Summary: | security/vuxml: Security Vulnerability in ImageMagick (CVE-2017-14741) | ||||||
---|---|---|---|---|---|---|---|
Product: | Ports & Packages | Reporter: | VK <vlad-fbsd> | ||||
Component: | Individual Port(s) | Assignee: | Ports Security Team <ports-secteam> | ||||
Status: | Closed FIXED | ||||||
Severity: | Affects Some People | CC: | kwm, swills | ||||
Priority: | --- | Keywords: | patch, security | ||||
Version: | Latest | Flags: | bugzilla:
maintainer-feedback?
(ports-secteam) |
||||
Hardware: | Any | ||||||
OS: | Any | ||||||
URL: | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14741 | ||||||
Attachments: |
|
Committed in r450758. Thanks! |
Created attachment 186737 [details] Document CVE-2017-14741 The ReadCAPTIONImage function in coders/caption.c in ImageMagick 7.0.7-3 allows remote attackers to cause a denial of service (infinite loop) via a crafted font file. However, since upstream contains a commit for the ImageMagick-6 branch (which hasn't been tagged for update) as well, I'm adding it too.