Описание
Security update for GraphicsMagick
This update for GraphicsMagick fixes the following issues:
- CVE-2017-18230: Specially crafted CINEON images may have caused a Null pointer dereference (boo#1085233)
- CVE-2017-16353: Specially crafted MIFF images could have allowed for information disclosure (boo#1066170)
- CVE-2017-16352: Specially crafted MIFF images may have caused a heap-based buffer overflow (boo#1066168)
- CVE-2017-14314: Specially crafted image files may have caused a denial of service (boo#1058630)
- CVE-2017-14505: Specially crafted image files may have caused a Null pointer dereference (boo#1059735)
- CVE-2017-15016: Specially crafted EMF images may have caused a Null pointer dereference (boo#1082291)
- CVE-2017-15017: Specially crafted MSG images may have caused a Null pointer dereference (boo#1082283)
- CVE-2017-18219: Specially crafted image files may have been used to cause an application crash (boo#1084060)
- CVE-2017-18220: Specially crafted PNG images may have been used to cause a denial of service (boo#1084062)
Список пакетов
openSUSE Leap 42.3
Ссылки
- E-Mail link for openSUSE-SU-2018:0733-1
- SUSE Security Ratings
Описание
Off-by-one error in the DrawImage function in magick/render.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (DrawDashPolygon heap-based buffer over-read and application crash) via a crafted file.
Затронутые продукты
Ссылки
- CVE-2017-14314
- SUSE Bug 1058630
Описание
DrawGetStrokeDashArray in wand/drawing-wand.c in ImageMagick 7.0.7-1 mishandles certain NULL arrays, which allows attackers to perform Denial of Service (NULL pointer dereference and application crash in AcquireQuantumMemory within MagickCore/memory.c) by providing a crafted Image File as input.
Затронутые продукты
Ссылки
- CVE-2017-14505
- SUSE Bug 1059735
Описание
ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability in ReadEnhMetaFile in coders/emf.c.
Затронутые продукты
Ссылки
- CVE-2017-15016
- SUSE Bug 1082291
Описание
ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability in ReadOneMNGImage in coders/png.c.
Затронутые продукты
Ссылки
- CVE-2017-15017
- SUSE Bug 1082283
Описание
GraphicsMagick 1.3.26 is vulnerable to a heap-based buffer overflow vulnerability found in the "Display visual image directory" feature of the DescribeImage() function of the magick/describe.c file. One possible way to trigger the vulnerability is to run the identify command on a specially crafted MIFF format file with the verbose flag.
Затронутые продукты
Ссылки
- CVE-2017-16352
- SUSE Bug 1066168
- SUSE Bug 1066170
Описание
GraphicsMagick 1.3.26 is vulnerable to a memory information disclosure vulnerability found in the DescribeImage function of the magick/describe.c file, because of a heap-based buffer over-read. The portion of the code containing the vulnerability is responsible for printing the IPTC Profile information contained in the image. This vulnerability can be triggered with a specially crafted MIFF file. There is an out-of-bounds buffer dereference because certain increments are never checked.
Затронутые продукты
Ссылки
- CVE-2017-16353
- SUSE Bug 1066170
Описание
An issue was discovered in GraphicsMagick 1.3.26. An allocation failure vulnerability was found in the function ReadOnePNGImage in coders/png.c, which allows attackers to cause a denial of service via a crafted file that triggers an attempt at a large png_pixels array allocation.
Затронутые продукты
Ссылки
- CVE-2017-18219
- SUSE Bug 1084060
Описание
The ReadOneJNGImage and ReadJNGImage functions in coders/png.c in GraphicsMagick 1.3.26 allow remote attackers to cause a denial of service (magick/blob.c CloseBlob use-after-free) or possibly have unspecified other impact via a crafted file, a related issue to CVE-2017-11403.
Затронутые продукты
Ссылки
- CVE-2017-18220
- SUSE Bug 1084062
Описание
An issue was discovered in GraphicsMagick 1.3.26. A NULL pointer dereference vulnerability was found in the function ReadCINEONImage in coders/cineon.c, which allows attackers to cause a denial of service via a crafted file.
Затронутые продукты
Ссылки
- CVE-2017-18230
- SUSE Bug 1085233