ImageMagick Remote EXIF Parsing Buffer Overflow
Simon Weller
simon at nzservers.com
Tue Nov 2 18:52:11 UTC 2004
On Tuesday 02 November 2004 12:14 pm, John Dalbec wrote:
> From the @RISK digest (I'd post a bug, but Bugzilla's down):
>
> 04.43.24 CVE: Not Available
> Platform: Cross Platform
> Title: ImageMagick Remote EXIF Parsing Buffer Overflow
> Description: ImageMagick is an image manipulation program. It is
> reported to be vulnerable to a remote buffer overflow issue. The
> vulnerability exists due to improper boundary checks. All ImageMagick
> versions prior to 6.1.2 are reported to be vulnerable.
> Ref: http://secunia.com/advisories/12995/
>
> --
> fedora-legacy-list mailing list
> fedora-legacy-list at redhat.com
> http://www.redhat.com/mailman/listinfo/fedora-legacy-list
This has yet to appear on the Redhat bugzilla, and Gentoo have just added the
latest version to portage, so we don't have a patch for 5.x at this point in
time.
As soon as we have a consensus on one, I'll post new packages for 7.3.
- Si
--
Simon Weller LPIC-2
Systems Engineer
NZServers LTD
http://www.nzservers.com/
U.S. Branch
<-
To mess up a Linux box, you need to work at it; to mess up your Windows box,
you just need to work on it.
- Scott Granneman, Security Focus
->
More information about the fedora-legacy-list
mailing list