ImageWorsener: Multiple vulnerabilities — GLSA 201706-06

Multiple vulnerabilities have been found in ImageWorsener, the worst of which allows remote attackers to cause a Denial of Service condition or have other unspecified impact.

Affected packages

media-gfx/imageworsener on all architectures
Affected versions < 1.3.1
Unaffected versions >= 1.3.1

Background

ImageWorsener is a cross-platform command-line utility and library for image scaling and other image processing.

Description

Multiple vulnerabilities have been discovered in ImageWorsener. Please review the CVE identifiers referenced below for details.

Impact

A remote attacker could entice a user to process a specially crafted image file using ImageWorsener, possibly resulting in a Denial of Service condition or have other unspecified impacts.

Workaround

There is no known workaround at this time.

Resolution

All ImageWorsener users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=media-gfx/imageworsener-1.3.1"
 

References

Release date
June 06, 2017

Latest revision
June 06, 2017: 1

Severity
normal

Exploitable
remote

Bugzilla entries