MantisBT - MEGA
View Issue Details
IDProjectCategoryView StatusDate SubmittedLast Update
0000187MEGAInstallationpublic2016-06-06 07:592016-06-23 07:52
Reporterguest 
Assigned Togstecher 
PrioritynormalSeverityminorReproducibilityhave not tried
StatusresolvedResolutionfixed 
PlatformPCOSWindowsOS Version7
Product VersionMEGA 11 (Graphical Interface version) 
Target VersionFixed in Version 
First NameSebastian
Last NameKärsten
Emailitsb@rki.de
Confirm Emailitsb@rki.de
Summary0000187: ImageMagick vulnerability
DescriptionImageMagick is part of MEGA 6.0.6 and has recently published bugfixes to the vulnerabilities CVE-2016-3714 and CVE-2016-5118. Will there be an updated version of MEGA 6 including these ImageMagick fixes available?

Kind regards,
Sebastian Kärsten
Information Security Team
Robert Koch Institute
Steps To Reproduce
Additional Information
TagsNo tags attached.
Relationships
Attached Files
Issue History
Date ModifiedUsernameFieldChange
2016-06-06 07:59guestNew Issue
2016-06-23 07:52gstecherNote Added: 0003678
2016-06-23 07:52gstecherStatusnew => resolved
2016-06-23 07:52gstecherResolutionopen => fixed
2016-06-23 07:52gstecherAssigned To => gstecher

Notes
(0000112)
Nikita Vikhrev   
1969-12-31 17:33   
Speed and accuracy is a trade off issue in iterative computations. Our algorithm is a standard fast algorithm and at least much faster than PHYLIP. Anyway, I will think about it to make faster.

edited on: 03-15 19:30
(0003678)
gstecher   
2016-06-23 07:52   
Hi Sebastian,

I am writing in response to your question regarding the MEGA software. In the latest version of MEGA (version 7), ImageMagick has been removed. The installer for MEGA7 also has an option to remove MEGA6 and all of its files and we recommend that you upgrade to MEGA7 which includes many improvements over MEGA6.

--
Best regards,

Glen Stecher