Date: Fri, 12 Nov 2010 18:30:12 -0700 From: Vincent Danen <vdanen@...hat.com> To: oss-security@...ts.openwall.com Subject: CVE request: ImageMagick opens config files in $CWD Noticed this in the Debian BTS. It's been fixed in upstream svn, and would be a fairly low impact issue. The Debian report has a proof of concept. Could we get a CVE assigned for this issue? Thanks. References: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=601824 https://bugzilla.redhat.com/show_bug.cgi?id=652860 -- Vincent Danen / Red Hat Security Response Team
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.