Project not found: isv:SUSE:Edge:Factory:Staging:suse-edge:Factory:PR-49

File _patchinfo of Package patchinfo.29152

<patchinfo incident="29152">
  <issue tracker="cve" id="2023-34153"/>
  <issue tracker="cve" id="2023-34151"/>
  <issue tracker="bnc" id="1211791">VUL-0: CVE-2023-34151: ImageMagick,GraphicsMagick: ImageMagick: Undefined behaviors of casting double to size_t in svg, mvg and other coders</issue>
  <issue tracker="bnc" id="1211792">VUL-0: CVE-2023-34153: ImageMagick,GraphicsMagick: Shell command injection vulnerability via video:vsync or video:pixel-format options in VIDEO encoding/decoding</issue>
  <packager>pgajdos</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for ImageMagick</summary>
  <description>This update for ImageMagick fixes the following issues:

- CVE-2023-34151: Fixed an undefined behavior issue due to floating
  point truncation (bsc#1211791).
- CVE-2023-34153: Fixed a command injection issue when encoding or
  decoding VIDEO files (bsc#1211792).
</description>
</patchinfo>
openSUSE Build Service is sponsored by