File _patchinfo of Package patchinfo.29152
<patchinfo incident="29152">
<issue tracker="cve" id="2023-34153"/>
<issue tracker="cve" id="2023-34151"/>
<issue tracker="bnc" id="1211791">VUL-0: CVE-2023-34151: ImageMagick,GraphicsMagick: ImageMagick: Undefined behaviors of casting double to size_t in svg, mvg and other coders</issue>
<issue tracker="bnc" id="1211792">VUL-0: CVE-2023-34153: ImageMagick,GraphicsMagick: Shell command injection vulnerability via video:vsync or video:pixel-format options in VIDEO encoding/decoding</issue>
<packager>pgajdos</packager>
<rating>important</rating>
<category>security</category>
<summary>Security update for ImageMagick</summary>
<description>This update for ImageMagick fixes the following issues:
- CVE-2023-34151: Fixed an undefined behavior issue due to floating
point truncation (bsc#1211791).
- CVE-2023-34153: Fixed a command injection issue when encoding or
decoding VIDEO files (bsc#1211792).
</description>
</patchinfo>