[Buildroot] [PATCH] imagemagick: add upstream security fix for CVE-2017-7606
Peter Korsgaard
peter at korsgaard.com
Wed Apr 26 07:12:00 UTC 2017
>>>>> "Peter" == Peter Korsgaard <peter at korsgaard.com> writes:
> This is not yet part of any release.
> coders/rle.c in ImageMagick 7.0.5-4 has an "outside the range of
> representable values of type unsigned char" undefined behavior issue, which
> might allow remote attackers to cause a denial of service (application
> crash) or possibly have unspecified other impact via a crafted image.
> For more details, see:
> https://blogs.gentoo.org/ago/2017/04/02/imagemagick-undefined-behavior-in-codersrle-c/
> Signed-off-by: Peter Korsgaard <peter at korsgaard.com>
Committed, thanks.
--
Bye, Peter Korsgaard
More information about the buildroot
mailing list