Bug#872481: marked as done (imagemagick: CVE-2017-12433)

Debian Bug Tracking System Thu, 08 Feb 2018 04:36:27 -0800

Your message dated Thu, 8 Feb 2018 13:31:57 +0100
with message-id 
<cae2spabzrfsk2uwa+bs7zacvnrgds7fnky8zo_emn6mtq7s...@mail.gmail.com>
and subject line Close
has caused the Debian Bug report #872481,
regarding imagemagick: CVE-2017-12433
to be marked as done.


This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
872481: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=872481
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

--- Begin Message ---

Source: imagemagick
Version: 8:6.9.7.4+dfsg-16
Severity: grave
Tags: security
Forwarded: https://github.com/ImageMagick/ImageMagick/issues/548

Hi,

the following vulnerability was published for imagemagick.

CVE-2017-12433[0]:
| In ImageMagick 7.0.6-1, a memory leak vulnerability was found in the
| function ReadPESImage in coders/pes.c, which allows attackers to cause
| a denial of service, related to ResizeMagickMemory in memory.c.

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2017-12433
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12433
[1] https://github.com/ImageMagick/ImageMagick/issues/548

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore



-- System Information:
Debian Release: buster/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 4.12.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

--- End Message ---

--- Begin Message ---
version: 8:6.9.9.6+dfsg-1
--- End Message ---

Bug#872481: marked as done (imagemagick: CVE-2017-12433)

Reply via email to