[Secure-testing-team] Bug#862967: imagemagick: use of uninitialized memory in RLE decoder
Salvatore Bonaccorso
carnil at debian.org
Fri May 19 12:15:28 UTC 2017
Source: imagemagick
Version: 8:6.9.7.4+dfsg-8
Severity: grave
Tags: security upstream patch
Hi
See
https://scarybeastsecurity.blogspot.com/2017/05/bleed-continues-18-byte-file-14k-bounty.html
for details, which has been addressed via
https://github.com/ImageMagick/ImageMagick/commit/1c358ffe0049f768dd49a8a889c1cbf99ac9849b
Regards,
Salvatore
More information about the Secure-testing-team
mailing list