Overview

File _patchinfo of Package patchinfo.9073

<patchinfo incident="9073">
  <issue tracker="bnc" id="1106254">ImageMagick: `-morphology EdgeIn` does not extract edge points</issue>
 <issue id="2018-18024" tracker="cve" />
  <issue id="2018-18016" tracker="cve" />
  <issue id="2018-17966" tracker="cve" />
  <issue id="1111069" tracker="bnc">VUL-1: CVE-2018-18024: GraphicsMagick,ImageMagick: infinite loop in the ReadBMPImage function of the coders/bmp.c file</issue>
  <issue id="1111072" tracker="bnc">VUL-1: CVE-2018-18016: GraphicsMagick,ImageMagick: ImageMagick: memory leak in WritePCXImage in coders/pcx.c</issue>
  <issue id="1110746" tracker="bnc">VUL-1: CVE-2018-17966: ImageMagick: Memory leak vulnerability in WritePDBImage</issue>
  <category>security</category>
  <rating>moderate</rating>
  <packager>pgajdos</packager>
  <description>This update for ImageMagick fixes the following issues:

Security issues fixed:

- CVE-2018-18024: Fixed an infinite loop in the ReadBMPImage function.
  Remote attackers could leverage this vulnerability to cause a denial
  of service via a crafted bmp file. (bsc#1111069)
- CVE-2018-18016: Fixed a memory leak in WritePCXImage (bsc#1111072).
- CVE-2018-17966: Fixed a memory leak in WritePDBImage (bsc#1110746).

Non security issues fixed:

- Fixed -morphology EdgeIn output (bsc#1106254)
</description>
  <summary>Security update for ImageMagick</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places