Overview Details Repositories Revisions Requests Users Attributes Meta
Security update for GraphicsMagick

This update for GraphicsMagick fixes the following issues:

- CVE-2017-18230: Specially crafted CINEON images may have caused a Null pointer dereference (boo#1085233)
- CVE-2017-16353: Specially crafted MIFF images could have allowed for information disclosure (boo#1066170)
- CVE-2017-16352: Specially crafted MIFF images may have caused a heap-based buffer overflow (boo#1066168)
- CVE-2017-14314: Specially crafted image files may have caused a denial of service (boo#1058630)
- CVE-2017-14505: Specially crafted image files may have caused a Null pointer dereference (boo#1059735)
- CVE-2017-15016: Specially crafted EMF images may have caused a Null pointer dereference (boo#1082291)
- CVE-2017-15017: Specially crafted MSG images may have caused a Null pointer dereference (boo#1082283)
- CVE-2017-18219: Specially crafted image files may have been used to cause an application crash (boo#1084060)
- CVE-2017-18220: Specially crafted PNG images may have been used to cause a denial of service (boo#1084062)

Fixed bugs
bnc#1066170
VUL-1: CVE-2017-16353: GraphicsMagick, ImageMagick: Memory information disclosure in the DescribeImage function
bnc#1082291
VUL-1: CVE-2017-15016: GraphicsMagick, ImageMagick: NULL pointer dereference vulnerability in ReadEnhMetaFile in coders/emf.c
bnc#1085233
VUL-1: CVE-2017-18230: GraphicsMagick: An issue was discovered in GraphicsMagick 1.3.26. A NULL pointer dereference vulnerability was found in the function ReadCINEONImage in coders/cineon.c,which allows attackers to cause a de
bnc#1066168
VUL-0: CVE-2017-16352: GraphicsMagick, ImageMagick: Heap buffer overflow in the "Display visual image directory" feature of the DescribeImage() function
bnc#1082283
VUL-1: CVE-2017-15017: GraphicsMagick, ImageMagick: NULL pointer dereference vulnerability in ReadOneMNGImage in coders/png.c
bnc#1058630
VUL-1: GraphicsMagick: CVE-2017-14314 GraphicsMagick: Off-by-one error in the DrawImage function
bnc#1059735
VUL-2: CVE-2017-14505: ImageMagick: NULL pointer dereference in DrawGetStrokeDashArray in wand/drawing-wand.c could lead to denial of service
bnc#1084060
VUL-2: CVE-2017-18219: GraphicsMagick,ImageMagick: An issue was discovered in GraphicsMagick 1.3.26. An allocation failurevulnerability was found in the function ReadOnePNGImage in coders/png.c, whichallows attackers to cause a denial of service via
bnc#1084062
VUL-0: CVE-2017-18220: GraphicsMagick: The ReadOneJNGImage and ReadJNGImage functions in coders/png.c in GraphicsMagick1.3.26 allow remote attackers to cause a denial of service (magick/blob.cCloseBlob use-after-free) or possi
CVE-2017-18230
CVE-2017-18220
CVE-2017-15016
CVE-2017-15017
CVE-2017-16352
CVE-2017-16353
CVE-2017-18219
CVE-2017-14314
CVE-2017-14505
Selected Binaries
openSUSE Build Service is sponsored by
Places