We are affectés by another buffer overflow that upstream call 1947... Will add patch soon
I am really confused Le 28 févr. 2014 11:20, "Bastien ROUCARIES" < roucaries.bastien+imagemag...@gmail.com> a écrit : > We are not affected by CVE-2014-1947: but by CVE-2014-2030 > > On Thu, Feb 27, 2014 at 2:45 PM, Moritz Muehlenhoff <j...@inutil.org> > wrote: > > Package: imagemagick > > Severity: grave > > Tags: security > > Justification: user security hole > > > > The CVE assignments are a bit tricky, please see > http://www.openwall.com/lists/oss-security/2014/02/12/2 > > for the thread on oss-security. > > > > CVE-2014-1958 > > http://trac.imagemagick.org/changeset/14801 > > > > CVE-2014-1947: > > http://trac.imagemagick.org/changeset/13736 > > > > Cheers, > > Moritz > > >
