Overview

File _patchinfo of Package patchinfo.12053

<patchinfo incident="12053">
  <issue tracker="cve" id="2019-12975"/>
  <issue tracker="cve" id="2019-13133"/>
  <issue tracker="cve" id="2019-13297"/>
  <issue tracker="cve" id="2019-13301"/>
  <issue tracker="cve" id="2019-13310"/>
  <issue tracker="cve" id="2019-13300"/>
  <issue tracker="cve" id="2019-13307"/>
  <issue tracker="cve" id="2019-13134"/>
  <issue tracker="cve" id="2019-12976"/>
  <issue tracker="cve" id="2019-12974"/>
  <issue tracker="cve" id="2019-13308"/>
  <issue tracker="cve" id="2019-13295"/>
  <issue tracker="cve" id="2019-13135"/>
  <issue tracker="cve" id="2019-13454"/>
  <issue tracker="cve" id="2019-12979"/>
  <issue tracker="cve" id="2019-12978"/>
  <issue tracker="cve" id="2019-13391"/>
  <issue tracker="cve" id="2019-13311"/>
  <issue tracker="bnc" id="1139886">VUL-0: CVE-2019-12979: ImageMagick: "use of uninitialized value" vulnerability in the SyncImageSettings function</issue>
  <issue tracker="bnc" id="1140501">VUL-1: CVE-2019-13310: ImageMagick: memory leaks at AcquireMagickMemory because of an error in MagickWand/mogrify.c.</issue>
  <issue tracker="bnc" id="1140110">VUL-1: CVE-2019-12976: ImageMagick: memory leak in the ReadPCLImage function in coders/pcl.c</issue>
  <issue tracker="bnc" id="1140106">VUL-1: CVE-2019-12975: ImageMagick: Memory leak vulnerability in the WriteDPXImage function in coders/dpx.c</issue>
  <issue tracker="bnc" id="1140538">VUL-0: CVE-2019-13307: ImageMagick: heap-based buffer overflow at MagickCore/statistic.c</issue>
  <issue tracker="bnc" id="1140554">VUL-1: CVE-2019-13301: ImageMagick: memory leaks in AcquireMagickMemory</issue>
  <issue tracker="bnc" id="1140666">VUL-1: CVE-2019-13297: ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage</issue>
  <issue tracker="bnc" id="1140513">VUL-1: CVE-2019-13311: ImageMagick: memory leaks at AcquireMagickMemory because of a wand/mogrify.c error</issue>
  <issue tracker="bnc" id="1140103">VUL-1: CVE-2019-13135: ImageMagick: "use of uninitialized value" vulnerability in the function ReadCUTImage</issue>
  <issue tracker="bnc" id="1140669">VUL-0: CVE-2019-13300: ImageMagick: heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages</issue>
  <issue tracker="bnc" id="1141171">VUL-1: CVE-2019-13454: ImageMagick: division by zero in RemoveDuplicateLayers in MagickCore/layer.c</issue>
  <issue tracker="bnc" id="1140111">VUL-1: CVE-2019-12974: ImageMagick: NULL pointer dereference in the function ReadPANGOImage</issue>
  <issue tracker="bnc" id="1140102">VUL-1: CVE-2019-13134: ImageMagick: memory leak vulnerability in the function ReadVIFFImage</issue>
  <issue tracker="bnc" id="1139885">VUL-0: CVE-2019-12978: ImageMagick: "use of uninitialized value" vulnerability in the ReadPANGOImage function</issue>
  <issue tracker="bnc" id="1140534">VUL-1 CVE-2019-13308: ImageMagick: heap-based buffer overflow in MagickCore/fourier.c</issue>
  <issue tracker="bnc" id="1140100">VUL-1: CVE-2019-13133: ImageMagick: memory leak vulnerability in the function ReadBMPImage</issue>
  <issue tracker="bnc" id="1140673">VUL-0: CVE-2019-13391: ImageMagick: heap-based buffer over-read in MagickCore/fourier.c</issue>
  <issue tracker="bnc" id="1140664">VUL-1: CVE-2019-13295: ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage</issue>
  <packager>pgajdos</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for ImageMagick</summary>
  <description>This update for ImageMagick fixes the following issues:

- CVE-2019-13301: Fixed a memory leak in AcquireMagickMemory() (bsc#1140554).
- CVE-2019-13310: Fixed a memory leak at AcquireMagickMemory because of an error in MagickWand/mogrify.c (bsc#1140501).
- CVE-2019-13311: Fixed a memory leak at AcquireMagickMemory because of a wand/mogrify.c error (bsc#1140513).
- CVE-2019-13454: Fixed a division by zero in RemoveDuplicateLayers in MagickCore/layer.c (bsc#1141171).
- CVE-2019-13295: Fixed a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage (bsc#1140664).
- CVE-2019-13297: Fixed a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage (bsc#1140666).
- CVE-2019-12979: Fixed the use of uninitialized values in SyncImageSettings() (bsc#1139886).
- CVE-2019-13391: Fixed a heap-based buffer over-read in MagickCore/fourier.c (bsc#1140673).
- CVE-2019-13308: Fixed a heap-based buffer overflow in MagickCore/fourier.c (bsc#1140534).
- CVE-2019-13300: Fixed a heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages (bsc#1140669).
- CVE-2019-13307: Fixed a heap-based buffer overflow at MagickCore/statistic.c (bsc#1140538).
- CVE-2019-12975: Fixed a memory leak in the WriteDPXImage() in coders/dpx.c (bsc#1140106).
- CVE-2019-13135: Fixed the use of uninitialized values in ReadCUTImage() (bsc#1140103).
- CVE-2019-12978: Fixed the use of uninitialized values in ReadPANGOImage() (bsc#1139885).
- CVE-2019-12974: Fixed a NULL pointer dereference in the ReadPANGOImage() (bsc#1140111).
- CVE-2019-13133: Fixed a memory leak in the ReadBMPImage() (bsc#1140100).
- CVE-2019-13134: Fixed a memory leak in the ReadVIFFImage() (bsc#1140102).
- CVE-2019-12976: Fixed a memory leak in the ReadPCLImage() in coders/pcl.c(bsc#1140110).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places