[Bug 214514] security/vuxml: Multiple security vulnerabilities in ImageMagick7
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Mon Nov 14 18:45:42 UTC 2016
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=214514
Bug ID: 214514
Summary: security/vuxml: Multiple security vulnerabilities in
ImageMagick7
Product: Ports & Packages
Version: Latest
Hardware: Any
OS: Any
Status: New
Keywords: needs-patch, security
Severity: Affects Some People
Priority: ---
Component: Individual Port(s)
Assignee: ports-secteam at FreeBSD.org
Reporter: vlad-fbsd at acheronmedia.com
Blocks: 214511
Flags: maintainer-feedback?(ports-secteam at FreeBSD.org)
Assignee: ports-secteam at FreeBSD.org
There are currently several known security vulnerabilities in ImageMagick 7,
one of which is still without a fix. VuXML entry patch pending, I'm waiting for
latest CVE assignment, and compiling a list of issues.
* Heap overflow (CVE pending)
https://github.com/ImageMagick/ImageMagick/issues/296
* Incomplete fix for CVE-2016-8862 (CVE-2016-8866)
https://blogs.gentoo.org/ago/2016/10/20/imagemagick-memory-allocation-failure-in-acquiremagickmemory-memory-c-incomplete-fix-for-cve-2016-8862/
* Memory allocation failure (CVE-2016-8862)
https://blogs.gentoo.org/ago/2016/10/17/imagemagick-memory-allocation-failure-in-acquiremagickmemory-memory-c/
Referenced Bugs:
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=214511
[Bug 214511] graphics/ImageMagick7: Update to 7.0.3-6 (security fixes)
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-ports-bugs
mailing list