1
PublicDateAtUSN: 2017-08-23
2
Candidate: CVE-2017-13145
5
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13145
6
https://usn.ubuntu.com/usn/usn-3681-1
8
In ImageMagick before 6.9.8-8 and 7.x before 7.0.5-9, the ReadJP2Image
9
function in coders/jp2.c does not properly validate the channel geometry,
13
mdeslaur> 0097-Fix-a-crash-in-jp2-codec.patch in unstable
14
mdeslaur> 0084-Fix-a-crash-in-jp2-codec.patch in stretch
16
https://github.com/ImageMagick/ImageMagick/issues/501
17
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869830
23
upstream: https://github.com/ImageMagick/ImageMagick/commit/acee073df34aa4d491bf5cb74d3a15fc80f0a3aa
24
upstream: https://github.com/ImageMagick/ImageMagick/commit/ac23b02ecb741e5de60f5235ea443790c88a0b80
25
upstream: https://github.com/ImageMagick/ImageMagick/commit/b0c5222ce31e8f941fa02ff9c7a040fb2db30dbc
26
upstream_imagemagick: released (8:6.9.7.4+dfsg-13)
27
precise/esm_imagemagick: DNE
28
trusty_imagemagick: not-affected (code not present)
29
vivid/ubuntu-core_imagemagick: DNE
30
xenial_imagemagick: released (8:6.8.9.9-7ubuntu5.11)
31
zesty_imagemagick: ignored (reached end-of-life)
32
artful_imagemagick: not-affected (8:6.9.7.4+dfsg-16ubuntu2)
33
bionic_imagemagick: not-affected (8:6.9.7.4+dfsg-16ubuntu2)
34
devel_imagemagick: not-affected (8:6.9.7.4+dfsg-16ubuntu2)