Bug 222621
| Summary: | security/vuxml: Security Vulnerability in ImageMagick (CVE-2017-14741) | ||||||
|---|---|---|---|---|---|---|---|
| Product: | Ports & Packages | Reporter: | VK <vlad-fbsd> | ||||
| Component: | Individual Port(s) | Assignee: | Ports Security Team <ports-secteam> | ||||
| Status: | Closed FIXED | ||||||
| Severity: | Affects Some People | CC: | kwm, swills | ||||
| Priority: | --- | Keywords: | patch, security | ||||
| Version: | Latest | Flags: | bugzilla:
maintainer-feedback?
(ports-secteam) |
||||
| Hardware: | Any | ||||||
| OS: | Any | ||||||
| URL: | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14741 | ||||||
| Attachments: |
|
||||||
Committed in r450758. Thanks! |
Created attachment 186737 [details] Document CVE-2017-14741 The ReadCAPTIONImage function in coders/caption.c in ImageMagick 7.0.7-3 allows remote attackers to cause a denial of service (infinite loop) via a crafted font file. However, since upstream contains a commit for the ImageMagick-6 branch (which hasn't been tagged for update) as well, I'm adding it too.