openSUSE Build Service

Overview Details Repositories Revisions Requests Users Attributes Meta

Security update for GraphicsMagick

This update for GraphicsMagick fixes the following issues:

Security issues fixed:

- CVE-2017-16546: Fix ReadWPGImage function in coders/wpg.c that could lead to a denial of service (bsc#1067181).
- CVE-2017-14342: Fix a memory exhaustion vulnerability in ReadWPGImage in coders/wpg.c that could lead to a denial of service (bsc#1058485).
- CVE-2017-16669: Fix coders/wpg.c that allows remote attackers to cause a denial of service via crafted files (bsc#1067409).
- CVE-2017-16545: Fix the ReadWPGImage function in coders/wpg.c as a validation problems could lead to a denial of service (bsc#1067184).
- CVE-2017-14341: Fix infinite loop in the ReadWPGImage function (bsc#1058637).
- CVE-2017-13737: Fix invalid free in the MagickFree function in magick/memory.c (tiff.c) (bsc#1056162).
- CVE-2017-11640: Fix NULL pointer deref in WritePTIFImage() in coders/tiff.c (bsc#1050632).

Submitted by Petr Gajdos (pgajdos)

Fixed bugs

bnc#1067181

VUL-0: CVE-2017-16546: ImageMagick: ReadWPGImage function in coders/wpg.c denial of service

bnc#1058485

VUL-1: CVE-2017-14342: ImageMagick: a memory exhaustion vulnerability in ReadWPGImage in coders/wpg.c could lead to denial of service

bnc#1067409

VUL-0: CVE-2017-16669: GraphicsMagick: coders/wpg.c allows remote attackers to cause a denial of service via crafted file

bnc#1067184

VUL-0: CVE-2017-16545: GraphicsMagick: The ReadWPGImage function in coders/wpg.c in validation problems could lead to denial of service

bnc#1058637

VUL-0: CVE-2017-14341: GraphicsMagick,ImageMagick: Infinite loop in the ReadWPGImage function

bnc#1056162

VUL-0: CVE-2017-13737: GraphicsMagick: invalid free in the MagickFree function in magick/memory.c (tiff.c)

bnc#1050632

VUL-1: CVE-2017-11640: ImageMagick: NULL pointer deref in WritePTIFImage() in coders/tiff.c

Places

Fixed bugs

Selected Binaries

Places