oss-sec mailing list archives
Re: Request cve for imagemagick security problem (DOS)
From: Hanno Böck <hanno () hboeck de>
Date: Wed, 29 Oct 2014 21:05:18 +0100
Am Wed, 29 Oct 2014 16:17:09 +0100 schrieb Bastien ROUCARIES <roucaries.bastien () gmail com>:
Version 6.8.9.9 and more recent are fixed.
This imagemagick release fixes also three issues I detected via zzuf+asan. I haven't found the time yet to write proper disclosures yet: Out-of-bound memory error in resize code is CVE-2014-8354 Out-of-bound memory error in PCX decoder is CVE-2014-8355 Out-of-bound memory error in DCM decode has no CVE yet (if CVE assigners read this they may assign one). -- Hanno Böck http://hboeck.de/ mail/jabber: hanno () hboeck de GPG: BBB51E42
Attachment:
signature.asc
Description:
Current thread:
- Request cve for imagemagick security problem (DOS) Bastien ROUCARIES (Oct 29)
- Re: Request cve for imagemagick security problem (DOS) Hanno Böck (Oct 29)
- Re: Request cve for imagemagick security problem cve-assign (Oct 30)
- Re: Request cve for imagemagick security problem (DOS) Hanno Böck (Oct 29)