1
PublicDateAtUSN: 2015-12-31
2
Candidate: CVE-2015-8895
5
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8895
6
http://www.openwall.com/lists/oss-security/2015/10/07/2
7
http://www.openwall.com/lists/oss-security/2016/02/22/4
8
https://usn.ubuntu.com/usn/usn-3131-1
10
Integer overflow in coders/icon.c in ImageMagick 6.9.1-3 and later allows
11
remote attackers to cause a denial of service (application crash) via a
12
crafted length value, which triggers a buffer overflow.
15
mdeslaur> This is 0095-Fix-multiple-out-of-bound-problem.patch
17
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=806441
18
https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1459747
24
upstream: https://github.com/ImageMagick/ImageMagick/commit/0f6fc2d5bf8f500820c3dbcf0d23ee14f2d9f734
25
upstream_imagemagick: released (8:6.8.9.9-7)
26
precise_imagemagick: released (8:6.6.9.7-5ubuntu3.5)
27
trusty_imagemagick: released (8:6.7.7.10-6ubuntu3.2)
28
vivid/stable-phone-overlay_imagemagick: DNE
29
vivid/ubuntu-core_imagemagick: DNE
30
wily_imagemagick: ignored (reached end-of-life)
31
xenial_imagemagick: not-affected (8:6.8.9.9-7ubuntu5)
32
yakkety_imagemagick: not-affected (8:6.8.9.9-7ubuntu8)
33
devel_imagemagick: not-affected (8:6.8.9.9-7ubuntu9)