Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Maintenance:8039
patchinfo
_patchinfo
Overview
Details
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo
<patchinfo incident="8039"> <issue id="1050623" tracker="bnc">VUL-1: CVE-2017-11641: GraphicsMagick: Memory Leak in the PersistCache in magick/pixel_cache.c</issue> <issue id="1087027" tracker="bnc">VUL-1: CVE-2017-18254: GraphicsMagick, ImageMagick: Memory leak in the function WriteGIFImage in coders/gif.c, which allow attackers to cause a denial of service</issue> <issue id="1087037" tracker="bnc">VUL-1: CVE-2017-18251: GraphicsMagick, ImageMagick: Memory leak in the function ReadPCDImage in coders/pcd.c, which allows attackers to cause a denial of service</issue> <issue id="1080522" tracker="bnc">VUL-1: CVE-2018-6799: GraphicsMagick: Heap overwrite in magick/pixel_cache.c:AcquireCacheNexus() can lead to denial of service</issue> <issue id="1085236" tracker="bnc">VUL-1: CVE-2017-18229: GraphicsMagick,ImageMagick: An issue was discovered in GraphicsMagick 1.3.26. An allocation failurevulnerability was found in the function ReadTIFFImage in coders/tiff.c, whichallows attackers to cause a denial of s</issue> <issue id="1086773" tracker="bnc">VUL-1: CVE-2018-9018: GraphicsMagick: a divide-by-zero in the ReadMNGImage function of coders/png.c could lead to denial of service</issue> <issue id="1055010" tracker="bnc">VUL-1: CVE-2017-13066: GraphicsMagick,ImageMagick: GraphicsMagick 1.3.26 has a memory leak vulnerability in the functionCloneImage in magick/image.c.</issue> <issue id="2017-18229" tracker="cve" /> <issue id="2017-11641" tracker="cve" /> <issue id="2018-6799" tracker="cve" /> <issue id="2017-18254" tracker="cve" /> <issue id="2017-18251" tracker="cve" /> <issue id="2018-9018" tracker="cve" /> <issue id="2017-13066" tracker="cve" /> <issue tracker="bnc" id="1089781" /> <issue id="2018-10177" tracker="cve" /> <category>security</category> <rating>moderate</rating> <packager>pgajdos</packager> <description>This update for GraphicsMagick fixes the following issues: - security update (core) * CVE-2018-6799: The AcquireCacheNexus function in magick/pixel_cache.c in GraphicsMagick before 1.3.28 allows remote attackers to cause a denial of service (heap overwrite) or possibly have unspecified other impact via a crafted image file, because a pixel staging area is not used. [boo#1080522] - security update (png.c) * CVE-2018-9018: In GraphicsMagick 1.3.28, there is a divide-by-zero in the ReadMNGImage function of coders/png.c. Remote attackers could leverage this vulnerability to cause a crash and denial of service via a crafted mng file. [boo#1086773] - security update (gif.c) * CVE-2017-18254: An issue was discovered in ImageMagick 7.0.7. A memory leak vulnerability was found in the function WriteGIFImage in coders/gif.c, which allow remote attackers to cause a denial of service via a crafted file. [boo#1087027] - security update (pcd.c) * CVE-2017-18251: An issue was discovered in ImageMagick 7.0.7. A memory leak vulnerability was found in the function ReadPCDImage in coders/pcd.c, which allow remote attackers to cause a denial of service via a crafted file. [boo#1087037] * CVE-2017-18229: An issue was discovered in GraphicsMagick 1.3.26. An allocation failure vulnerability was found in the function ReadTIFFImage in coders/tiff.c, which allows attackers to cause a denial of service via a crafted file, because file size is not properly used to restrict scanline, strip, and tile allocations. [boo#1085236] * CVE-2017-11641: GraphicsMagick 1.3.26 has a Memory Leak in the PersistCache function in magick/pixel_cache.c during writing of Magick Persistent Cache (MPC) files.[boo#1050623] * CVE-2017-13066: GraphicsMagick 1.3.26 has a memory leak vulnerability in the function CloneImage in magick/image.c. [boo#1055010] * CVE-2018-10177: Specially crafted PNG images may have triggered an infinite loop [bsc#1089781] </description> <summary>Security update for GraphicsMagick</summary> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor