Package: imagemagick
Version: 8:6.6.0.4-3+squeeze1
Severity: grave
Tags: security
Justification: user security hole
all the programs in the imagemagick package fail when run with ElectricFence
memory debugger.
How to reproduce:
install electric-fence and imagemagicks packages
run:
notfound 668075 8:6.6.9.7-7
severity 668075 normal
thanks
Hello,
Thanks for your report. I don't have the means to reproduce in a
squeeze environment for now, but it doesn't occur anymore in wheezy
(or later).
On what do you base your claim that it is a user security hole ?
While I agree
tag 668075 unreproducible
thanks
Hello again,
I've had the time to play with a squeeze chroot, and the memory
problem you mention isn't detected by either the glibc library or
valgrind. Are you sure this isn't some sort of artifact of
ElectricFence ?
Cheers,
Vincent
--
To
On Sun, 8 Apr 2012, Vincent Fourmond wrote:
tag 668075 unreproducible
thanks
Hello again,
I've had the time to play with a squeeze chroot, and the memory
problem you mention isn't detected by either the glibc library or
valgrind. Are you sure this isn't some sort of artifact of
4 matches
Mail list logo