Legacy ImageMagick Discussions Archive

Use https://github.com/ImageMagick/ImageMagick/discussions instead.
https://imagemagick.com/discourse-server/

statement about CVE-2016-9773

https://imagemagick.com/discourse-server/viewtopic.php?t=31045

Page 1 of 1

statement about CVE-2016-9773

Posted: 2016-12-14T08:24:37-07:00
by broucaries
https://security-tracker.debian.org/tra ... -2016-9773

Does this is a imagemagick 7 only bug ?

Thanks

bastien

Re: statement about CVE-2016-9773

Posted: 2016-12-14T08:53:11-07:00
by magick
Yes, ImageMagick version 7 supports variable pixel channels, version 6 does not. The problem was that the streaming interface allocated 3 channels but the coder might introduce a new channel, e.g. the alpha channel.
All times are UTC-07:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited