Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [day] [month] [year] [list]
Date: Mon, 17 Jul 2017 06:34:56 +0200
From: Salvatore Bonaccorso <>
To: OSS Security Mailinglist <>
Subject: ImageMagick: CVE-2017-11352: Improper EOF handling in coders/rle.c
 can trigger crash (Incomplete fix for CVE-2017-9144)


In ImageMagick before 7.0.5-10, a crafted RLE image can trigger a
crash because of incorrect EOF handling in coders/rle.c. This is
caused by an incomplete fix of CVE-2017-9144.

Upstream reference:

Upstream fix (ImageMagick-7):

Upstream fix (ImageMagick-6):

MITRE has assigned CVE-2017-11352 for this issue.


Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.