0000187: ImageMagick vulnerability - MantisBT

MantisBT

View Issue Details [ Jump to Notes ]

[ Issue History ] [ Print ]

ID

Project

Category

View Status

Date Submitted

Last Update

0000187

MEGA

Installation

public

2016-06-06 07:59

2016-06-23 07:52

Reporter

guest

Assigned To

gstecher

Priority

normal

Severity

minor

Reproducibility

have not tried

Status

resolved

Resolution

fixed

Platform

PC

OS

Windows

Product Version

MEGA 11 (Graphical Interface version)

Target Version

Fixed in Version

Summary

0000187: ImageMagick vulnerability

Description

ImageMagick is part of MEGA 6.0.6 and has recently published bugfixes to the vulnerabilities CVE-2016-3714 and CVE-2016-5118. Will there be an updated version of MEGA 6 including these ImageMagick fixes available?

Kind regards,
Sebastian Kärsten
Information Security Team
Robert Koch Institute

Tags

No tags attached.

Attach Tags

(Separate by ",")

First Name

Sebastian

Last Name

Kärsten

Email

Confirm Email

Relationships

Notes
(0000112) Nikita Vikhrev (reporter) 1969-12-31 17:33	Speed and accuracy is a trade off issue in iterative computations. Our algorithm is a standard fast algorithm and at least much faster than PHYLIP. Anyway, I will think about it to make faster. edited on: 03-15 19:30

(0003678) gstecher (administrator) 2016-06-23 07:52	Hi Sebastian, I am writing in response to your question regarding the MEGA software. In the latest version of MEGA (version 7), ImageMagick has been removed. The installer for MEGA7 also has an option to remove MEGA6 and all of its files and we recommend that you upgrade to MEGA7 which includes many improvements over MEGA6. -- Best regards, Glen Stecher

Issue History
Date Modified	Username	Field	Change
2016-06-06 07:59	guest	New Issue
2016-06-23 07:52	gstecher	Note Added: 0003678
2016-06-23 07:52	gstecher	Status	new => resolved
2016-06-23 07:52	gstecher	Resolution	open => fixed
2016-06-23 07:52	gstecher	Assigned To	=> gstecher

Copyright © 2000 - 2024 MantisBT Team