[Buildroot] [PATCH] package/imagemagick: security bump to version 7.0.8-42

Peter Korsgaard peter at korsgaard.com
Tue Apr 30 11:19:15 UTC 2019


>>>>> "Peter" == Peter Korsgaard <peter at korsgaard.com> writes:

 > Fixes the following security issues:
 > - CVE-2019-9956: In ImageMagick 7.0.8-35 Q16, there is a stack-based buffer
 >   overflow in the function PopHexPixel of coders/ps.c, which allows an
 >   attacker to cause a denial of service or code execution via a crafted
 >   image file.

 > - CVE-2019-10650: In ImageMagick 7.0.8-36 Q16, there is a heap-based buffer
 >   over-read in the function WriteTIFFImage of coders/tiff.c, which allows an
 >   attacker to cause a denial of service or information disclosure via a
 >   crafted image file.

 > Signed-off-by: Peter Korsgaard <peter at korsgaard.com>

Committed, thanks.

-- 
Bye, Peter Korsgaard


More information about the buildroot mailing list