Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP1:GA
patchinfo.7134
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.7134
<patchinfo incident="7134"> <issue id="1087033" tracker="bnc">VUL-1: CVE-2017-18252: ImageMagick: The MogrifyImageList function allows attackers to cause a denial of service (assertion failure and application exit)</issue> <issue id="1087027" tracker="bnc">VUL-1: CVE-2017-18254: GraphicsMagick, ImageMagick: Memory leak in the function WriteGIFImage in coders/gif.c, which allow attackers to cause a denial of service</issue> <issue id="1087037" tracker="bnc">VUL-1: CVE-2017-18251: GraphicsMagick, ImageMagick: Memory leak in the function ReadPCDImage in coders/pcd.c, which allows attackers to cause a denial of service</issue> <issue id="1086773" tracker="bnc">VUL-1: CVE-2018-9018: GraphicsMagick: a divide-by-zero in the ReadMNGImage function of coders/png.c could lead to denial of service</issue> <issue id="1087039" tracker="bnc">VUL-1: CVE-2017-18250: ImageMagick: NULL pointer dereference in the function LogOpenCLBuildFailure inMagickCore/opencl.c</issue> <issue id="1047356" tracker="bnc">VUL-1: CVE-2017-10928: ImageMagick: heap-based buffer over-read in the GetNextTokenfunction in token.c</issue> <issue id="1087825" tracker="bnc">VUL-1: CVE-2018-9135: ImageMagick: In ImageMagick 7.0.7-24 Q16, there is a heap-based buffer over-read inIsWEBPImageLossless in coders/webp.c.</issue> <issue id="1058635" tracker="bnc">VUL-1: ImageMagick: CVE-2017-14325 ImageMagick: Memory leak in the PersistPixelCache function </issue> <issue id="1074117" tracker="bnc">VUL-0: CVE-2017-17887: ImageMagick: memory leak in the function GetImagePixelCache could lead to denial of service</issue> <issue id="1089781" tracker="bnc">VUL-0: CVE-2018-10177: GraphicsMagick,ImageMagick: In ImageMagick 7.0.7-28, there is an infinite loop in the ReadOneMNGImagefunction of the coders/png.c file. Remote attackers could leverage thisvulnerability to cause a denial of service</issue> <issue id="1086782" tracker="bnc">VUL-1: CVE-2018-8960: ImageMagick: The ReadTIFFImage function in coders/tiff.c in ImageMagick memory allocation issue could lead to denial of service</issue> <issue id="2018-9135" tracker="cve" /> <issue id="2017-1000476" tracker="cve" /> <issue id="2017-18254" tracker="cve" /> <issue id="2017-18252" tracker="cve" /> <issue id="2017-18251" tracker="cve" /> <issue id="2017-18250" tracker="cve" /> <issue id="2017-10928" tracker="cve" /> <issue id="2017-11450" tracker="cve" /> <issue id="2018-9018" tracker="cve" /> <issue id="2017-14325" tracker="cve" /> <issue id="2017-17887" tracker="cve" /> <issue id="2018-10177" tracker="cve" /> <issue id="2018-8960" tracker="cve" /> <category>security</category> <rating>moderate</rating> <packager>pgajdos</packager> <description>This update for ImageMagick fixes the following issues: - CVE-2017-14325: In ImageMagick, a memory leak vulnerability was found in the function PersistPixelCache in magick/cache.c, which allowed attackers to cause a denial of service (memory consumption in ReadMPCImage in coders/mpc.c) via a crafted file. [bsc#1058635] - CVE-2017-17887: In ImageMagick, a memory leak vulnerability was found in the function GetImagePixelCache in magick/cache.c, which allowed attackers to cause a denial of service via a crafted MNG image file that is processed by ReadOneMNGImage. [bsc#1074117] - CVE-2017-18250: A NULL pointer dereference vulnerability was found in the function LogOpenCLBuildFailure in MagickCore/opencl.c, which could lead to a denial of service via a crafted file. [bsc#1087039] - CVE-2017-18251: A memory leak vulnerability was found in the function ReadPCDImage in coders/pcd.c, which could lead to a denial of service via a crafted file. [bsc#1087037] - CVE-2017-18252: The MogrifyImageList function in MagickWand/mogrify.c could allow attackers to cause a denial of service via a crafted file. [bsc#1087033] - CVE-2017-18254: A memory leak vulnerability was found in the function WriteGIFImage in coders/gif.c, which could lead to denial of service via a crafted file. [bsc#1087027] - CVE-2018-8960: The ReadTIFFImage function in coders/tiff.c in ImageMagick did not properly restrict memory allocation, leading to a heap-based buffer over-read. [bsc#1086782] - CVE-2018-9018: divide-by-zero in the ReadMNGImage function of coders/png.c. Attackers could leverage this vulnerability to cause a crash and denial of service via a crafted mng file. [bsc#1086773] - CVE-2018-9135: heap-based buffer over-read in IsWEBPImageLossless in coders/webp.c could lead to denial of service. [bsc#1087825] - CVE-2018-10177: In ImageMagick, there was an infinite loop in the ReadOneMNGImage function of the coders/png.c file. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted mng file. [bsc#1089781] - CVE-2017-10928: a heap-based buffer over-read in the GetNextToken function in token.c could allow attackers to obtain sensitive information from process memory or possibly have unspecified other impact via a crafted SVG document that is mishandled in the GetUserSpaceCoordinateValue function in coders/svg.c. [bsc#1047356] </description> <summary>Security update for ImageMagick</summary> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor