On Mon, Aug 27, 2012 at 11:14 AM, Bastien ROUCARIES <[email protected]> wrote: > On Sun, Aug 26, 2012 at 4:41 PM, Florian Weimer <[email protected]> wrote: >> * Willi Mann: >> >>> I'd like to make you aware of this imagemagick (IM) bug, which could >>> be used to conduct a DoS attack against web applications using IM as a >>> library. Note that stable is not affected, the bug only applies to >>> current testing/unstable. However, other distributions shipping newer >>> IM versions in their release versions could also be affected. >> >> I'm not sure if this is a security issue. Is it necessary that the >> image is crafted in a particular way? >> >> Could you please backport this change: >> >> http://trac.imagemagick.org/changeset?reponame=&new=8762%40ImageMagick%2Ftrunk%2FMagickCore%2Fcache-view.c&old=8759%40ImageMagick%2Ftrunk%2FMagickCore%2Fcache-view.c >> >> , upload to unstable, and request a freeze exception from the release >> team? Thanks. > > Will do today in fact. Notice that problem is larger see > http://trac.imagemagick.org/changeset/8762, we could hit this assert > during resizing
I have just uploader under mentor. could you please test ? Vincent could you upload please to unstable ? Thanks > Bastien -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
