Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Thu, 20 Oct 2016 01:28:09 -0400 (EDT)
From: cve-assign@...re.org
To: ago@...too.org
Cc: cve-assign@...re.org, oss-security@...ts.openwall.com
Subject: Re: imagemagick: memory allocation failure in AcquireMagickMemory (memory.c)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

> https://blogs.gentoo.org/ago/2016/10/17/imagemagick-memory-allocation-failure-in-acquiremagickmemory-memory-c/
> 
> AddressSanitizer failed to allocate 0x99ad49000 bytes of LargeMmapAllocator
> 
> #9 0x7fe5713b3b3b in AcquireMagickMemory ... ImageMagick-7.0.3-0/MagickCore/memory.c:460:10
> 
> https://github.com/ImageMagick/ImageMagick/commit/aea6c6507f55632829e6432f8177a084a57c9fcc

>> coders/rle.c

Use CVE-2016-8862.

- -- 
CVE Assignment Team
M/S M300, 202 Burlington Road, Bedford, MA 01730 USA
[ A PGP key is available for encrypted communications at
  http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJYCFVwAAoJEHb/MwWLVhi2mAsP/1YzJifP793z4w614RoTUA7b
jUkA+sQqO1K9QCLbLxu2WQim5i/NUQoA6PndyleVK/xUfBLoluPpgIc+goGJI8GX
IPIas9M30+donfLhxuwvK68rrxxk6F1ISvsSs7ib8vtcb6jPrIuwH1FJurnAwHas
XSEDMSnwO+kad7wKmshC+GnMwyEi5uj2lXjQxxFF0WiwCJB8Stso8ryPSEGFk6cX
3zzPDMlg7q1A76uAU002yKzkHwB6QeYG6QzrewBv0fDNyQ3VgLNQDPw7FTz8yFF2
5A1YfXb5kTodLjzO3ICg/bBGOBctuBueeIay9wNzBIjeXPIHn6cAJkqdHY3UiMSO
ZUXKwqOwbuvnV9HRVaMjraAzY/wGndn6h8lDqfYWs03AdnaL882+iNuDXh5vTX/u
iBT+YQKnx8SGykWOscRAW296WCgJ+xNTU+mEuk/SzjFzxNKRsyeTdcRiJOPzdPHx
5yxxeOdQd4FSYOUL+V29PuLcBivoNI8ZJ+qgsxornsBB/iw+dp9dRQ/i4jGBnamr
IDW0VSjSl09nO1cNKgnOFvcTGZFblWd2b/2FQPbDMrMUnMa4mKq+PkuDC+FAOh90
y5OliXNX9mYrmVUtg1SYxJzaQzbs+eumSOK473tyF3sncYldCyZqS3G1ye8F7+4X
zIVVHtg4Fh4pITfRPJlH
=4WTn
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.