Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 31 May 2016 11:09:44 +0200
From: Stefan Cornelius <>
To: Bob Friesenhahn <>
Subject: Re: Security issues addressed in GraphicsMagick SVG

On Fri, 27 May 2016 09:37:38 -0500 (CDT)
Bob Friesenhahn <> wrote:

> ===========================================
> SVG Security Improvements in GraphicsMagick
> ===========================================
> This is a summary of security improvements made to development
> GraphicsMagick's SVG reader since the 1.3.23 release.  These
> improvements were made in response to fuzz testing by Gustavo Grieco
> (using Quickfuzz) which and which resulted in CVE-2016-2317 and
> CVE-2016-2318.  We are thankful that Gustavo has been willing to
> continue fuzz testing as improvements have been made.


I'm curious, are these the CVEs for the issues that still have an
outstanding CVE request at - or
are they completely unrelated?

(If they are indeed the same/related, can you give more details about
the exact mapping?)

Stefan Cornelius / Red Hat Product Security

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ