Date: Mon, 15 Nov 2010 12:40:37 -0500 (EST) From: Josh Bressers <bressers@...hat.com> To: oss-security@...ts.openwall.com Cc: coley <coley@...re.org> Subject: Re: CVE request: ImageMagick opens config files in $CWD ----- "Vincent Danen" <vdanen@...hat.com> wrote: > Noticed this in the Debian BTS. It's been fixed in upstream svn, and > would be a fairly low impact issue. The Debian report has a proof of > concept. > > Could we get a CVE assigned for this issue? Thanks. > > References: > > http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=601824 > https://bugzilla.redhat.com/show_bug.cgi?id=652860 > Please use CVE-2010-4167. Thanks. -- JB
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.