Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Wed, 11 May 2016 20:36:56 -0700
From: David Chan <david@...anm.com>
To: oss-security@...ts.openwall.com
Subject: Re: GraphicsMagick Response To "ImageTragick"

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

On 5/9/2016 12:03 PM, John Lightsey wrote:
> On Mon, 2016-05-09 at 18:20 +0100, Simon McVittie wrote:
>> On Mon, 09 May 2016 at 08:29:40 -0500, Bob Friesenhahn wrote:
> 
> 
> The "man" attack vector needs the same determination.
> 
> It is similar to CVE-2016-3717 in impact, but uses a different
> codepath. The existing fixes for CVE-2016-3717 do not address it.
> 

The patch which fixes the gplt vector also fixes a related vector in gs.
The lack of -dSAFER when invoking Ghostscript allows for arbitrary
file read/write. Sander Bos noticed that ImageMagick isn't affected
by this bug. Given that the -dSAFER bug is specific to GraphicsMagick,
I think a separate CVE should be assigned.

David
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQEcBAEBCAAGBQJXM/pYAAoJEFNDksGFxk4g+kMH/2oeXMLdfZqup02Zq5IJ1zIf
cDpU2CLrDcNyyKAC81WviR6A8jj7VX58rI4O4be/OBlO+6X6CP5PVZzERisqlqdO
sIpHryXReA1rjPPDB3WWXY3ijLPVozitTmM0p+81TfHrkL0LTc/ZXUMeAEw2xRgw
dzU31nAMTIKV/FS87VkTesScotDLAEXXAxeD4LEepGoxTCqVctjLvk0yXBg9tpZc
LwB+2EKMA45bMo0mRNRUnSCIhQXNHSdTpjnmR53nd5BYZtVPvVy3n31QaSXmt4MF
OsghVcp44/Nb8Etkictu78yHusnXa6stTctdLzRS+51XzGj6nvW4VF89T+ASl/Q=
=yy3S
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ