Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP1:GA
patchinfo.7537
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.7537
<patchinfo incident="7537"> <issue tracker="bnc" id="1087820">VUL-1: CVE-2018-9133: ImageMagick: ImageMagick 7.0.7-26 Q16 has excessive iteration in the DecodeLabImage andEncodeLabImage functions (coders/tiff.c), which results in a hang (tens ofminutes) with a tiny PoC file. Remote at</issue> <issue id="1094237" tracker="bnc">VUL-0: CVE-2018-11251: GraphicsMagick,ImageMagick: Heap-based buffer over-read in ReadSUNImage in coders/sun.c, which allows attackers to cause denial of service</issue> <issue id="1094204" tracker="bnc">VUL-1: CVE-2017-18271: GraphicsMagick, ImageMagick: Infinite loop in the function ReadMIFFImage in coders/miff.c, which allows attackers to cause a denial of service</issue> <issue id="1047356" tracker="bnc">VUL-1: CVE-2017-10928: ImageMagick: heap-based buffer over-read in the GetNextTokenfunction in token.c</issue> <issue id="1056277" tracker="bnc">VUL-0: CVE-2017-13758: GraphicsMagick: In ImageMagick 7.0.6-10, there is a heap-based buffer overflow in theTracePoint() function in MagickCore/draw.c.</issue> <issue id="1095730" tracker="bnc"></issue> <issue id="1095813" tracker="bnc"></issue> <issue id="1095812" tracker="bnc"></issue> <issue id="2017-10928" tracker="cve" /> <issue id="2017-13758" tracker="cve" /> <issue id="2018-11251" tracker="cve" /> <issue id="2017-18271" tracker="cve" /> <issue id="2018-11655" tracker="cve" /> <issue id="2018-10804" tracker="cve" /> <issue id="2018-10805" tracker="cve" /> <issue tracker="cve" id="2018-9133"/> <category>security</category> <rating>moderate</rating> <packager>pgajdos</packager> <description>This update for ImageMagick fixes the following issues: These security issues were fixed: - CVE-2017-13758: Prevent heap-based buffer overflow in the TracePoint() function (bsc#1056277). - CVE-2017-10928: Prevent heap-based buffer over-read in the GetNextToken function that allowed remote attackers to obtain sensitive information from process memory or possibly have unspecified other impact via a crafted SVG document (bsc#1047356). - CVE-2018-9133: Long compute times in the tiff decoder have been fixed (bsc#1087820). - CVE-2018-11251: Heap-based buffer over-read in ReadSUNImage in coders/sun.c, which allows attackers to cause denial of service (bsc#1094237). - CVE-2017-18271: Infinite loop in the function ReadMIFFImage in coders/miff.c, which allows attackers to cause a denial of service (bsc#1094204). - CVE-2018-11655: Memory leak in the GetImagePixelCache in MagickCore/cache.c was fixed (bsc#1095730) - CVE-2018-10804: Memory leak in WriteTIFFImage in coders/tiff.c was fixed (bsc#1095813) - CVE-2018-10805: Fixed memory leaks in bgr.c, rgb.c, cmyk.c, gray.c, ycbcr.c (bsc#1095812) </description> <summary>Security update for ImageMagick</summary> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor
