Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 627036 (CVE-2017-12418) - <media-gfx/imagemagick-{6.9.9.9,7.0.6.9}: memory leaks in the parse8BIMW and format8BIM functions (CVE-2017-12418)
Summary: <media-gfx/imagemagick-{6.9.9.9,7.0.6.9}: memory leaks in the parse8BIMW and ...
Status: RESOLVED FIXED
Alias: CVE-2017-12418
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor
Assignee: Gentoo Security
URL:
Whiteboard: B3 [glsa cve]
Keywords:
Depends on:
Blocks:
 
Reported: 2017-08-04 07:34 UTC by Aleksandr Wagner (Kivak)
Modified: 2017-11-11 14:16 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Aleksandr Wagner (Kivak) 2017-08-04 07:34:20 UTC
CVE-2017-12418 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12418):

ImageMagick 7.0.6-5 has memory leaks in the parse8BIMW and format8BIM functions in coders/meta.c, related to the WriteImage function in MagickCore/constitute.c. 

References:

https://github.com/ImageMagick/ImageMagick/issues/643

Patch:

https://github.com/ImageMagick/ImageMagick/commit/bfd93888beccf2eff49cc9abfa6b5167c9c9109d
Comment 2 GLSAMaker/CVETool Bot gentoo-dev 2017-11-11 14:16:32 UTC
This issue was resolved and addressed in
 GLSA 201711-07 at https://security.gentoo.org/glsa/201711-07
by GLSA coordinator Aaron Bauman (b-man).