Bug 1017306

Summary: VUL-0: CVE-2014-9915: ImageMagick: Off-by-one count when parsing an 8BIM profile
Product: [Novell Products] SUSE Security Incidents Reporter: Johannes Segitz <jsegitz>
Component: IncidentsAssignee: Petr Gajdos <pgajdos>
Status: RESOLVED DUPLICATE QA Contact: Security Team bot <security-team>
Severity: Minor    
Priority: P3 - Medium CC: matthias.gerstner
Version: unspecified   
Target Milestone: ---   
Hardware: Other   
OS: Other   
Whiteboard: CVSSv2:SUSE:CVE-2014-9915:5.8:(AV:N/AC:M/Au:N/C:N/I:P/A:P) CVSSv2:NVD:CVE-2014-9915:4.3:(AV:N/AC:M/Au:N/C:N/I:N/A:P) CVSSv3:RedHat:CVE-2014-9915:3.3:(AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)
Found By: --- Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description Johannes Segitz 2016-12-27 09:06:37 UTC
Debian bug: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=767240
Reference URL: https://security-tracker.debian.org/767240
Upstream commit: N/A
Upstream issue: N/A
Upstream version fixed: 6.8.9-9

Use CVE-2014-9915. The scope of this CVE is only the "Off-by-one count
when parsing an 8BIM profile" issue, not the entirety of
Comment 1 Swamp Workflow Management 2016-12-27 23:00:15 UTC
bugbot adjusting priority
Comment 2 Johannes Segitz 2016-12-28 11:19:51 UTC
all ImageMagick issues from one oss posting were opened twice

*** This bug has been marked as a duplicate of bug 1016575 ***