[[ImageMagick]] > [[Yahoobleed]] (CVE-2017-9098) - https://security-tracker.debian.org/tracker/CVE-2017-9098 - http://blog.blackducksoftware.com/yahoobleed-forces-retirement-of-imagemagick-cve-2017-9098 - 米Yahoo!、メール添付画像流出の脆弱性に対処 「ImageMagick」は引退 -- http://www.itmedia.co.jp/enterprise/articles/1705/23/news070.html - *bleed continues: 18 byte file, $14k bounty, for leaking private Yahoo! Mail images -- https://scarybeastsecurity.blogspot.jp/2017/05/bleed-continues-18-byte-file-14k-bounty.html * RLE [#k3a9861b] - Reset memory for RLE decoder (patch provided by scarybeasts) -- http://git.imagemagick.org/repos/ImageMagick/commit/1c358ffe0049f768dd49a8a889c1cbf99ac9849b - [[URT]] (Utah Raster Toolkit) * パッケージ [#f1b8551c] - USN-3302-1: ImageMagick vulnerabilities -- https://www.ubuntu.com/usn/usn-3302-1/ * その他 [#etc] - ImageMagick-6.9.7-4差分 (7 系同時リリースは ImageMagick-7.0.4-4) -- http://d.hatena.ne.jp/yoya/20170305/im |