Overview

File _patchinfo of Package patchinfo.3728

<patchinfo incident="3728">
  <issue id="1011130" tracker="bnc">VUL-0: CVE-2016-9556: ImageMagick, GraphicsMagick: heap-based buffer overflow in IsPixelGray (pixel-accessor.h)</issue>
  <issue id="1014159" tracker="bnc">VUL-0: CVE-2016-8707: ImageMagick: ImageMagick Convert Tiff Adobe Deflate Code Execution Vulnerability</issue>
  <issue id="1013376" tracker="bnc">VUL-0: CVE-2016-9773: ImageMagick: heap-based buffer overflow in IsPixelGray (pixel-accessor.h) (Incomplete fix for CVE-2016-9556)</issue>
  <issue id="1009318" tracker="bnc">VUL-0: CVE-2016-8866: GraphicsMagick, ImageMagick: Memory allocation failure in AcquireMagickMemory</issue>
  <issue id="1011136" tracker="bnc">VUL-0: CVE-2016-9559: ImageMagick, GraphicsMagick: null pointer must never be null (tiff.c)</issue>
  <issue id="2016-9556" tracker="cve" />
  <issue id="2016-9773" tracker="cve" />
  <issue id="2016-8707" tracker="cve" />
  <issue id="2016-9559" tracker="cve" />
  <issue id="2014-9848" tracker="cve" />
  <issue id="2016-8866" tracker="cve" />

  <issue id="2014-9848" tracker="cve" />
  <issue id="2016-9556" tracker="cve" />
  <issue id="2016-9559" tracker="cve" />
  <category>security</category>
  <rating>important</rating>
  <packager>pgajdos</packager>
  <description>
This update for ImageMagick fixes the following issues:

  * CVE-2016-9556 Possible Heap-overflow found by fuzzing [bsc#1011130]
  * CVE-2016-9559 Possible Null pointer access found by fuzzing [bsc#1011136]
  * CVE-2016-8707 Possible code execution in Tiff conver utility [bsc#1014159]
  * CVE-2016-8866 Memory allocation failure in AcquireMagickMemory could lead to Heap overflow [bsc#1009318]
  * CVE-2016-9559 Possible Null pointer access found by fuzzing [bsc#1011136]

</description>
  <summary>Security update for ImageMagick</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places