Overview
Request 788214 accepted
- security update
- added patches
fix CVE-2019-12921 [bsc#1167208], the text filename component potentially allows to read arbitrary files via TranslateTextEx for SVG
+ GraphicsMagick-CVE-2019-12921.patch
fix CVE-2020-10938 [bsc#1167623], integer overflow and resultant heap-based buffer overflow in HuffmanDecodeImage in magick/compress.c
+ GraphicsMagick-CVE-2020-10938.patch
disable indirect reads (CVE-2019-12921) [bsc#1138425]
Request History
pgajdos created request
- security update
- added patches
fix CVE-2019-12921 [bsc#1167208], the text filename component potentially allows to read arbitrary files via TranslateTextEx for SVG
+ GraphicsMagick-CVE-2019-12921.patch
fix CVE-2020-10938 [bsc#1167623], integer overflow and resultant heap-based buffer overflow in HuffmanDecodeImage in magick/compress.c
+ GraphicsMagick-CVE-2020-10938.patch
disable indirect reads (CVE-2019-12921) [bsc#1138425]
factory-auto accepted review
Check script succeeded
maintbot accepted review
ok
licensedigger accepted review
ok
licensedigger approved review
ok
atopt moved maintenance target to openSUSE:Maintenance:12185
atopt accepted request
accepted request 788214:Thanks!
For information about the update, see https://build.opensuse.org/project/maintenance_incidents/openSUSE:Maintenance
home:pgajdos:maintenance:GraphicsMagick/GraphicsMagick.openSUSE_Leap_15.1_Update@aa94e30c28413f89bb68151269074ffa -> openSUSE:Leap:15.1:Update/GraphicsMagick
expected origin is 'openSUSE:Leap:15.0' (changed)