Bug 11154

Summary: imagemagick - DoS: Memory corruption while processing GIF comments (CVE-2013-4298)
Product: Mageia Reporter: Oden Eriksson <oe>
Component: SecurityAssignee: Mageia Bug Squad <bugsquad>
Status: RESOLVED INVALID QA Contact: Sec team <security>
Severity: normal    
Priority: Normal    
Version: 2   
Target Milestone: ---   
Hardware: i586   
OS: Linux   
URL: http://lwn.net/Vulnerabilities/565709/
Whiteboard:
Source RPM: imagemagick CVE:
Status comment:

Description Oden Eriksson 2013-09-04 09:22:39 CEST 
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=721273

The affected code seems to have been added in 6.7.6 (mga2 has 6.7.5) and then removed, so neither mga2, mga3 or cauldron is affected.

Reproducible: 

Steps to Reproduce:
Comment 1 Oden Eriksson 2013-09-04 09:23:40 CEST 
Closing this reference bug.

Status: NEW => RESOLVED
Resolution: (none) => INVALID

Comment 2 David Walser 2013-09-05 05:11:05 CEST 
I had actually looked into this before you filed this and also determined that we're not affected.  Maybe I should have filed a bug like this :o)

URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4298 => http://lwn.net/Vulnerabilities/565709/
Summary: CVE-2013-4298: imagemagick - DoS: Memory corruption while processing GIF comments => imagemagick - DoS: Memory corruption while processing GIF comments (CVE-2013-4298)

Comment 3 Oden Eriksson 2013-09-05 09:37:05 CEST 
(In reply to David Walser from comment #2)
> I had actually looked into this before you filed this and also determined
> that we're not affected.  Maybe I should have filed a bug like this :o)

Yes, it's good for trackability and especially for those with the memory of a gold fish.