Overview

File _patchinfo of Package patchinfo.10144

<patchinfo incident="10144">
  <issue tracker="bnc" id="1133203">VUL-1: CVE-2019-11473: GraphicsMagick: coders/xwd.c in GraphicsMagick 1.3.31 allows attackers to cause a denial of service (out-of-bounds read and application crash) by crafting an XWD image file, a different vulnerability than  and .</issue>
  <issue tracker="bnc" id="1132054">VUL-0: CVE-2019-11008: GraphicsMagick,ImageMagick: a heap-based buffer overflow in the function WriteXWDImage of coders/xwd.c allows remote attackers to cause DOS or other unspecified impact</issue>
  <issue tracker="bnc" id="1132053">VUL-0: CVE-2019-11009: GraphicsMagick,ImageMagick: a heap-based buffer over-read in the function ReadXWDImage of coders/xwd.c, allows attackers to cause DOS or information disclosure</issue>
  <issue tracker="bnc" id="1133202">VUL-1: CVE-2019-11474: GraphicsMagick: coders/xwd.c in GraphicsMagick 1.3.31 allows attackers to cause a denial of service (floating-point exception and application crash) by crafting an XWD image file, a different vulnerability than  and .</issue>
  <issue tracker="bnc" id="1133498">VUL-1: CVE-2019-11506: GraphicsMagick: heap-based buffer overflow in the function WriteMATLABImage of coders/mat.c, which allows an attacker to cause a denial of service or possi</issue>
  <issue tracker="bnc" id="1133501">VUL-1: CVE-2019-11505: GraphicsMagick,ImageMagick: heap-based buffer overflow in the function WritePDBImage of coders/pdb.c, which allows an attacker to cause a denial of service or possibly</issue>
  <issue tracker="cve" id="2019-11009"/>
  <issue tracker="cve" id="2019-11008"/>
  <issue tracker="cve" id="2019-11506"/>
  <issue tracker="cve" id="2019-11505"/>
  <issue tracker="cve" id="2019-11473"/>
  <issue tracker="cve" id="2019-11474"/>
  <category>security</category>
  <rating>moderate</rating>
  <packager>pgajdos</packager>
  <description>This update for GraphicsMagick fixes the following issues:

Security issues fixed:                                                                                                                                                   
                                                                                                                                                                         
- CVE-2019-11506: Fixed a heap-based buffer overflow in the function WriteMATLABImage (boo#1133498).                                                                     
- CVE-2019-11505: Fixed a heap-based buffer overflow in the function WritePDBImage (boo#1133501).                                                                        
                                                                                                                                                                         
The following fixes where modified and refreshed:                                                                                                                        
                                                                                                                                                                         
- CVE-2019-11008: Fixed a heap-based buffer overflow in the function WriteXWDImage (boo#1132054).                                                                        
- CVE-2019-11009: Fixed a heap-based buffer over-read in the function ReadXWDImage (boo#1132053).                                                                        
- CVE-2019-11473: Fixed an out-of-bounds read leading to a possible denial of service in coders/xwd.c (boo#1133203).                                                     
- CVE-2019-11474: Fixed a floating-point exception leading to a possible denial of service in coders/xwd.c (boo#1133202).                                                
</description>
  <summary>Security update for GraphicsMagick</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places