openSUSE-SU-2018:2672-1

Опубликовано: 08 сент. 2018

Источник: suse-cvrf

Описание

Security update for GraphicsMagick

This update for GraphicsMagick fixes the following security issue:

CVE-2018-16323: ReadXBMImage left data uninitialized when processing an XBM file that has a negative pixel value. If the affected code was used as a library loaded into a process that includes sensitive information, that information sometimes can be leaked via the image data (bsc#1106855).

Список пакетов

openSUSE Leap 42.3

GraphicsMagick-1.3.25-102.1

GraphicsMagick-devel-1.3.25-102.1

libGraphicsMagick++-Q16-12-1.3.25-102.1

libGraphicsMagick++-devel-1.3.25-102.1

libGraphicsMagick-Q16-3-1.3.25-102.1

libGraphicsMagick3-config-1.3.25-102.1

libGraphicsMagickWand-Q16-2-1.3.25-102.1

perl-GraphicsMagick-1.3.25-102.1

Ссылки

https://lists.opensuse.org/opensuse-security-announce/2018-09/msg00019.html
E-Mail link for openSUSE-SU-2018:2672-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings

Описание

ReadXBMImage in coders/xbm.c in ImageMagick before 7.0.8-9 leaves data uninitialized when processing an XBM file that has a negative pixel value. If the affected code is used as a library loaded into a process that includes sensitive information, that information sometimes can be leaked via the image data.

Затронутые продукты

openSUSE Leap 42.3:GraphicsMagick-1.3.25-102.1

openSUSE Leap 42.3:GraphicsMagick-devel-1.3.25-102.1

openSUSE Leap 42.3:libGraphicsMagick++-Q16-12-1.3.25-102.1

openSUSE Leap 42.3:libGraphicsMagick++-devel-1.3.25-102.1

Ссылки

https://www.suse.com/security/cve/CVE-2018-16323.html
CVE-2018-16323
https://bugzilla.suse.com/1106855
SUSE Bug 1106855

openSUSE-SU-2018:2672-1

Описание

Список пакетов

openSUSE Leap 42.3

Ссылки

Уязвимость: CVE-2018-16323

Описание

Затронутые продукты

Ссылки