Описание
Security update for GraphicsMagick
This update for GraphicsMagick fixes the following issues:
- CVE-2017-11637: Fixed a NULL pointer dereference in WritePCLImage() in coders/pcl.c (boo#1050669)
- CVE-2017-11638, CVE-2017-11642: Fixed a NULL pointer dereference in theWriteMAPImage() in coders/map.c (boo#1050617)
- CVE-2017-17503: Fixed a heap-based buffer overflow in the ReadGRAYImage (boo#1072934)
- CVE-2017-14060: Fixed a NULL Pointer Dereference issue in the ReadCUTImage function in coders/cut.c that could cause a Denial of Service (boo#1056768)
Список пакетов
openSUSE Leap 42.3
Ссылки
- E-Mail link for openSUSE-SU-2018:0496-1
- SUSE Security Ratings
Описание
GraphicsMagick 1.3.26 has a NULL pointer dereference in the WritePCLImage() function in coders/pcl.c during writes of monochrome images.
Затронутые продукты
Ссылки
- CVE-2017-11637
- SUSE Bug 1050669
Описание
GraphicsMagick 1.3.26 has a segmentation violation in the WriteMAPImage() function in coders/map.c when processing a non-colormapped image, a different vulnerability than CVE-2017-11642.
Затронутые продукты
Ссылки
- CVE-2017-11638
- SUSE Bug 1050617
Описание
GraphicsMagick 1.3.26 has a NULL pointer dereference in the WriteMAPImage() function in coders/map.c when processing a non-colormapped image, a different vulnerability than CVE-2017-11638.
Затронутые продукты
Ссылки
- CVE-2017-11642
- SUSE Bug 1050617
Описание
In ImageMagick 7.0.6-10, a NULL Pointer Dereference issue is present in the ReadCUTImage function in coders/cut.c that could allow an attacker to cause a Denial of Service (in the QueueAuthenticPixelCacheNexus function within the MagickCore/cache.c file) by submitting a malformed image file.
Затронутые продукты
Ссылки
- CVE-2017-14060
- SUSE Bug 1056768
Описание
ReadGRAYImage in coders/gray.c in GraphicsMagick 1.3.26 has a magick/import.c ImportGrayQuantumType heap-based buffer over-read via a crafted file.
Затронутые продукты
Ссылки
- CVE-2017-17503
- SUSE Bug 1072934
- SUSE Bug 1073081
- SUSE Bug 1077737