1
PublicDateAtUSN: 2015-12-31
2
Candidate: CVE-2015-8897
5
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8897
6
http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=28466
7
https://usn.ubuntu.com/usn/usn-3131-1
9
The SpliceImage function in MagickCore/transform.c in ImageMagick before
10
6.9.2-4 allows remote attackers to cause a denial of service (application
11
crash) via a crafted png file.
14
mdeslaur> This is 0072-Fixed-out-of-bounds-error-in-SpliceImage.patch
21
upstream: https://github.com/ImageMagick/ImageMagick/commit/7b1cf5784b5bcd85aa9293ecf56769f68c037231
22
upstream_imagemagick: released (8:6.8.9.9-7)
23
precise_imagemagick: released (8:6.6.9.7-5ubuntu3.5)
24
trusty_imagemagick: released (8:6.7.7.10-6ubuntu3.2)
25
vivid/stable-phone-overlay_imagemagick: DNE
26
vivid/ubuntu-core_imagemagick: DNE
27
wily_imagemagick: ignored (reached end-of-life)
28
xenial_imagemagick: not-affected (8:6.8.9.9-7ubuntu5)
29
yakkety_imagemagick: not-affected (8:6.8.9.9-7ubuntu8)
30
devel_imagemagick: not-affected (8:6.8.9.9-7ubuntu9)