Security update for GraphicsMagick
This update for GraphicsMagick fixes the following issues:
- CVE-2018-16644: Added missing check for length in the functions ReadDCMImage
and ReadPICTImage, which allowed remote attackers to cause a denial of service
via a crafted image (bsc#1107609)
- CVE-2018-16645: Prevent excessive memory allocation issue in the functions
ReadBMPImage and ReadDIBImage, which allowed remote attackers to cause a denial
of service via a crafted image file (bsc#1107604)
-
Submitted by
Petr Gajdos (pgajdos)
Fixed bugs
bnc#1107604
VUL-1: CVE-2018-16645: GraphicsMagick,ImageMagick: excessive memory allocation issue in the functions ReadBMPImage ofcoders/bmp.c and ReadDIBImage of coders/dib.c
bnc#1107609
VUL-1: CVE-2018-16644: GraphicsMagick,ImageMagick: missing check for length in the functions ReadDCMImage of coders/dcm.c and ReadPICTImage of coders/pict
