File _patchinfo of Package patchinfo.7574

<patchinfo incident="7574">
  <issue id="1059721" tracker="bnc">VUL-2: CVE-2017-14504: GraphicsMagick: NULL pointer dereference in ReadPNMImage function in coders/pnm.c</issue>
  <issue id="1056550" tracker="bnc">VUL-1: CVE-2017-14042: GraphicsMagick,ImageMagick: A memory allocation failure was discovered in the ReadPNMImage functionin coders/pnm.c in GraphicsMagick 1.3.26. The vulnerability causes abig memory allocation, which may lead to remote</issue>
  <issue id="1072103" tracker="bnc">VUL-0: CVE-2017-17498: GraphicsMagick: WritePNMImage in coders/pnm.c allows remote attackers to cause a DoS</issue>
  <issue id="1063050" tracker="bnc">VUL-1: CVE-2017-15277: GraphicsMagick, ImageMagick: ReadGIFImage in coders/gif.c in leaves the palette uninitialized when processing a GIF, leaking information</issue>
  <issue id="2017-17498" tracker="cve" />
  <issue id="2017-15277" tracker="cve" />
  <issue id="2017-14504" tracker="cve" />
  <issue id="2017-14042" tracker="cve" />
  <category>security</category>
  <rating>moderate</rating>
  <packager>pgajdos</packager>
  <description>This update for GraphicsMagick fixes the following issues:

- CVE-2017-14042: Denial of service through a large memory allocation via specially crafted PNM images (boo#1056550)
- CVE-2017-14504: NULL pointer dereference via specially crafted PNM images (boo#1059721)
- CVE-2017-17498: Denial of service or unspecified other impact through a heap-based buffer overflow via specially crafted PNM images (boo#1072103)
- CVE-2017-15277: Information leak from the application into palette data via specially crafted GIF images (boo#1063050)
</description>
  <summary>Security update for GraphicsMagick</summary>
</patchinfo>