oss-sec mailing list archives

CVE Request: ImageMagick

From: Seth Arnold <seth.arnold () canonical com>
Date: Tue, 6 Oct 2015 21:38:11 -0700

Hello MITRE, all,

Moshe Kaplan has reported three flaws in ImageMagick to the Ubuntu
bugtracker and ImageMagick upstream.

https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1459747
Reportedly fixed with:
https://github.com/ImageMagick/ImageMagick/commit/0f6fc2d5bf8f500820c3dbcf0d23ee14f2d9f734

https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1490362
Reportedly fixed with:
https://github.com/ImageMagick/ImageMagick/commit/4f68e9661518463fca523c9726bb5d940a2aa6d8

https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1448803
Fix unknown.

The bugs include stacktraces and reproducer inputs.

Please assign CVEs as appropriate.

Thanks

Attachment: signature.asc
Description: Digital signature

Current thread:

CVE Request: ImageMagick Seth Arnold (Oct 06)
- Re: CVE Request: ImageMagick Stefan Cornelius (Oct 08)