Source: imagemagick Version: 8:6.9.11.60+dfsg-1.6 Severity: important Tags: security upstream X-Debbugs-Cc: car...@debian.org, Debian Security Team <t...@security.debian.org> Control: fixed -1 8:6.9.12.20+dfsg1-1
Hi, The following vulnerability was published for imagemagick. CVE-2021-3610[0]: | A heap-based buffer overflow vulnerability was found in ImageMagick in | versions prior to 7.0.11-14 in ReadTIFFImage() in coders/tiff.c. This | issue is due to an incorrect setting of the pixel array size, which | can lead to a crash and segmentation fault. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2021-3610 https://www.cve.org/CVERecord?id=CVE-2021-3610 Please adjust the affected versions in the BTS as needed. Regards, Salvatore