Bugzilla – Bug 1016596
VUL-0: imagemagick: mat file out of bound
Last modified: 2017-04-15 10:42:58 UTC
Ref: http://seclists.org/oss-sec/2016/q4/713 ============================================== Debian bug: https://bugs.debian.org/845246 Reference URL: https://security-tracker.debian.org/845246 Upstream commit: - https://github.com/ImageMagick/ImageMagick/commit/b173a352397877775c51c9a0e9d59eb6ce24c455 - https://github.com/ImageMagick/ImageMagick/commit/f3b483e8b054c50149912523b4773687e18afe25 Upstream issue: https://github.com/ImageMagick/ImageMagick/issues/131 Upstream version fixed: 6.9.4-0 Commits against 6 branch, unknown if fixed or relevant on 7 branch. ==============================================
bugbot adjusting priority
An allocation for a number of (unsigned char) is made but in worst case a number of (double) seems to be required for MAT images. ImageMagick [affected] SLE-12:Update in coders/mat.c:874 [affected] SLE-11:Update in coders/mat.c:819 [affected] openSUSE:13.2:Update in coders/mat.c:879 GraphicsMagick [affected] SLE-11:Update in coders/mat.c:687 [affected] openSUSE:42.2:Update in coders/mat.c:556,994 [affected] openSUSE:42.1:Update in coders/mat.c:716 [affected] openSUSE:13.2:Update in coders/mat.c:710
all ImageMagick issues from one oss posting were opened twice *** This bug has been marked as a duplicate of bug 1017326 ***