Bug 1111068 - (CVE-2018-18023) VUL-1: CVE-2018-18023: GraphicsMagick,ImageMagick: heap-based buffer over-read in the SVGStripString function of coders/svg.c
(CVE-2018-18023)
VUL-1: CVE-2018-18023: GraphicsMagick,ImageMagick: heap-based buffer over-rea...
Status: RESOLVED INVALID
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P4 - Low : Minor
: ---
Assigned To: Petr Gajdos
Security Team bot
https://smash.suse.de/issue/216251/
CVSSv3:SUSE:CVE-2018-18023:4.4:(AV:L...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2018-10-08 13:18 UTC by Karol Babioch
Modified: 2018-10-10 09:58 UTC (History)
1 user (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Comment 1 Karol Babioch 2018-10-10 09:58:59 UTC
We are not affected by this, since the vulnerable code was only introduced with upstream commit 578a60bd37051326d59ef656145dd2780693caac, which first appeared in "7.0.8-2". We only ship version older than this.