Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 631556

Summary: <media-gfx/imagemagick-6.9.4.1: Out-of-bounds read in mat.c (CVE-2016-10070)
Product: Gentoo Security Reporter: GLSAMaker/CVETool Bot <glsamaker>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED OBSOLETE    
Severity: minor CC: graphics+disabled
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard: B3 [noglsa cve]
Package list:
Runtime testing required: ---
Bug Depends on:    
Bug Blocks: 631558    

Description GLSAMaker/CVETool Bot gentoo-dev 2017-09-20 17:44:56 UTC 
CVE-2016-10070 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-10070):
  Heap-based buffer overflow in the CalcMinMax function in coders/mat.c in
  ImageMagick before 6.9.4-0 allows remote attackers to cause a denial of
  service (out-of-bounds read and application crash) via a crafted mat file.
Comment 1 Thomas Deutschmann (RETIRED) gentoo-dev 2017-09-20 17:57:39 UTC 
Fixed by upstream since 6.9.4.0. Landed in Gentoo via bf1360d003a494888c306a9b8ae00452861d13f9 in 6.9.4.1. Current stable version in Gentoo repository is 6.9.7.4. All done.