Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12:Update
patchinfo.11106
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.11106
<patchinfo incident="11106"> <issue tracker="cve" id="2019-11597"/> <issue tracker="cve" id="2019-11472"/> <issue tracker="cve" id="2019-11506"/> <issue tracker="cve" id="2019-11505"/> <issue tracker="cve" id="2019-11470"/> <issue id="2019-10131" tracker="cve" /> <issue tracker="cve" id="2017-12806"/> <issue tracker="cve" id="2017-12805"/> <issue tracker="cve" id="2019-11598"/> <issue tracker="bnc" id="1133204">VUL-1: CVE-2019-11472: ImageMagick,GraphicsMagick: ReadXWDImage in coders/xwd.c in the XWD image parsing component of ImageMagick 7.0.8-41 Q16 allows attackers to cause a denial-of-service (divide-by-zero error) by crafting an XWD image file in which the</issue> <issue tracker="bnc" id="1133205">VUL-1: CVE-2019-11470: ImageMagick: The cineon parsing component in ImageMagick 7.0.8-26 Q16 allows attackers to cause a denial-of-service (uncontrolled resource consumption) by crafting a Cineon image with an incorrect claimed image size.</issue> <issue tracker="bnc" id="1133501">VUL-1: CVE-2019-11505: GraphicsMagick,ImageMagick: heap-based buffer overflow in the function WritePDBImage of coders/pdb.c, which allows an attacker to cause a denial of service or possibly</issue> <issue tracker="bnc" id="1133498">VUL-1: CVE-2019-11506: GraphicsMagick: heap-based buffer overflow in the function WriteMATLABImage of coders/mat.c, which allows an attacker to cause a denial of service or possi</issue> <issue id="1134075" tracker="bnc">VUL-1: CVE-2019-10131: ImageMagick: off-by-one read in formatIPTCfromBuffer function in coders/meta.c</issue> <issue id="1135232" tracker="bnc">VUL-1: CVE-2017-12806: ImageMagick: memory exhaustion in function format8BIM causing denial of service</issue> <issue tracker="bnc" id="1135236">VUL-1: CVE-2017-12805: ImageMagick: memory exhaustion in function ReadTIFFImage causing denial of service</issue> <issue tracker="bnc" id="1136183">VUL-1: ImageMagick: PCL might still decode using ghostscript</issue> <issue tracker="bnc" id="1136732">VUL-0: CVE-2019-11598: ImageMagick: heap-based buffer over-read in the function WritePNMImage of coders/pnm.c leading to DoS or information disclosure</issue> <issue tracker="bnc" id="1138425">VUL-0: ImageMagick,GraphiscMagick: disclosure of file content via SVG and WMF decoding</issue> <issue tracker="bnc" id="1138464">VUL-0: CVE-2019-11597: ImageMagick: heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c leading to DoS or information disclosure</issue> <packager>pgajdos</packager> <rating>moderate</rating> <category>security</category> <summary>Security update for ImageMagick</summary> <description>This update for ImageMagick fixes the following issues: Security issues fixed: - CVE-2019-11597: Fixed a heap-based buffer over-read in the WriteTIFFImage() (bsc#1138464). - Fixed a file content disclosure via SVG and WMF decoding (bsc#1138425).- CVE-2019-11472: Fixed a denial of service in ReadXWDImage() (bsc#1133204). - CVE-2019-11470: Fixed a denial of service in ReadCINImage() (bsc#1133205). - CVE-2019-11506: Fixed a heap-based buffer overflow in the WriteMATLABImage() (bsc#1133498). - CVE-2019-11505: Fixed a heap-based buffer overflow in the WritePDBImage() (bsc#1133501). - CVE-2019-10131: Fixed a off-by-one read in formatIPTCfromBuffer function in coders/meta.c (bsc#1134075). - CVE-2017-12806: Fixed a denial of service through memory exhaustion in format8BIM() (bsc#1135232). - CVE-2017-12805: Fixed a denial of service through memory exhaustion in ReadTIFFImage() (bsc#1135236). - CVE-2019-11598: Fixed a heap-based buffer over-read in WritePNMImage() (bsc#1136732) We also now disable PCL in the -SUSE configuration, as it also uses ghostscript for decoding (bsc#1136183) </description> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor