[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: ImageMagick Remote EXIF Parsing Buffer Overflow



On Tuesday 02 November 2004 12:14 pm, John Dalbec wrote:
>  From the @RISK digest (I'd post a bug, but Bugzilla's down):
>
> 04.43.24 CVE: Not Available
> Platform: Cross Platform
> Title: ImageMagick Remote EXIF Parsing Buffer Overflow
> Description: ImageMagick is an image manipulation program. It is
> reported to be vulnerable to a remote buffer overflow issue. The
> vulnerability exists due to improper boundary checks. All ImageMagick
> versions prior to 6.1.2 are reported to be vulnerable.
> Ref: http://secunia.com/advisories/12995/
>
> --
> fedora-legacy-list mailing list
> fedora-legacy-list redhat com
> http://www.redhat.com/mailman/listinfo/fedora-legacy-list

This has yet to appear on the Redhat  bugzilla, and Gentoo have just added the 
latest version to portage, so we don't have a patch for 5.x at this point in 
time. 

As soon as we have a consensus on one, I'll post new packages for 7.3.

- Si
-- 
Simon Weller LPIC-2
Systems Engineer
NZServers LTD
http://www.nzservers.com/
U.S. Branch

<-
To mess up a Linux box, you need to work at it; to mess up your Windows box, 
you just need to work on it.
 - Scott Granneman, Security Focus
->


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]