Thanks for the bug report.
I used the proof-of-concept image for CVE-2008-1096 to try and reproduce
it with hardy and intrepid, but the following code in coders/xcf.c
protects against it:
if (nmemb_read_successfully > (ssize_t) (tile_image->columns*tile_image->rows
))
ThrowBinaryException(CorruptImageError,"NotEnoughPixelData",image->filename);
I released updates today for Dapper and Gutsy.
I'm closing this bug. If you think Hardy and Intrepid are still
vulnerable, please do not hesitate to re-open it.
** Changed in: imagemagick (Ubuntu)
Status: New => Fix Released
--
CVE-2008-1096
https://bugs.launchpad.net/bugs/302102
You received this bug notification because you are a member of Ubuntu
Bugs, which is a direct subscriber.
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
