Bug#832890: [Pkg-gmagick-im-team] Bug#832890: CVE-2016-5687

Bastien ROUCARIES Fri, 29 Jul 2016 14:33:28 -0700

commit a988a2748af6d56057d00d61caed5ffc162015d1
Author: dirk <[email protected]>
Date:   Thu May 12 21:55:05 2016 +0200


    Raise warning instead of error because we return the image(s) read so far.

    (cherry picked from commit c023c438c61801e68ea86efc93c3577269f1a1ac)

    This is needed for fixing CVE-2016-5687

    origin: 
upstream,https://github.com/ImageMagick/ImageMagick/commit/c023c438c61801e68ea86efc93c3577269f1a1ac
    bug-debian: https://bugs.debian.org/832890

commit cc3677fff7e94c4e972aa09216cf8c03e3ab9da8
Author: dirk <[email protected]>
Date:   Sat Jul 18 22:13:41 2015 +0000

    Removed incorrect EOF check.

    (cherry picked from commit 0b7172f2ba2c9e664d4df148e7d6e14a50edb57a)

    This is needed for fixing CVE-2016-5687

    origin: 
upstream,https://github.com/ImageMagick/ImageMagick/commit/0b7172f2ba2c9e664d4df148e7d6e14a50edb57a
    bug-debian: https://bugs.debian.org/832890

On Fri, Jul 29, 2016 at 12:22 PM, Bastien ROUCARIES
<[email protected]> wrote:
> Package: src:imagemagick
> Version: 8:6.7.7.10-5
> Severity: grave
> Tags: patch security
> X-Debbugs-CC: [email protected]
>
>
> An out of bounds memory read in the VerticalFilter() function can be
> triggered by a malformed DDS file.
>
> _______________________________________________
> Pkg-gmagick-im-team mailing list
> [email protected]
> http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-gmagick-im-team

Bug#832890: [Pkg-gmagick-im-team] Bug#832890: CVE-2016-5687

Reply via email to