Date: Thu, 12 Aug 2004 14:20:51 +0400 From: Andrey Chernov <ache@nagual.pp.ru> To: Oliver Eikemeier <eikemeier@fillmore-labs.com> Cc: security@FreeBSD.ORG Subject: Re: False vuxml alarms (ImageMagick) Message-ID: <20040812102051.GA92918@nagual.pp.ru> In-Reply-To: <E7492754-EC47-11D8-887A-00039312D914@fillmore-labs.com> References: <20040812094655.GB89851@nagual.pp.ru> <E7492754-EC47-11D8-887A-00039312D914@fillmore-labs.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Aug 12, 2004 at 12:10:57PM +0200, Oliver Eikemeier wrote: > The vulnerability database is open for every committer to commit to. But > before changing the entry: what makes you believe version 6.0.2.7 is not > vulnerable? http://www.imagemagick.org/www/Changelog.html seems to be a > good indicator that it is... Do you mean vuln.xml corresponding entry (ImageMagick) should be removed? I mean this part printed, it is wrong: >>>>>libpng stack-based buffer overflow and other code concerns. >>> Reference: >>><http://www.FreeBSD.org/ports/portaudit/f9e3e60b-e650-11d8-9b0a-000347a4fa7d. >>>html> because libpng is already fixed. -- Andrey Chernov | http://ache.pp.ru/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040812102051.GA92918>