Is CVE-2016-5118 fixed?

Post any defects you find in the released or beta versions of the ImageMagick software here. Include the ImageMagick version, OS, and any command-line required to reproduce the problem. Got a patch for a bug? Post it here.
Post Reply
sam.saffron
Posts: 2
Joined: 2015-09-23T17:45:27-07:00
Authentication code: 1151

Is CVE-2016-5118 fixed?

Post by sam.saffron »

I am trying to determine if http://seclists.org/oss-sec/2016/q2/432 is fixed.

I think I tracked down https://github.com/ImageMagick/ImageMag ... 3b50c2c6b7 that appears to fix this, is this the case?
Top
User avatar
magick
Site Admin
Posts: 11064
Joined: 2003-05-31T11:32:55-07:00

Re: Is CVE-2016-5118 fixed?

Post by magick »

Pipes are not enabled by default in the latest ImageMagick release. To re-enable this feature, add --enable-pipes to the configure script command-line then build and install ImageMagick.
Top
Post Reply

Return to “Bugs”