| Message ID | 20221019182334.2280837-1-fontaine.fabrice@gmail.com |
|---|---|
| State | Accepted |
| Headers | show |
| Series | [1/1] package/imagemagick: security bump to version 7.1.0-51 | expand |
>>>>> "Fabrice" == Fabrice Fontaine <fontaine.fabrice@gmail.com> writes: > Fix CVE-2022-3213: A heap buffer overflow issue was found in > ImageMagick. When an application processes a malformed TIFF file, it > could lead to undefined behavior or a crash causing a denial of > service. > https://github.com/ImageMagick/Website/blob/main/ChangeLog.md > Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Committed, thanks.
>>>>> "Fabrice" == Fabrice Fontaine <fontaine.fabrice@gmail.com> writes: > Fix CVE-2022-3213: A heap buffer overflow issue was found in > ImageMagick. When an application processes a malformed TIFF file, it > could lead to undefined behavior or a crash causing a denial of > service. > https://github.com/ImageMagick/Website/blob/main/ChangeLog.md > Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Committed to 2022.08.x and 2022.02.x, thanks.
diff --git a/package/imagemagick/imagemagick.hash b/package/imagemagick/imagemagick.hash index ff0f3e26c6..8988dad5da 100644 --- a/package/imagemagick/imagemagick.hash +++ b/package/imagemagick/imagemagick.hash @@ -1,3 +1,3 @@ # Locally computed -sha256 3df6ca6dff15a4e8a20b4593c60285a59e38890440494d91a344e5c0e2bb3eec imagemagick-7.1.0-45.tar.gz +sha256 4333ef2fe63f2510988af82b726f5b1919ebd54037ea6674566c69fcceb67e11 imagemagick-7.1.0-51.tar.gz sha256 8cceeb67d4e783cb63075c7311fdb990fa0369ee80fbd0f481064cd02386ca2d LICENSE diff --git a/package/imagemagick/imagemagick.mk b/package/imagemagick/imagemagick.mk index 893606ff01..6bdf24c1e8 100644 --- a/package/imagemagick/imagemagick.mk +++ b/package/imagemagick/imagemagick.mk @@ -4,7 +4,7 @@ # ################################################################################ -IMAGEMAGICK_VERSION = 7.1.0-45 +IMAGEMAGICK_VERSION = 7.1.0-51 IMAGEMAGICK_SITE = $(call github,ImageMagick,ImageMagick,$(IMAGEMAGICK_VERSION)) IMAGEMAGICK_LICENSE = Apache-2.0 IMAGEMAGICK_LICENSE_FILES = LICENSE
Fix CVE-2022-3213: A heap buffer overflow issue was found in ImageMagick. When an application processes a malformed TIFF file, it could lead to undefined behavior or a crash causing a denial of service. https://github.com/ImageMagick/Website/blob/main/ChangeLog.md Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> --- package/imagemagick/imagemagick.hash | 2 +- package/imagemagick/imagemagick.mk | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-)