVE-2016-10070) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | GLSAMaker/CVETool Bot <glsamaker> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | graphics+disabled |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | B3 [noglsa cve] | ||
Package list: | Runtime testing required: | --- |
Description
GLSAMaker/CVETool Bot
2017-09-20 17:44:27 UTC
From http://www.graphicsmagick.org/Changelog.html: > 2017-09-14 Bob Friesenhahn <bfriesen@...> > > coders/mat.c (ReadMATImage): Fix CVE-2016-10070, which is a heap > overflow in the MAT reader due to an under-sized memory allocation. > Based on private email from Petr Gajdos on Mon, 11 Sep 2017. Upstream patch: https://sourceforge.net/p/graphicsmagick/code/ci/a0e598438aa970f237fa9b35edce0728cc144f29/ @maintainer(s), please clean the vulnerable version from the tree. cleanup will be tracked in bug #640690 GLSA Vote: No |