A Debian developer recently found a security flaw in the two versions of
ImageMagick (6.0.6.2 and 6.2.4.5) that are distributed with Debian:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=345595
The problem has been assigned a CVE name of CVE-2006-2440:
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-2440
Has this problem been fixed in the current version (6.2.7) of
ImageMagick? My quick reading of the source suggests that it has been,
but I'd appreciate confirmation from someone more familiar with the
ImageMagick source code.
craig
--
Craig Harman
Research Programmer
Rochester Center for Brain Imaging
charman @ rcbi rochester edu / vox: 585-275-4822
_______________________________________________
Magick-developers mailing list
[email protected]
http://studio.imagemagick.org/mailman/listinfo/magick-developers
