Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 3 May 2016 18:00:39 -0700
From: Seth Arnold <seth.arnold@...onical.com>
To: Brandon Dees <brandon@...tta.com>
Cc: oss-security@...ts.openwall.com
Subject: Re: ImageMagick Is On Fire -- CVE-2016-3714

On Wed, May 04, 2016 at 12:05:16AM +0000, Brandon Dees wrote:
> is it appropriate to ask if the same issues are present in GraphicsMagick
> as well?

I haven't investigated deeply but it seems very plausible to me:
Here's the delegates.xml work-alike:
https://sourceforge.net/p/graphicsmagick/code/ci/default/tree/config/delegates.mgk.in

This appears to be executed via:
https://sourceforge.net/p/graphicsmagick/code/ci/default/tree/magick/delegate.c
which tries to escape arguments using UnixShellTextEscape(). This function
appears to replace \`"$ chars with backslash-escaped versions. I'm not
sure this is a safe mechanism either.

Thanks

Download attachment "signature.asc" of type "application/pgp-signature" (474 bytes)

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ