Bugzilla – Bug 991872
VUL-0: CVE-2016-6520: ImageMagick buffer overflow
Last modified: 2016-08-24 16:09:48 UTC
Quoting from OSS-sec: Hi CVE assignemnt team, I would like to request a CVE for a buffer overflow that was found in ImageMagick. You can find the fix in the following commit: https://github.com/ImageMagick/ImageMagick/commit/76401e172ea3a55182be2b8e2aca4d07270f6da6 CVE-2016-6520 References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6520 http://seclists.org/oss-sec/2016/q3/230
GraphicsMagick seems not to be affected.
I believe all affected code streams are fixed.
This is an autogenerated message for OBS integration: This bug (991872) was mentioned in https://build.opensuse.org/request/show/416993 13.2 / ImageMagick
released
openSUSE-SU-2016:2072-1: An update that fixes three vulnerabilities is now available. Category: security (moderate) Bug References: 991444,991445,991872 CVE References: CVE-2016-5010,CVE-2016-6491,CVE-2016-6520 Sources used: openSUSE 13.2 (src): ImageMagick-6.8.9.8-29.1
SUSE-SU-2016:2075-1: An update that fixes two vulnerabilities is now available. Category: security (moderate) Bug References: 991445,991872 CVE References: CVE-2016-6491,CVE-2016-6520 Sources used: SUSE Linux Enterprise Software Development Kit 11-SP4 (src): ImageMagick-6.4.3.6-7.48.1 SUSE Linux Enterprise Server 11-SP4 (src): ImageMagick-6.4.3.6-7.48.1 SUSE Linux Enterprise Debuginfo 11-SP4 (src): ImageMagick-6.4.3.6-7.48.1
SUSE-SU-2016:2076-1: An update that fixes three vulnerabilities is now available. Category: security (moderate) Bug References: 991444,991445,991872 CVE References: CVE-2016-5010,CVE-2016-6491,CVE-2016-6520 Sources used: SUSE Linux Enterprise Workstation Extension 12-SP1 (src): ImageMagick-6.8.8.1-33.1 SUSE Linux Enterprise Software Development Kit 12-SP1 (src): ImageMagick-6.8.8.1-33.1 SUSE Linux Enterprise Server 12-SP1 (src): ImageMagick-6.8.8.1-33.1 SUSE Linux Enterprise Desktop 12-SP1 (src): ImageMagick-6.8.8.1-33.1
openSUSE-SU-2016:2148-1: An update that fixes three vulnerabilities is now available. Category: security (moderate) Bug References: 991444,991445,991872 CVE References: CVE-2016-5010,CVE-2016-6491,CVE-2016-6520 Sources used: openSUSE Leap 42.1 (src): ImageMagick-6.8.8.1-18.2