Описание
Security update for GraphicsMagick
This update for GraphicsMagick fixes the following issues:
- a possible shell execution attack was fixed. if the first character of an input filename for 'convert' was a '|' then the remainder of the filename was passed to the shell (CVE-2016-5118, boo#982178)
- Maliciously crafted pnm files could crash GraphicsMagick (CVE-2014-9805, [boo#983752])
- Prevent overflow in rle files (CVE-2014-9846, boo#983521)
- Fix a double free in pdb coder (CVE-2014-9807, boo#983794)
- Fix a possible crash due to corrupted xwd images (CVE-2014-9809, boo#983799)
- Fix a possible crash due to corrupted wpg images (CVE-2014-9815, boo#984372)
- Fix a heap buffer overflow in pdb file handling (CVE-2014-9817, boo#984400)
- Fix a heap overflow in xpm files (CVE-2014-9820, boo#984150)
- Fix a heap overflow in pict files (CVE-2014-9834, boo#984436)
- Fix a heap overflow in wpf files (CVE-2014-9835, CVE-2014-9831, boo#984145, boo#984375)
- Additional PNM sanity checks (CVE-2014-9837, boo#984166)
- Fix a possible crash due to corrupted dib file (CVE-2014-9845, boo#984394)
- Fix out of bound in quantum handling (CVE-2016-7529, boo#1000399)
- Fix out of bound access in xcf file coder (CVE-2016-7528, boo#1000434)
- Fix handling of corrupted lle files (CVE-2016-7515, boo#1000689)
- Fix out of bound access for malformed psd file (CVE-2016-7522, boo#1000698)
- Fix out of bound access for pbd files (CVE-2016-7531, boo#1000704)
- Fix out of bound access in corrupted wpg files (CVE-2016-7533, boo#1000707)
- Fix out of bound access in corrupted pdb files (CVE-2016-7537, boo#1000711)
- BMP Coder Out-Of-Bounds Write Vulnerability (CVE-2016-6823, boo#1001066)
- SGI Coder Out-Of-Bounds Read Vulnerability (CVE-2016-7101, boo#1001221)
- Divide by zero in WriteTIFFImage (do not divide by zero in WriteTIFFImage, boo#1002206)
- Buffer overflows in SIXEL, PDB, MAP, and TIFF coders (fix buffer overflow, boo#1002209)
- 8BIM/8BIMW unsigned underflow leads to heap overflow (CVE-2016-7800, boo#1002422)
- wpg reader issues (CVE-2016-7996, CVE-2016-7997, boo#1003629)
- Mismatch between real filesize and header values (CVE-2016-8684, boo#1005123)
- Stack-buffer read overflow while reading SCT header (CVE-2016-8682, boo#1005125)
- Check that filesize is reasonable compared to the header value (CVE-2016-8683, boo#1005127)
- Memory allocation failure in AcquireMagickMemory (CVE-2016-8862, boo#1007245)
- heap-based buffer overflow in IsPixelGray (CVE-2016-9556, boo#1011130)
Список пакетов
openSUSE Leap 42.2
Ссылки
- E-Mail link for openSUSE-SU-2016:3060-1
- SUSE Security Ratings
Описание
ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted pnm file.
Затронутые продукты
Ссылки
- CVE-2014-9805
- SUSE Bug 982969
- SUSE Bug 983752
Описание
The pdb coder in ImageMagick allows remote attackers to cause a denial of service (double free) via unspecified vectors.
Затронутые продукты
Ссылки
- CVE-2014-9807
- SUSE Bug 982969
- SUSE Bug 983794
Описание
ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted xwd image.
Затронутые продукты
Ссылки
- CVE-2014-9809
- SUSE Bug 982969
- SUSE Bug 983799
Описание
ImageMagick allows remote attackers to cause a denial of service (application crash) via a crafted wpg file.
Затронутые продукты
Ссылки
- CVE-2014-9815
- SUSE Bug 982969
- SUSE Bug 984372
Описание
Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted pdb file.
Затронутые продукты
Ссылки
- CVE-2014-9817
- SUSE Bug 982969
- SUSE Bug 984400
Описание
Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted pnm file.
Затронутые продукты
Ссылки
- CVE-2014-9820
- SUSE Bug 982969
- SUSE Bug 984150
Описание
coders/wpg.c in ImageMagick allows remote attackers to have unspecified impact via a corrupted wpg file.
Затронутые продукты
Ссылки
- CVE-2014-9831
- SUSE Bug 982969
- SUSE Bug 984375
Описание
Heap overflow in ImageMagick 6.8.9-9 via a crafted pict file.
Затронутые продукты
Ссылки
- CVE-2014-9834
- SUSE Bug 982969
- SUSE Bug 984436
Описание
Heap overflow in ImageMagick 6.8.9-9 via a crafted wpf file.
Затронутые продукты
Ссылки
- CVE-2014-9835
- SUSE Bug 982969
- SUSE Bug 984145
- SUSE Bug 984375
Описание
coders/pnm.c in ImageMagick 6.9.0-1 Beta and earlier allows remote attackers to cause a denial of service (crash) via a crafted png file.
Затронутые продукты
Ссылки
- CVE-2014-9837
- SUSE Bug 982969
- SUSE Bug 984166
Описание
The ReadDIBImage function in coders/dib.c in ImageMagick allows remote attackers to cause a denial of service (crash) via a corrupted dib file.
Затронутые продукты
Ссылки
- CVE-2014-9845
- SUSE Bug 982969
- SUSE Bug 984394
Описание
Buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact.
Затронутые продукты
Ссылки
- CVE-2014-9846
- SUSE Bug 982969
- SUSE Bug 983521
- SUSE Bug 984408
Описание
Memory leak in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (memory consumption) via a crafted rle file.
Затронутые продукты
Ссылки
- CVE-2014-9853
- SUSE Bug 982969
- SUSE Bug 984408
Описание
The OpenBlob function in blob.c in GraphicsMagick before 1.3.24 and ImageMagick allows remote attackers to execute arbitrary code via a | (pipe) character at the start of a filename.
Затронутые продукты
Ссылки
- CVE-2016-5118
- SUSE Bug 982178
Описание
Integer overflow in the BMP coder in ImageMagick before 7.0.2-10 allows remote attackers to cause a denial of service (crash) via crafted height and width values, which triggers an out-of-bounds write.
Затронутые продукты
Ссылки
- CVE-2016-6823
- SUSE Bug 1001066
- SUSE Bug 1002207
Описание
The SGI coder in ImageMagick before 7.0.2-10 allows remote attackers to cause a denial of service (out-of-bounds read) via a large row value in an sgi file.
Затронутые продукты
Ссылки
- CVE-2016-7101
- SUSE Bug 1001221
- SUSE Bug 1002207
Описание
The ReadRLEImage function in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via vectors related to the number of pixels.
Затронутые продукты
Ссылки
- CVE-2016-7515
- SUSE Bug 1000689
- SUSE Bug 1000695
Описание
The ReadPSDImage function in MagickCore/locale.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PSD file.
Затронутые продукты
Ссылки
- CVE-2016-7522
- SUSE Bug 1000698
Описание
The ReadVIFFImage function in coders/viff.c in ImageMagick allows remote attackers to cause a denial of service (segmentation fault) via a crafted VIFF file.
Затронутые продукты
Ссылки
- CVE-2016-7528
- SUSE Bug 1000434
Описание
coders/xcf.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted XCF file.
Затронутые продукты
Ссылки
- CVE-2016-7529
- SUSE Bug 1000399
- SUSE Bug 1000434
- SUSE Bug 1000703
- SUSE Bug 1054924
Описание
MagickCore/memory.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted PDB file.
Затронутые продукты
Ссылки
- CVE-2016-7531
- SUSE Bug 1000704
Описание
The ReadWPGImage function in coders/wpg.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted WPG file.
Затронутые продукты
Ссылки
- CVE-2016-7533
- SUSE Bug 1000707
Описание
MagickCore/memory.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted PDB file.
Затронутые продукты
Ссылки
- CVE-2016-7537
- SUSE Bug 1000711
Описание
Integer underflow in the parse8BIM function in coders/meta.c in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service (application crash) via a crafted 8BIM chunk, which triggers a heap-based buffer overflow.
Затронутые продукты
Ссылки
- CVE-2016-7800
- SUSE Bug 1002422
Описание
Heap-based buffer overflow in the WPG format reader in GraphicsMagick 1.3.25 and earlier allows remote attackers to have unspecified impact via a colormap with a large number of entries.
Затронутые продукты
Ссылки
- CVE-2016-7996
- SUSE Bug 1003629
- SUSE Bug 1067184
Описание
The WPG format reader in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service (assertion failure and crash) via vectors related to a ReferenceBlob and a NULL pointer.
Затронутые продукты
Ссылки
- CVE-2016-7997
- SUSE Bug 1003629
Описание
The ReadSCTImage function in coders/sct.c in GraphicsMagick 1.3.25 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted SCT header.
Затронутые продукты
Ссылки
- CVE-2016-8682
- SUSE Bug 1005125
Описание
The ReadPCXImage function in coders/pcx.c in GraphicsMagick 1.3.25 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure and a "file truncation error for corrupt file."
Затронутые продукты
Ссылки
- CVE-2016-8683
- SUSE Bug 1005127
Описание
The MagickMalloc function in magick/memory.c in GraphicsMagick 1.3.25 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure and a "file truncation error for corrupt file."
Затронутые продукты
Ссылки
- CVE-2016-8684
- SUSE Bug 1005123
Описание
The AcquireMagickMemory function in MagickCore/memory.c in ImageMagick before 7.0.3.3 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure.
Затронутые продукты
Ссылки
- CVE-2016-8862
- SUSE Bug 1007245
- SUSE Bug 1009318
- SUSE Bug 1031267
Описание
The IsPixelGray function in MagickCore/pixel-accessor.h in ImageMagick 7.0.3-8 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted image file.
Затронутые продукты
Ссылки
- CVE-2016-9556
- SUSE Bug 1011130
- SUSE Bug 1013376