Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12:Update
patchinfo.5842
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.5842
<patchinfo incident="5842"> <issue id="1054924" tracker="bnc">L3: libMagickCore-6_Q16-1 seems broken since 6.8.8.1-47.1</issue> <issue id="1061873" tracker="bnc">VUL-0: CVE-2017-15033: GraphicsMagick,ImageMagick: denial of service (memory leak) in ReadYUVImage in coders/yuv.c</issue> <issue id="1049379" tracker="bnc">VUL-0: CVE-2017-11446: ImageMagick: The ReadPESImage function in coders\pes.c in ImageMagick 7.0.6-1 infinite loop vulnerability</issue> <issue id="1050135" tracker="bnc">VUL-1: CVE-2017-11534: GraphicsMagick, ImageMagick: Memory Leak in the lite_font_map() in coders/wmf.c</issue> <issue id="1052249" tracker="bnc">VUL-2: CVE-2017-12428: GraphicsMagick, ImageMagick: Memory leak in ReadWMFImage in coders/wmf.c, which allows attackers to cause DoS</issue> <issue id="1052253" tracker="bnc">VUL-2: CVE-2017-12431: GraphicsMagick, ImageMagick: Use-after-free in ReadWMFImage in coders/wmf.c, which allows attackers to cause DoS</issue> <issue id="1052545" tracker="bnc">VUL-2: CVE-2017-12433: ImageMagick: Memory leak in ReadPESImage in coders/pes.c, which allows attackers to cause DoS</issue> <issue id="1055219" tracker="bnc">VUL-1: CVE-2017-13133: ImageMagick: In ImageMagick 7.0.6-8, the load_level function in coders/xcf.c lacksoffset validation, which allows attackers to cause a denial of service(load_tile memory exhaustion) via a crafted file</issue> <issue id="1055430" tracker="bnc">VUL-0: CVE-2017-13139: GraphicsMagick,ImageMagick: In ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1, theReadOneMNGImage function in coders/png.c has an out-of-bounds read withthe MNG CLIP chunk.</issue> <issue id="2016-7530" tracker="cve" /> <issue id="2017-11446" tracker="cve" /> <issue id="2017-11534" tracker="cve" /> <issue id="2017-12428" tracker="cve" /> <issue id="2017-12431" tracker="cve" /> <issue id="2017-12433" tracker="cve" /> <issue id="2017-13133" tracker="cve" /> <issue id="2017-13139" tracker="cve" /> <issue id="2017-15033" tracker="cve" /> <category>security</category> <rating>moderate</rating> <packager>pgajdos</packager> <description> This update for ImageMagick fixes the following issues: Security issues fixed: * CVE-2017-15033: A denial of service attack (memory leak) was fixed in ReadYUVImage in coders/yuv.c [bsc#1061873] * CVE-2017-11446: An infinite loop in ReadPESImage was fixed. (bsc#1049379) * CVE-2017-12433: A memory leak in ReadPESImage in coders/pes.c was fixed. (bsc#1052545) * CVE-2017-12428: A memory leak in ReadWMFImage in coders/wmf.c was fixed. (bsc#1052249) * CVE-2017-12431: A use-after-free in ReadWMFImage was fixed. (bsc#1052253) * CVE-2017-11534: A memory leak in the lite_font_map() in coders/wmf.c was fixed. (bsc#1050135) * CVE-2017-13133: A memory exhaustion in load_level function in coders/xcf.c was fixed. (bsc#1055219) * CVE-2017-13139: A out-of-bounds read in the ReadOneMNGImage was fixed. (bsc#1055430) This update also reverts an incorrect fix for CVE-2016-7530 [bsc#1054924]. </description> <summary>Security update for ImageMagick</summary> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor