1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
|
PublicDateAtUSN: 2015-12-31
Candidate: CVE-2015-8898
PublicDate: 2017-03-15
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8898
https://github.com/ImageMagick/ImageMagick/pull/34
http://www.ubuntu.com/usn/usn-3131-1
Description:
The WriteImages function in magick/constitute.c in ImageMagick before
6.9.2-4 allows remote attackers to cause a denial of service (NULL pointer
dereference) via a crafted image file.
Ubuntu-Description:
Notes:
mdeslaur> This is 0071-Prevent-null-pointer-access-in-magick-constitute.c.patch
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
Patches_imagemagick:
upstream: https://github.com/ImageMagick/ImageMagick/commit/5b4bebaa91849c592a8448bc353ab25a54ff8c44
upstream_imagemagick: released (8:6.8.9.9-7)
precise_imagemagick: released (8:6.6.9.7-5ubuntu3.5)
trusty_imagemagick: released (8:6.7.7.10-6ubuntu3.2)
vivid/stable-phone-overlay_imagemagick: DNE
vivid/ubuntu-core_imagemagick: DNE
wily_imagemagick: ignored (reached end-of-life)
xenial_imagemagick: not-affected (8:6.8.9.9-7ubuntu5)
yakkety_imagemagick: not-affected (8:6.8.9.9-7ubuntu8)
devel_imagemagick: not-affected (8:6.8.9.9-7ubuntu9)
|