[Buildroot] [PATCH] package/imagemagick: security bump to version 7.0.8-42
Peter Korsgaard
peter at korsgaard.com
Wed May 1 20:13:24 UTC 2019
>>>>> "Peter" == Peter Korsgaard <peter at korsgaard.com> writes:
> Fixes the following security issues:
> - CVE-2019-9956: In ImageMagick 7.0.8-35 Q16, there is a stack-based buffer
> overflow in the function PopHexPixel of coders/ps.c, which allows an
> attacker to cause a denial of service or code execution via a crafted
> image file.
> - CVE-2019-10650: In ImageMagick 7.0.8-36 Q16, there is a heap-based buffer
> over-read in the function WriteTIFFImage of coders/tiff.c, which allows an
> attacker to cause a denial of service or information disclosure via a
> crafted image file.
> Signed-off-by: Peter Korsgaard <peter at korsgaard.com>
Committed to 2019.02.x, thanks.
--
Bye, Peter Korsgaard
More information about the buildroot
mailing list