oss-sec mailing list archives
Re: ImageMagick Is On Fire -- CVE-2016-3714
From: Seth Arnold <seth.arnold () canonical com>
Date: Tue, 3 May 2016 18:00:39 -0700
On Wed, May 04, 2016 at 12:05:16AM +0000, Brandon Dees wrote:
is it appropriate to ask if the same issues are present in GraphicsMagick as well?
I haven't investigated deeply but it seems very plausible to me: Here's the delegates.xml work-alike: https://sourceforge.net/p/graphicsmagick/code/ci/default/tree/config/delegates.mgk.in This appears to be executed via: https://sourceforge.net/p/graphicsmagick/code/ci/default/tree/magick/delegate.c which tries to escape arguments using UnixShellTextEscape(). This function appears to replace \`"$ chars with backslash-escaped versions. I'm not sure this is a safe mechanism either. Thanks
Attachment:
signature.asc
Description:
Current thread:
- ImageMagick Is On Fire -- CVE-2016-3714 Ryan Huber (May 03)
- Re: ImageMagick Is On Fire -- CVE-2016-3714 Solar Designer (May 03)
- Re: ImageMagick Is On Fire -- CVE-2016-3714 Karim Valiev (May 03)
- Re: ImageMagick Is On Fire -- CVE-2016-3714 Seth Arnold (May 03)
- Re: ImageMagick Is On Fire -- CVE-2016-3714 Tim (May 03)
- Re: ImageMagick Is On Fire -- CVE-2016-3714 Brandon Dees (May 03)
- Re: ImageMagick Is On Fire -- CVE-2016-3714 Seth Arnold (May 03)
- Re: ImageMagick Is On Fire -- CVE-2016-3714 Bob Friesenhahn (May 03)
- Re: ImageMagick Is On Fire -- CVE-2016-3714 Seth Arnold (May 03)
- Re: ImageMagick Is On Fire -- CVE-2016-3714 Karim Valiev (May 03)
- Re: ImageMagick Is On Fire -- CVE-2016-3714 Solar Designer (May 03)
- Re: ImageMagick Is On Fire -- CVE-2016-3714 Bob Friesenhahn (May 19)
- Re: ImageMagick Is On Fire -- CVE-2016-3714 Jeremy Stanley (May 19)
- Re: ImageMagick Is On Fire -- CVE-2016-3714 Bob Friesenhahn (May 19)
- Re: ImageMagick Is On Fire -- CVE-2016-3714 Kurt Seifried (May 19)
- Re: ImageMagick Is On Fire -- CVE-2016-3714 Simon McVittie (May 19)
- Re: ImageMagick Is On Fire -- CVE-2016-3714 Bob Friesenhahn (May 19)
- Re: ImageMagick Is On Fire -- CVE-2016-3714 John Lightsey (May 19)
- Re: ImageMagick Is On Fire -- CVE-2016-3714 Bob Friesenhahn (May 20)