[Buildroot] [PATCH] imagemagick: add upstream security fix for CVE-2017-7606

Peter Korsgaard peter at korsgaard.com
Wed Apr 26 07:12:00 UTC 2017


>>>>> "Peter" == Peter Korsgaard <peter at korsgaard.com> writes:

 > This is not yet part of any release.
 > coders/rle.c in ImageMagick 7.0.5-4 has an "outside the range of
 > representable values of type unsigned char" undefined behavior issue, which
 > might allow remote attackers to cause a denial of service (application
 > crash) or possibly have unspecified other impact via a crafted image.

 > For more details, see:
 > https://blogs.gentoo.org/ago/2017/04/02/imagemagick-undefined-behavior-in-codersrle-c/

 > Signed-off-by: Peter Korsgaard <peter at korsgaard.com>

Committed, thanks.

-- 
Bye, Peter Korsgaard



More information about the buildroot mailing list