Date: Mon, 14 Nov 2016 18:45:41 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-ports-bugs@FreeBSD.org Subject: [Bug 214514] security/vuxml: Multiple security vulnerabilities in ImageMagick7 Message-ID: <bug-214514-13@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D214514 Bug ID: 214514 Summary: security/vuxml: Multiple security vulnerabilities in ImageMagick7 Product: Ports & Packages Version: Latest Hardware: Any OS: Any Status: New Keywords: needs-patch, security Severity: Affects Some People Priority: --- Component: Individual Port(s) Assignee: ports-secteam@FreeBSD.org Reporter: vlad-fbsd@acheronmedia.com Blocks: 214511 Flags: maintainer-feedback?(ports-secteam@FreeBSD.org) Assignee: ports-secteam@FreeBSD.org There are currently several known security vulnerabilities in ImageMagick 7, one of which is still without a fix. VuXML entry patch pending, I'm waiting= for latest CVE assignment, and compiling a list of issues. * Heap overflow (CVE pending) https://github.com/ImageMagick/ImageMagick/issues/296 * Incomplete fix for CVE-2016-8862 (CVE-2016-8866) =20 https://blogs.gentoo.org/ago/2016/10/20/imagemagick-memory-allocation-failu= re-in-acquiremagickmemory-memory-c-incomplete-fix-for-cve-2016-8862/ * Memory allocation failure (CVE-2016-8862) =20 https://blogs.gentoo.org/ago/2016/10/17/imagemagick-memory-allocation-failu= re-in-acquiremagickmemory-memory-c/ Referenced Bugs: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D214511 [Bug 214511] graphics/ImageMagick7: Update to 7.0.3-6 (security fixes) --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-214514-13>