Security update for GraphicsMagick (important)

2017-12-0603:09:38

lists.opensuse.org

0.021 Low

EPSS

Percentile

88.1%

JSON

This update for GraphicsMagick fixes the following issues:

Security issues fixed:

CVE-2017-16546: Fix ReadWPGImage function in coders/wpg.c that could
lead to a denial of service (bsc#1067181).
CVE-2017-14342: Fix a memory exhaustion vulnerability in ReadWPGImage in
coders/wpg.c that could lead to a denial of service (bsc#1058485).
CVE-2017-16669: Fix coders/wpg.c that allows remote attackers to cause a
denial of service via crafted files (bsc#1067409).
CVE-2017-16545: Fix the ReadWPGImage function in coders/wpg.c as a
validation problems could lead to a denial of service (bsc#1067184).
CVE-2017-14341: Fix infinite loop in the ReadWPGImage function
(bsc#1058637).
CVE-2017-13737: Fix invalid free in the MagickFree function in
magick/memory.c (tiff.c) (bsc#1056162).
CVE-2017-11640: Fix NULL pointer deref in WritePTIFImage() in
coders/tiff.c (bsc#1050632).

OSVersionArchitecturePackageVersionFilename
openSUSE Leap42.2i586libgraphicsmagick++-q16-12-debuginfo< 1.3.25-11.44.1libGraphicsMagick++-Q16-12-debuginfo-1.3.25-11.44.1.i586.rpm
openSUSE Leap42.2i586graphicsmagick-debuginfo< 1.3.25-11.44.1GraphicsMagick-debuginfo-1.3.25-11.44.1.i586.rpm
openSUSE Leap42.2x86_64libgraphicsmagick++-q16-12< 1.3.25-11.44.1libGraphicsMagick++-Q16-12-1.3.25-11.44.1.x86_64.rpm
openSUSE Leap42.2x86_64perl-graphicsmagick-debuginfo< 1.3.25-11.44.1perl-GraphicsMagick-debuginfo-1.3.25-11.44.1.x86_64.rpm
openSUSE Leap42.3i586graphicsmagick-debugsource< 1.3.25-44.1GraphicsMagick-debugsource-1.3.25-44.1.i586.rpm
openSUSE Leap42.3i586libgraphicsmagick++-q16-12-debuginfo< 1.3.25-44.1libGraphicsMagick++-Q16-12-debuginfo-1.3.25-44.1.i586.rpm
openSUSE Leap42.2x86_64graphicsmagick-debuginfo< 1.3.25-11.44.1GraphicsMagick-debuginfo-1.3.25-11.44.1.x86_64.rpm
openSUSE Leap42.2i586libgraphicsmagick-q16-3< 1.3.25-11.44.1libGraphicsMagick-Q16-3-1.3.25-11.44.1.i586.rpm
openSUSE Leap42.2i586perl-graphicsmagick-debuginfo< 1.3.25-11.44.1perl-GraphicsMagick-debuginfo-1.3.25-11.44.1.i586.rpm
openSUSE Leap42.3i586libgraphicsmagick-q16-3< 1.3.25-44.1libGraphicsMagick-Q16-3-1.3.25-44.1.i586.rpm

OS	Version	Architecture	Package	Version	Filename
openSUSE Leap	42.2	i586	libgraphicsmagick++-q16-12-debuginfo	< 1.3.25-11.44.1	libGraphicsMagick++-Q16-12-debuginfo-1.3.25-11.44.1.i586.rpm
openSUSE Leap	42.2	i586	graphicsmagick-debuginfo	< 1.3.25-11.44.1	GraphicsMagick-debuginfo-1.3.25-11.44.1.i586.rpm
openSUSE Leap	42.2	x86_64	libgraphicsmagick++-q16-12	< 1.3.25-11.44.1	libGraphicsMagick++-Q16-12-1.3.25-11.44.1.x86_64.rpm
openSUSE Leap	42.2	x86_64	perl-graphicsmagick-debuginfo	< 1.3.25-11.44.1	perl-GraphicsMagick-debuginfo-1.3.25-11.44.1.x86_64.rpm
openSUSE Leap	42.3	i586	graphicsmagick-debugsource	< 1.3.25-44.1	GraphicsMagick-debugsource-1.3.25-44.1.i586.rpm
openSUSE Leap	42.3	i586	libgraphicsmagick++-q16-12-debuginfo	< 1.3.25-44.1	libGraphicsMagick++-Q16-12-debuginfo-1.3.25-44.1.i586.rpm
openSUSE Leap	42.2	x86_64	graphicsmagick-debuginfo	< 1.3.25-11.44.1	GraphicsMagick-debuginfo-1.3.25-11.44.1.x86_64.rpm
openSUSE Leap	42.2	i586	libgraphicsmagick-q16-3	< 1.3.25-11.44.1	libGraphicsMagick-Q16-3-1.3.25-11.44.1.i586.rpm
openSUSE Leap	42.2	i586	perl-graphicsmagick-debuginfo	< 1.3.25-11.44.1	perl-GraphicsMagick-debuginfo-1.3.25-11.44.1.i586.rpm
openSUSE Leap	42.3	i586	libgraphicsmagick-q16-3	< 1.3.25-44.1	libGraphicsMagick-Q16-3-1.3.25-44.1.i586.rpm