Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

openSUSE-SU-2017:3270-1

Опубликовано: 12 дек. 2017
Источник: suse-cvrf

Описание

Security update for GraphicsMagick

This update for GraphicsMagick fixes the following issues:

* CVE-2017-12140: ReadDCMImage in coders\dcm.c has a ninteger signedness error leading to excessive memory consumption (bnc#1051847) * CVE-2017-14994: NULL pointer in ReadDCMImage in coders/dcm.c could lead to denial of service (bnc#1061587) * CVE-2017-12662: Memory leak in WritePDFImage in coders/pdf.c could lead to denial of service (bnc#1052758) * CVE-2017-14733: Heap overflow on ReadRLEImage in coders/rle.c could lead to denial of service (bnc#1060577) * CVE-2017-12644: Memory leak in ReadDCMImage in coders\dcm.c could lead to denial of service (bnc#1052764) * CVE-2017-10799: denial of service (OOM) can occur inReadDPXImage() (bnc#1047054)

Список пакетов

openSUSE Leap 42.2
GraphicsMagick-1.3.25-47.1
GraphicsMagick-devel-1.3.25-47.1
libGraphicsMagick++-Q16-12-1.3.25-47.1
libGraphicsMagick++-devel-1.3.25-47.1
libGraphicsMagick-Q16-3-1.3.25-47.1
libGraphicsMagick3-config-1.3.25-47.1
libGraphicsMagickWand-Q16-2-1.3.25-47.1
perl-GraphicsMagick-1.3.25-47.1
openSUSE Leap 42.3
GraphicsMagick-1.3.25-47.1
GraphicsMagick-devel-1.3.25-47.1
libGraphicsMagick++-Q16-12-1.3.25-47.1
libGraphicsMagick++-devel-1.3.25-47.1
libGraphicsMagick-Q16-3-1.3.25-47.1
libGraphicsMagick3-config-1.3.25-47.1
libGraphicsMagickWand-Q16-2-1.3.25-47.1
perl-GraphicsMagick-1.3.25-47.1

Ссылки

Описание

When GraphicsMagick 1.3.25 processes a DPX image (with metadata indicating a large width) in coders/dpx.c, a denial of service (OOM) can occur in ReadDPXImage().

Затронутые продукты
openSUSE Leap 42.2:GraphicsMagick-1.3.25-47.1
openSUSE Leap 42.2:GraphicsMagick-devel-1.3.25-47.1
openSUSE Leap 42.2:libGraphicsMagick++-Q16-12-1.3.25-47.1
openSUSE Leap 42.2:libGraphicsMagick++-devel-1.3.25-47.1
Ссылки

Описание

The ReadDCMImage function in coders\dcm.c in ImageMagick 7.0.6-1 has an integer signedness error leading to excessive memory consumption via a crafted DCM file.

Затронутые продукты
openSUSE Leap 42.2:GraphicsMagick-1.3.25-47.1
openSUSE Leap 42.2:GraphicsMagick-devel-1.3.25-47.1
openSUSE Leap 42.2:libGraphicsMagick++-Q16-12-1.3.25-47.1
openSUSE Leap 42.2:libGraphicsMagick++-devel-1.3.25-47.1
Ссылки

Описание

ImageMagick 7.0.6-1 has a memory leak vulnerability in ReadDCMImage in coders\dcm.c.

Затронутые продукты
openSUSE Leap 42.2:GraphicsMagick-1.3.25-47.1
openSUSE Leap 42.2:GraphicsMagick-devel-1.3.25-47.1
openSUSE Leap 42.2:libGraphicsMagick++-Q16-12-1.3.25-47.1
openSUSE Leap 42.2:libGraphicsMagick++-devel-1.3.25-47.1
Ссылки

Описание

ImageMagick 7.0.6-2 has a memory leak vulnerability in WritePDFImage in coders/pdf.c.

Затронутые продукты
openSUSE Leap 42.2:GraphicsMagick-1.3.25-47.1
openSUSE Leap 42.2:GraphicsMagick-devel-1.3.25-47.1
openSUSE Leap 42.2:libGraphicsMagick++-Q16-12-1.3.25-47.1
openSUSE Leap 42.2:libGraphicsMagick++-devel-1.3.25-47.1
Ссылки

Описание

ReadRLEImage in coders/rle.c in GraphicsMagick 1.3.26 mishandles RLE headers that specify too few colors, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file.

Затронутые продукты
openSUSE Leap 42.2:GraphicsMagick-1.3.25-47.1
openSUSE Leap 42.2:GraphicsMagick-devel-1.3.25-47.1
openSUSE Leap 42.2:libGraphicsMagick++-Q16-12-1.3.25-47.1
openSUSE Leap 42.2:libGraphicsMagick++-devel-1.3.25-47.1
Ссылки

Описание

ReadDCMImage in coders/dcm.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted DICOM image, related to the ability of DCM_ReadNonNativeImages to yield an image list with zero frames.

Затронутые продукты
openSUSE Leap 42.2:GraphicsMagick-1.3.25-47.1
openSUSE Leap 42.2:GraphicsMagick-devel-1.3.25-47.1
openSUSE Leap 42.2:libGraphicsMagick++-Q16-12-1.3.25-47.1
openSUSE Leap 42.2:libGraphicsMagick++-devel-1.3.25-47.1
Ссылки
Уязвимость openSUSE-SU-2017:3270-1