Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Maintenance:7687
patchinfo
_patchinfo
Overview
Details
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo
<patchinfo incident="7687"> <issue id="1054600" tracker="bnc">VUL-1: CVE-2017-12935: GraphicsMagick: The ReadMNGImage function in coders/png.c in GraphicsMagick 1.3.26 mishandleslarge MNG images, leading to an invalid memory read in the SetImageColorCallBackfunction in magick/image.c.</issue> <issue id="1055455" tracker="bnc">VUL-1: CVE-2017-13142: GraphicsMagick,ImageMagick: In ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1, a crafted PNGfile could trigger a crash because there was an insufficient check forshort files.</issue> <issue id="1062752" tracker="bnc">VUL-0: CVE-2017-15218: GraphicsMagick,ImageMagick: memory leak in ReadOneJNGImage in coders/png.c</issue> <issue id="1055374" tracker="bnc">VUL-1: CVE-2017-13147: GraphicsMagick: Allocation failure in ReadMNGImage function in coders/png.c</issue> <issue id="1057000" tracker="bnc">VUL-0: CVE-2017-14103: GraphicsMagick: The ReadJNGImage and ReadOneJNGImage functions in coders/png.c inGraphicsMagick 1.3.26 do not properly manage image pointers aftercertain error conditions, which allows remote attackers to conductus</issue> <issue id="1052717" tracker="bnc">VUL-1: CVE-2017-12673: GraphicsMagick, ImageMagick: Memory leak in ReadOneMNGImage in coders/png.c, which allows attackers to cause DoS</issue> <issue id="1043354" tracker="bnc">VUL-1: CVE-2017-9261: GraphicsMagick, ImageMagick: Memory leak in the ReadMNGImage function</issue> <issue id="1043353" tracker="bnc">VUL-0: CVE-2017-9262: GraphicsMagick,ImageMagick: Memory leak in the ReadJNGImage function</issue> <issue id="1052708" tracker="bnc">VUL-1: CVE-2017-12676: GraphicsMagick, ImageMagick: Memory leak in ReadOneJNGImage in coders/png.c, which allows attackers to cause DoS</issue> <issue id="1052777" tracker="bnc">VUL-1: CVE-2017-12641: GraphicsMagick, ImageMagick: Memory leak in ReadOneJNGImage in coders\png.c</issue> <issue id="1051442" tracker="bnc">VUL-2: CVE-2017-11750: ImageMagick: ReadOneJNGImage in coders/png.c allows to cause DoS</issue> <issue id="2017-12935" tracker="cve" /> <issue id="2017-15218" tracker="cve" /> <issue id="2017-12673" tracker="cve" /> <issue id="2017-13142" tracker="cve" /> <issue id="2017-9261" tracker="cve" /> <issue id="2017-12676" tracker="cve" /> <issue id="2017-9262" tracker="cve" /> <issue id="2017-14103" tracker="cve" /> <issue id="2017-12641" tracker="cve" /> <issue id="2017-13147" tracker="cve" /> <issue id="2017-11750" tracker="cve" /> <category>security</category> <rating>moderate</rating> <packager>pgajdos</packager> <description>This update for GraphicsMagick fixes several issues. These security issues were fixed: - CVE-2017-9262: The ReadJNGImage function in coders/png.c allowed attackers to cause a denial of service (memory leak) via a crafted file (bsc#1043353) - CVE-2017-9261: The ReadMNGImage function in coders/png.c allowed attackers to cause a denial of service (memory leak) via a crafted file (bsc#1043354) - CVE-2017-11750: The ReadOneJNGImage function in coders/png.c allowed remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file (bsc#1051442) - CVE-2017-12676: Prevent memory leak in the function ReadOneJNGImage in coders/png.c, which allowed attackers to cause a denial of service (bsc#1052708) - CVE-2017-12673: Prevent memory leak in the function ReadOneMNGImage in coders/png.c, which allowed attackers to cause a denial of service (bsc#1052717) - CVE-2017-12641: Prevent a memory leak vulnerability in ReadOneJNGImage in coders\png.c (bsc#1052777) - CVE-2017-12935: The ReadMNGImage function in coders/png.c mishandled large MNG images, leading to an invalid memory read in the SetImageColorCallBack function in magick/image.c (bsc#1054600) - CVE-2017-13147: Prevent allocation failure in the function ReadMNGImage in coders/png.c when a small MNG file has a MEND chunk with a large length value (bsc#1055374) - CVE-2017-13142: Added additional checks for short files to prevent a crafted PNG file from triggering a crash (bsc#1055455) - CVE-2017-14103: The ReadJNGImage and ReadOneJNGImage functions in coders/png.c did not properly manage image pointers after certain error conditions, which allowed remote attackers to conduct use-after-free attacks via a crafted file, related to a ReadMNGImage out-of-order CloseBlob call (bsc#1057000) - CVE-2017-15218: Prevent memory leak in ReadOneJNGImage in coders/png.c (bsc#1062752) </description> <summary>Security update for GraphicsMagick</summary> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor