Overview Details

File _patchinfo of Package patchinfo

<patchinfo incident="12214">
  <issue tracker="cve" id="2019-12921"/>
  <issue tracker="cve" id="2020-10938"/>
  <issue tracker="bnc" id="1167623">VUL-1: CVE-2020-10938: GraphicsMagick: integer overflow and resultant heap-based buffer overflow in HuffmanDecodeImage in magick/compress.c</issue>
  <issue tracker="bnc" id="1167208">VUL-1: CVE-2019-12921: GraphicsMagick,ImageMagick: the text filename component potentially allows to read arbitrary files via TranslateTextEx for SVG</issue>
  <packager>pgajdos</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for GraphicsMagick</summary>
  <description>This update for GraphicsMagick fixes the following issues:

- CVE-2019-12921: Fixed an issue where text filename components potentially coulf have 
  allowed reading of arbitrary files via TranslateTextEx (boo#1167208).
- CVE-2020-10938: Fixed an integer overflow and resultant heap-based buffer overflow in 
  HuffmanDecodeImages (boo#1167623).
  
This update was imported from the openSUSE:Leap:15.1:Update update project.</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places