Source: imagemagick Version: 8:6.9.7.4+dfsg-11 Severity: important Tags: security upstream X-Debbugs-CC: t...@security.debian.org X-Debbugs-CC: Salvatore Bonaccorso <car...@debian.org> control: found -1 8:6.8.9.9-5+deb8u8 control: found -1 8:6.8.9.9-5+deb8u9 control: found -1 8:6.7.7.10-5+deb7u14 control: found -1 8:6.7.7.10-5+deb7u4 forwarded: https://github.com/ImageMagick/ImageMagick/issues/509
DOS Because dpx.file.image_offset is a unsigned int, it can be controlled as large as 4294967295. This will cause ImageMagick spend a lot of time to process a crafted DPX imagefile, even if the imagefile is very small. Carnill I suppose they are CVE open but under embargo Bastien