Hi,
I'm in the process of configuring Gallery2 on an SL42 environment, and the
following line from their configuration process worries me:
************
Version
ImageMagick 6.0.7
Warning: This version of ImageMagick has a known vulnerability that can be
exploited to cause infinite loops. You may wish to upgrade. This determination
may be inaccurate for Debian.
************
They reference the link:
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2005-1739
which shows that this is remotely exploitable.
Would the upstream vendor have backported fixes for this problem in 6.0.7?
Thanks.
Michael.