thr3ads.net - Secure testing team - [Secure-testing-team] Bug#665007: CVE-2012-1185 / CVE-2012-1186: incomplete ImageMagick fixes for CVE-2012-0247 / CVE-2012-0248 [Mar 2012]

If this information is useful, please help other people find it:
Share via:

Twitter
Facebook
Email

Giuseppe Iuculano

2012-Mar-22 10:22 UTC

[Secure-testing-team] Bug#665007: CVE-2012-1185 / CVE-2012-1186: incomplete ImageMagick fixes for CVE-2012-0247 / CVE-2012-0248

Package: imagemagick
Severity: serious
Tags: security

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi,

The original fixes for the ImageMagick issues CVE-2012-0247 and
CVE-2012-0248 are incomplete.

Please see:

http://seclists.org/oss-sec/2012/q1/685
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1185
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1186

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iEYEARECAAYFAk9q/WUACgkQNxpp46476arBQgCeLZLei0zKKvxadUhYfFUpLw6f
EF4An30VihPmJDQmyY8MzuOibIoIT5Yx
=mRjI
-----END PGP SIGNATURE-----

Secure testing team - Mar 2012 - Bug#665007: CVE-2012-1185 / CVE-2012-1186: incomplete ImageMagick fixes for CVE-2012-0247 / CVE-2012-0248

[Secure-testing-team] Bug#665007: CVE-2012-1185 / CVE-2012-1186: incomplete ImageMagick fixes for CVE-2012-0247 / CVE-2012-0248