Overview

Request 788214 accepted

- security update
- added patches
fix CVE-2019-12921 [bsc#1167208], the text filename component potentially allows to read arbitrary files via TranslateTextEx for SVG
+ GraphicsMagick-CVE-2019-12921.patch
fix CVE-2020-10938 [bsc#1167623], integer overflow and resultant heap-based buffer overflow in HuffmanDecodeImage in magick/compress.c
+ GraphicsMagick-CVE-2020-10938.patch

disable indirect reads (CVE-2019-12921) [bsc#1138425]


Leap Reviewbot's avatar

home:pgajdos:maintenance:GraphicsMagick/GraphicsMagick.openSUSE_Leap_15.1_Update@aa94e30c28413f89bb68151269074ffa -> openSUSE:Leap:15.1:Update/GraphicsMagick

expected origin is 'openSUSE:Leap:15.0' (changed)

Request History
Petr Gajdos's avatar

pgajdos created request

- security update
- added patches
fix CVE-2019-12921 [bsc#1167208], the text filename component potentially allows to read arbitrary files via TranslateTextEx for SVG
+ GraphicsMagick-CVE-2019-12921.patch
fix CVE-2020-10938 [bsc#1167623], integer overflow and resultant heap-based buffer overflow in HuffmanDecodeImage in magick/compress.c
+ GraphicsMagick-CVE-2020-10938.patch

disable indirect reads (CVE-2019-12921) [bsc#1138425]


Factory Auto's avatar

factory-auto accepted review

Check script succeeded


Maintenance Bot's avatar

maintbot accepted review

ok


Saul Goodman's avatar

licensedigger accepted review

ok


Saul Goodman's avatar

licensedigger approved review

ok


Alexandros Toptsoglou's avatar

atopt moved maintenance target to openSUSE:Maintenance:12185


Alexandros Toptsoglou's avatar

atopt accepted request

accepted request 788214:Thanks!

For information about the update, see https://build.opensuse.org/project/maintenance_incidents/openSUSE:Maintenance

openSUSE Build Service is sponsored by