Security update for GraphicsMagick

This update for GraphicsMagick fixes the following issues:

Security issues fixed:

- CVE-2019-11506: Fixed a heap-based buffer overflow in the function WriteMATLABImage (boo#1133498).
- CVE-2019-11505: Fixed a heap-based buffer overflow in the function WritePDBImage (boo#1133501).

The following fixes where modified and refreshed:

- CVE-2019-11008: Fixed a heap-based buffer overflow in the function WriteXWDImage (boo#1132054).
- CVE-2019-11009: Fixed a heap-based buffer over-read in the function ReadXWDImage (boo#1132053).
- CVE-2019-11473: Fixed an out-of-bounds read leading to a possible denial of service in coders/xwd.c (boo#1133203).
- CVE-2019-11474: Fixed a floating-point exception leading to a possible denial of service in coders/xwd.c (boo#1133202).

Fixed bugs
bnc#1133203
VUL-1: CVE-2019-11473: GraphicsMagick: coders/xwd.c in GraphicsMagick 1.3.31 allows attackers to cause a denial of service (out-of-bounds read and application crash) by crafting an XWD image file, a different vulnerability than and .
bnc#1132054
VUL-0: CVE-2019-11008: GraphicsMagick,ImageMagick: a heap-based buffer overflow in the function WriteXWDImage of coders/xwd.c allows remote attackers to cause DOS or other unspecified impact
bnc#1132053
VUL-0: CVE-2019-11009: GraphicsMagick,ImageMagick: a heap-based buffer over-read in the function ReadXWDImage of coders/xwd.c, allows attackers to cause DOS or information disclosure
bnc#1133202
VUL-1: CVE-2019-11474: GraphicsMagick: coders/xwd.c in GraphicsMagick 1.3.31 allows attackers to cause a denial of service (floating-point exception and application crash) by crafting an XWD image file, a different vulnerability than and .
bnc#1133498
VUL-1: CVE-2019-11506: GraphicsMagick: heap-based buffer overflow in the function WriteMATLABImage of coders/mat.c, which allows an attacker to cause a denial of service or possi
bnc#1133501
VUL-1: CVE-2019-11505: GraphicsMagick,ImageMagick: heap-based buffer overflow in the function WritePDBImage of coders/pdb.c, which allows an attacker to cause a denial of service or possibly
Selected Binaries
openSUSE Build Service is sponsored by