← Back to branch summary

~ubuntu-security/ubuntu-cve-tracker/master

« back to all changes in this revision

Viewing changes to active/CVE-2017-14249

  • Committer: Steve Beattie
  • Date: 2019-02-19 06:18:27 UTC
  • Revision ID: sbeattie@ubuntu.com-20190219061827-oh57fzcfc1u9dlfk
The ubuntu-cve-tracker project has been converted to git.

Please use 'git clone https://git.launchpad.net/ubuntu-cve-tracker' to
get the converted tree.

Show diffs side-by-side

added added

removed removed

Lines of Context:
active/CVE-2017-14249
1
 
PublicDateAtUSN: 2017-09-11
2
 
Candidate: CVE-2017-14249
3
 
PublicDate: 2017-09-11
4
 
References:
5
 
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14249
6
 
 https://usn.ubuntu.com/usn/usn-3681-1
7
 
Description:
8
 
 ImageMagick 7.0.6-8 Q16 mishandles EOF checks in ReadMPCImage in
9
 
 coders/mpc.c, leading to division by zero in GetPixelCacheTileSize in
10
 
 MagickCore/cache.c, allowing remote attackers to cause a denial of service
11
 
 via a crafted file.
12
 
Ubuntu-Description:
13
 
Notes:
14
 
 mdeslaur> 0317-CVE-2017-14249-Fix-DoS-missing-EOF-check-in-ReadMPCImage.patch in wheezy
15
 
Bugs:
16
 
 https://github.com/ImageMagick/ImageMagick/issues/708
17
 
 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876099
18
 
Priority: low
19
 
Discovered-by:
20
 
Assigned-to:
21
 
 
22
 
Patches_imagemagick:
23
 
 upstream: https://github.com/ImageMagick/ImageMagick/commit/66112b7a7b64f688efe6fec53a829874a74dea04
24
 
upstream_imagemagick: released (8:6.9.9.34+dfsg-3)
25
 
precise/esm_imagemagick: DNE
26
 
trusty_imagemagick: released (8:6.7.7.10-6ubuntu3.11)
27
 
vivid/ubuntu-core_imagemagick: DNE
28
 
xenial_imagemagick: released (8:6.8.9.9-7ubuntu5.11)
29
 
zesty_imagemagick: ignored (reached end-of-life)
30
 
artful_imagemagick: released (8:6.9.7.4+dfsg-16ubuntu2.2)
31
 
bionic_imagemagick: released (8:6.9.7.4+dfsg-16ubuntu6.2)
32
 
devel_imagemagick: needed