GNU bug report logs - #47418
imagemagick is vulnerable to CVE-2020-27829

Previous Next

Package: guix;

Reported by: Léo Le Bouter <lle-bout <at> zaclys.net>

Date: Fri, 26 Mar 2021 19:53:02 UTC

Severity: normal

Tags: security

Done: Mark H Weaver <mhw <at> netris.org>

Bug is archived. No further changes may be made.

Full log

Message #22 received at 47418 <at> debbugs.gnu.org (full text, mbox):

From: Léo Le Bouter <lle-bout <at> zaclys.net>
To: Mark H Weaver <mhw <at> netris.org>, 47418 <at> debbugs.gnu.org
Subject: Re: bug#47418: [PATCH] gnu: imagemagick: Fix CVE-2020-27829.
Date: Sat, 27 Mar 2021 14:30:53 +0100

[Message part 1 (text/plain, inline)]

On Sat, 2021-03-27 at 09:27 -0400, Mark H Weaver wrote:
> Your patch looks good to me, but I've just posted an alternative
> patch
> set to 'guix-devel' which should enable us to keep ImageMagick
> up-to-date without grafting, and which fixes this security flaw and
> more.
> 
>   https://lists.gnu.org/archive/html/guix-devel/2021-03/msg00538.html
> 
> It's not a big deal, but if you push your patch now, I would need to
> rebase the patch set on top of it.
> 
>       Mark

Thank you, let's get your better patch in then close this.

[signature.asc (application/pgp-signature, inline)]

This bug report was last modified 4 years and 107 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.

GNU bug report logs - #47418 imagemagick is vulnerable to CVE-2020-27829

GNU bug report logs - #47418
imagemagick is vulnerable to CVE-2020-27829