1
PublicDateAtUSN: 2018-05-18
2
Candidate: CVE-2017-18273
5
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18273
6
https://usn.ubuntu.com/usn/usn-3681-1
8
In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-22, an infinite loop
9
vulnerability was found in the function ReadTXTImage in coders/txt.c, which
10
allows attackers to cause a denial of service (CPU exhaustion) via a
11
crafted image file that is mishandled in a GetImageIndexInList call.
14
mdeslaur> CVE-2017-18273.patch in wheezy
16
https://github.com/ImageMagick/ImageMagick/issues/910
23
upstream: https://github.com/ImageMagick/ImageMagick/commit/b8fcb59e9e1d1189caf2e0f5e39346944dcd6b9d
24
upstream_imagemagick: released (8:6.9.9.34+dfsg-3)
25
precise/esm_imagemagick: DNE
26
trusty_imagemagick: released (8:6.7.7.10-6ubuntu3.11)
27
xenial_imagemagick: released (8:6.8.9.9-7ubuntu5.11)
28
artful_imagemagick: released (8:6.9.7.4+dfsg-16ubuntu2.2)
29
bionic_imagemagick: released (8:6.9.7.4+dfsg-16ubuntu6.2)
30
devel_imagemagick: needed