This update for GraphicsMagick fixes the following issues:
* CVE-2017-13775: Fixed a denial of service issue in ReadJNXImage() in coders/jnx.c (boo#1056431)
* CVE-2017-13063: Fixed a heap-based buffer overflow vulnerability in the function GetStyleTokens in coders/svg.c (bsc#1055050)
* CVE-2017-13064: Fixed a heap-based buffer overflow vulnerability in the function GetStyleTokens in coders/svg.c (bsc#1055042)
* CVE-2017-12936: The ReadWMFImage function in coders/wmf.c in GraphicsMagick had a use-after-free issue for data associated with exception reporting. (bsc#1054598)
* CVE-2017-13139: The ReadOneMNGImage function in coders/png.c had an out-of-bounds read with the MNG CLIP chunk. (bsc#1055430)
* CVE-2017-12937: The ReadSUNImage function in coders/sun.c in GraphicsMagick had a colormap heap-based buffer over-read. (bsc#1054596)
-
Submitted by
Petr Gajdos (pgajdos)
