Overview

File _patchinfo of Package patchinfo.7523

<patchinfo incident="7523">
  <issue id="1067181" tracker="bnc">VUL-0: CVE-2017-16546: ImageMagick:  ReadWPGImage function in coders/wpg.c denial of service</issue>
  <issue id="1058485" tracker="bnc">VUL-1: CVE-2017-14342: ImageMagick:  a memory exhaustion vulnerability in ReadWPGImage in coders/wpg.c could lead to denial of service</issue>
  <issue id="1067409" tracker="bnc">VUL-0: CVE-2017-16669: GraphicsMagick: coders/wpg.c  allows remote attackers to cause a denial of service via crafted file</issue>
  <issue id="1067184" tracker="bnc">VUL-0: CVE-2017-16545: GraphicsMagick: The ReadWPGImage function in coders/wpg.c in  validation problems could lead to denial of service</issue>
  <issue id="1058637" tracker="bnc">VUL-0: CVE-2017-14341: GraphicsMagick,ImageMagick: Infinite loop in the ReadWPGImage function</issue>
  <issue id="1056162" tracker="bnc">VUL-0: CVE-2017-13737: GraphicsMagick: invalid free in the MagickFree function in magick/memory.c (tiff.c)</issue>
  <issue id="1050632" tracker="bnc">VUL-1: CVE-2017-11640: ImageMagick: NULL pointer deref in WritePTIFImage() in coders/tiff.c</issue>
  <issue id="2017-13737" tracker="cve" />
  <issue id="2017-11640" tracker="cve" />
  <issue id="2017-16545" tracker="cve" />
  <issue id="2017-16669" tracker="cve" />
  <issue id="2017-16546" tracker="cve" />
  <issue id="2017-14341" tracker="cve" />
  <issue id="2017-14342" tracker="cve" />
  <category>security</category>
  <rating>important</rating>
  <packager>pgajdos</packager>
  <description>This update for GraphicsMagick fixes the following issues:

Security issues fixed:

- CVE-2017-16546: Fix ReadWPGImage function in coders/wpg.c that could lead to a denial of service (bsc#1067181).
- CVE-2017-14342: Fix a memory exhaustion vulnerability in ReadWPGImage in coders/wpg.c that could lead to a denial of service (bsc#1058485).
- CVE-2017-16669: Fix coders/wpg.c that allows remote attackers to cause a denial of service via crafted files (bsc#1067409).
- CVE-2017-16545: Fix the ReadWPGImage function in coders/wpg.c as a validation problems could lead to a denial of service (bsc#1067184).
- CVE-2017-14341: Fix infinite loop in the ReadWPGImage function (bsc#1058637).
- CVE-2017-13737: Fix invalid free in the MagickFree function in magick/memory.c (tiff.c) (bsc#1056162).
- CVE-2017-11640: Fix NULL pointer deref in WritePTIFImage() in coders/tiff.c (bsc#1050632).
</description>
  <summary>Security update for GraphicsMagick</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places