Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <87fuwkmj7e.fsf@prune.linuxpenguins.xyz>
Date: Tue, 23 Feb 2016 10:14:13 +1100
From: Brian May <brian@...uxpenguins.xyz>
To: oss security list <oss-security@...ts.openwall.com>
Subject: imagemagick: request for CVEs

Hello,

Debian has been tracking a number of security issues in imagemagick, and
as a Debian-LTS maintainer I have been advised to try to obtain CVEs for
these issue. On investigation some of these issues have already had CVE
requests however as far as I can tell, CVEs were not assigned (apologies
if I missed something), and I am not sure why.

As there are no CVEs allocated, I have used the temp ids given by Debian
for now.

https://security-tracker.debian.org/tracker/source-package/imagemagick



TEMP-0773834-5EB6CF: multiple vulnerabilities found by Google

CVE was already requested here:
http://www.openwall.com/lists/oss-security/2014/12/24/1



TEMP-0806441-76CD60: Integer and Buffer overflow in coders/icon.c

CVE was already requested here:
http://www.openwall.com/lists/oss-security/2015/10/07/2



TEMP-0806441-CB092C: Double free in coders/pict.c:2000

CVE was already requested here:
http://www.openwall.com/lists/oss-security/2015/10/07/2



TEMP-0811308-B63DA1 is multiple issues; each should have its own
CVE. Not sure if the momory leaks or the "PixelColor off by one" are
security issues, have included them here for sake of being complete:


  - Memory Leaks
    http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=28791
    Upstream fix: https://github.com/ImageMagick/ImageMagick/commit/9043f3d1fb76c8f4f158d75dc6e2455c43d2f1de



  - Out of bounds error in SpliceImage
    http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=28466
    Upstream fix: https://github.com/ImageMagick/ImageMagick/commit/7b1cf5784b5bcd85aa9293ecf56769f68c037231



  - Prevent null pointer access in magick/constitute.c
    https://github.com/ImageMagick/ImageMagick/pull/34
    Upstream fix: https://github.com/ImageMagick/ImageMagick/commit/5b4bebaa91849c592a8448bc353ab25a54ff8c44



  - PixelColor off by one on i386
    https://github.com/ImageMagick/ImageMagick/issues/54
    Upstream fix:
    https://github.com/ImageMagick/ImageMagick/commit/8f424002488d9f5ece29228d8ede0e39d838f38b
    https://github.com/ImageMagick/ImageMagick/commit/0e560d16873c166005eeb79bcca13b9f74177732
    https://github.com/ImageMagick/ImageMagick/commit/95c8394eaacc8c2f272177269416daf0b2ba004f
    


  - Fixed memory leak when reading incorrect PSD files
    Upstream fix: https://github.com/ImageMagick/ImageMagick/commit/bd9f1e7d1bd2c8e2cf7895d133c5c5b5cd3526b6


Regards
-- 
Brian May <brian@...uxpenguins.xyz>
https://linuxpenguins.xyz/brian/

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.