Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 596002 (CVE-2016-7799) - <media-gfx/imagemagick- global buffer overflow
Summary: <media-gfx/imagemagick- global buffer overflow
Alias: CVE-2016-7799
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
Whiteboard: B2 [glsa cve]
Depends on: CVE-2016-7906
  Show dependency tree
Reported: 2016-10-03 03:09 UTC by Ian Zimmerman
Modified: 2016-11-30 21:45 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---

patch for media-gfx/imagemagick- (CVE-2016-7799.patch,491 bytes, patch)
2016-10-11 09:05 UTC, Aaron Bauman (RETIRED)
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Ian Zimmerman 2016-10-03 03:09:24 UTC
According to the announcement on oss-security:

imagemagick identify suffers of a global buffer overflow issue, which I
reported and has been patched, you can find a reproducer in the github bug
tracker issue link


Comment 1 Aaron Bauman (RETIRED) gentoo-dev 2016-10-11 09:04:12 UTC
Here is the patch for =media-gfx/imagemagick-

>=media-gfx/imagemagick- have the patch included already.
Comment 2 Aaron Bauman (RETIRED) gentoo-dev 2016-10-11 09:05:03 UTC
Created attachment 449830 [details, diff]
patch for media-gfx/imagemagick-
Comment 3 Aaron Bauman (RETIRED) gentoo-dev 2016-10-11 10:30:53 UTC
After further discussion with one of the package maintainers they intend to stabilize >=media-gfx/imagemagick-
Comment 4 GLSAMaker/CVETool Bot gentoo-dev 2016-11-30 21:45:40 UTC
This issue was resolved and addressed in
 GLSA 201611-21 at
by GLSA coordinator Aaron Bauman (b-man).