Top > Yahoobleed
[[ImageMagick]] > [[Yahoobleed]] (CVE-2017-9098)

- https://security-tracker.debian.org/tracker/CVE-2017-9098
- http://blog.blackducksoftware.com/yahoobleed-forces-retirement-of-imagemagick-cve-2017-9098

- 米Yahoo!、メール添付画像流出の脆弱性に対処 「ImageMagick」は引退
--  http://www.itmedia.co.jp/enterprise/articles/1705/23/news070.html

- *bleed continues: 18 byte file, $14k bounty, for leaking private Yahoo! Mail images
--  https://scarybeastsecurity.blogspot.jp/2017/05/bleed-continues-18-byte-file-14k-bounty.html

- 「さようなら ImageMagick」の考察
--  [https://qiita.com/yoya/items/2076c1f5137d4041e3aa#%E3%82%AF%E3%83%AA%E3%83%86%E3%82%A3%E3%82%AB%E3%83%AB%E3%83%92%E3%83%83%E3%83%882-yahoobleed-cve-2017-9098 https://qiita.com/yoya/items/2076c1f5137d4041e3aa#クリティカルヒット(2) Yahoobleed (CVE-2017-9098)]

* RLE [#k3a9861b]

- Reset memory for RLE decoder (patch provided by scarybeasts)
--
  http://git.imagemagick.org/repos/ImageMagick/commit/1c358ffe0049f768dd49a8a889c1cbf99ac9849b

- [[URT]] (Utah Raster Toolkit)

* パッケージ [#f1b8551c]

- USN-3302-1: ImageMagick vulnerabilities
-- https://www.ubuntu.com/usn/usn-3302-1/

* その他 [#etc]

- ImageMagick-6.9.7-4差分 (7 系同時リリースは ImageMagick-7.0.4-4)
--  http://d.hatena.ne.jp/yoya/20170305/im
Reload   Diff   Front page List of pages Search Recent changes Backup Referer   Help   RSS of recent changes