Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Maintenance:5975
patchinfo
_patchinfo
Overview
Details
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo
<patchinfo incident="5975"> <issue id="1007245" tracker="bnc">VUL-0: CVE-2016-8862: GraphicsMagick, ImageMagick: Memory allocation failure in AcquireMagickMemory</issue> <issue id="1011130" tracker="bnc">VUL-0: CVE-2016-9556: ImageMagick, GraphicsMagick: heap-based buffer overflow in IsPixelGray (pixel-accessor.h)</issue> <issue id="984145" tracker="bnc">VUL-0: CVE-2014-9835: GraphicsMagick,ImageMagick: heap overflow in wpf file</issue> <issue id="984375" tracker="bnc">VUL-0: CVE-2014-9831: GraphicsMagick,ImageMagick: handling of corrupted wpg file</issue> <issue id="984372" tracker="bnc">VUL-0: CVE-2014-9815: GraphicsMagick,ImageMagick: crash on corrupted wpg file</issue> <issue id="983752" tracker="bnc">VUL-0: CVE-2014-9805: ImageMagick,GraphicsMagick: Avoid a SEGV due to a corrupted pnm file.</issue> <issue id="1000711" tracker="bnc">VUL-0: CVE-2016-7537: ImageMagick: Out of bound access for corrupted pdb file</issue> <issue id="982178" tracker="bnc">VUL-0: CVE-2016-5118: ImageMagick, GraphicsMagick: popen() shell vulnerability via filename</issue> <issue id="984166" tracker="bnc">VUL-0: CVE-2014-9837: GraphicsMagick,ImageMagick: additional PNM sanity checks</issue> <issue id="984436" tracker="bnc">VUL-0: CVE-2014-9834: ImageMagick,GraphicsMagick: heap overflow in pict file</issue> <issue id="983521" tracker="bnc">VUL-1: CVE-2014-9846: GraphicsMagick, ImageMagick: Added checks to prevent overflow in rle file.</issue> <issue id="983794" tracker="bnc">VUL-0: CVE-2014-9807: ImageMagick, GraphicsMagick: Fix a double free in pdb coder.</issue> <issue id="1001066" tracker="bnc">VUL-0: CVE-2016-6823: ImageMagick,GraphicsMagick: BMP Coder Out-Of-Bounds Write Vulnerability</issue> <issue id="983799" tracker="bnc">VUL-0: CVE-2014-9809: GraphicsMagick,ImageMagick: Fix a SEGV due to corrupted xwd images.</issue> <issue id="984394" tracker="bnc">VUL-0: CVE-2014-9845: GraphicsMagick,ImageMagick: crash due to corrupted dib file</issue> <issue id="1002206" tracker="bnc">VUL-0: ImageMagick: Divide by zero in WriteTIFFImage</issue> <issue id="1000399" tracker="bnc">VUL-0: CVE-2016-7529: ImageMagick: out of bound in quantum handling</issue> <issue id="1001221" tracker="bnc">VUL-0: CVE-2016-7101: ImageMagick,GraphicsMagick: SGI Coder Out-Of-Bounds Read Vulnerability</issue> <issue id="1003629" tracker="bnc">VUL-0: CVE-2016-7996, CVE-2016-7997: GraphicsMagick: WPG Reader Issues</issue> <issue id="1000434" tracker="bnc">VUL-0: CVE-2016-7528: ImageMagick: out of bound access in xcf file coder</issue> <issue id="1005127" tracker="bnc">VUL-0: CVE-2016-8683: GraphicsMagick: Check that filesize is reasonable compared to the header value</issue> <issue id="1005125" tracker="bnc">VUL-0: CVE-2016-8682: GraphicsMagick: Stack-buffer read overflow while reading SCT header</issue> <issue id="1005123" tracker="bnc">VUL-0: CVE-2016-8684: GraphicsMagick: Mismatch between real filesize and header values</issue> <issue id="1002209" tracker="bnc">VUL-0: ImageMagick: Buffer overflows in SIXEL, PDB, MAP, and TIFF coders</issue> <issue id="984150" tracker="bnc">VUL-0: CVE-2014-9820: GraphicsMagick,ImageMagick: heap overflow in xpm files</issue> <issue id="1000704" tracker="bnc">VUL-0: CVE-2016-7531: ImageMagick: Pbd file out of bound access</issue> <issue id="1000707" tracker="bnc">VUL-0: CVE-2016-7533: ImageMagick: Wpg file out of bound for corrupted file</issue> <issue id="1000689" tracker="bnc">VUL-0: CVE-2016-7515: ImageMagick: Rle file handling for corrupted file</issue> <issue id="984400" tracker="bnc">VUL-0: CVE-2014-9817: GraphicsMagick,ImageMagick: heap buffer overflow in pdb file handling</issue> <issue id="1002422" tracker="bnc">VUL-0: CVE-2016-7800: ImageMagick, GraphicsMagick: 8BIM/8BIMW unsigned underflow leads to heap overflow</issue> <issue id="1000698" tracker="bnc">VUL-0: CVE-2016-7522: ImageMagick: Out of bound access for malformed psd file</issue> <issue id="2016-7531" tracker="cve" /> <issue id="2016-7533" tracker="cve" /> <issue id="2014-9820" tracker="cve" /> <issue id="2016-7537" tracker="cve" /> <issue id="2014-9817" tracker="cve" /> <issue id="2014-9815" tracker="cve" /> <issue id="2016-7515" tracker="cve" /> <issue id="2014-9835" tracker="cve" /> <issue id="2014-9834" tracker="cve" /> <issue id="2014-9837" tracker="cve" /> <issue id="2014-9831" tracker="cve" /> <issue id="2016-7800" tracker="cve" /> <issue id="2016-6823" tracker="cve" /> <issue id="2014-9853" tracker="cve" /> <issue id="2016-7101" tracker="cve" /> <issue id="2016-7997" tracker="cve" /> <issue id="2016-9556" tracker="cve" /> <issue id="2014-9809" tracker="cve" /> <issue id="2016-7529" tracker="cve" /> <issue id="2016-7528" tracker="cve" /> <issue id="2016-7996" tracker="cve" /> <issue id="2014-9805" tracker="cve" /> <issue id="2014-9807" tracker="cve" /> <issue id="2016-7522" tracker="cve" /> <issue id="2016-5118" tracker="cve" /> <issue id="2014-9845" tracker="cve" /> <issue id="2014-9846" tracker="cve" /> <issue id="2016-8684" tracker="cve" /> <issue id="2016-8683" tracker="cve" /> <issue id="2016-8682" tracker="cve" /> <issue id="2016-8862" tracker="cve" /> <category>security</category> <rating>important</rating> <packager>pgajdos</packager> <description> This update for GraphicsMagick fixes the following issues: - a possible shell execution attack was fixed. if the first character of an input filename for 'convert' was a '|' then the remainder of the filename was passed to the shell (CVE-2016-5118, boo#982178) - Maliciously crafted pnm files could crash GraphicsMagick (CVE-2014-9805, [boo#983752]) - Prevent overflow in rle files (CVE-2014-9846, boo#983521) - Fix a double free in pdb coder (CVE-2014-9807, boo#983794) - Fix a possible crash due to corrupted xwd images (CVE-2014-9809, boo#983799) - Fix a possible crash due to corrupted wpg images (CVE-2014-9815, boo#984372) - Fix a heap buffer overflow in pdb file handling (CVE-2014-9817, boo#984400) - Fix a heap overflow in xpm files (CVE-2014-9820, boo#984150) - Fix a heap overflow in pict files (CVE-2014-9834, boo#984436) - Fix a heap overflow in wpf files (CVE-2014-9835, CVE-2014-9831, boo#984145, boo#984375) - Additional PNM sanity checks (CVE-2014-9837, boo#984166) - Fix a possible crash due to corrupted dib file (CVE-2014-9845, boo#984394) - Fix out of bound in quantum handling (CVE-2016-7529, boo#1000399) - Fix out of bound access in xcf file coder (CVE-2016-7528, boo#1000434) - Fix handling of corrupted lle files (CVE-2016-7515, boo#1000689) - Fix out of bound access for malformed psd file (CVE-2016-7522, boo#1000698) - Fix out of bound access for pbd files (CVE-2016-7531, boo#1000704) - Fix out of bound access in corrupted wpg files (CVE-2016-7533, boo#1000707) - Fix out of bound access in corrupted pdb files (CVE-2016-7537, boo#1000711) - BMP Coder Out-Of-Bounds Write Vulnerability (CVE-2016-6823, boo#1001066) - SGI Coder Out-Of-Bounds Read Vulnerability (CVE-2016-7101, boo#1001221) - Divide by zero in WriteTIFFImage (do not divide by zero in WriteTIFFImage, boo#1002206) - Buffer overflows in SIXEL, PDB, MAP, and TIFF coders (fix buffer overflow, boo#1002209) - 8BIM/8BIMW unsigned underflow leads to heap overflow (CVE-2016-7800, boo#1002422) - wpg reader issues (CVE-2016-7996, CVE-2016-7997, boo#1003629) - Mismatch between real filesize and header values (CVE-2016-8684, boo#1005123) - Stack-buffer read overflow while reading SCT header (CVE-2016-8682, boo#1005125) - Check that filesize is reasonable compared to the header value (CVE-2016-8683, boo#1005127) - Memory allocation failure in AcquireMagickMemory (CVE-2016-8862, boo#1007245) - heap-based buffer overflow in IsPixelGray (CVE-2016-9556, boo#1011130) </description> <summary>Security update for GraphicsMagick</summary> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor