Lucene search
SuseSUSE-SU-2016:1783-1HistoryJul 11, 2016 - 4:19 p.m.
Security update for GraphicsMagick (important)
2016-07-1116:19:50
lists.opensuse.org
17
0.023 Low
EPSS
Percentile
88.5%
GraphicsMagick was updated to fix 37 security issues.
These security issues were fixed:
- CVE-2014-9810: SEGV in dpx file handler (bsc#983803).
- CVE-2014-9811: Crash in xwd file handler (bsc#984032).
- CVE-2014-9813: Crash on corrupted viff file (bsc#984035).
- CVE-2014-9814: NULL pointer dereference in wpg file handling
(bsc#984193). - CVE-2014-9815: Crash on corrupted wpg file (bsc#984372).
- CVE-2014-9816: Out of bound access in viff image (bsc#984398).
- CVE-2014-9817: Heap buffer overflow in pdb file handling (bsc#984400).
- CVE-2014-9818: Out of bound access on malformed sun file (bsc#984181).
- CVE-2014-9819: Heap overflow in palm files (bsc#984142).
- CVE-2014-9830: Handling of corrupted sun file (bsc#984135).
- CVE-2014-9831: Handling of corrupted wpg file (bsc#984375).
- CVE-2014-9837: Additional PNM sanity checks (bsc#984166).
- CVE-2014-9834: Heap overflow in pict file (bsc#984436).
- CVE-2014-9853: Memory leak in rle file handling (bsc#984408).
- CVE-2015-8903: Denial of service (cpu) in vicar (bsc#983259).
- CVE-2015-8901: MIFF file DoS (endless loop) (bsc#983234).
- CVE-2016-5688: Various invalid memory reads in ImageMagick WPG
(bsc#985442). - CVE-2015-8894: Double free in coders/tga.c:221 (bsc#983523).
- CVE-2015-8896: Double free / integer truncation issue in
coders/pict.c:2000 (bsc#983533). - CVE-2014-9807: Double free in pdb coder. (bsc#983794).
- CVE-2014-9828: Corrupted (too many colors) psd file (bsc#984028).
- CVE-2014-9805: SEGV due to a corrupted pnm file (bsc#983752).
- CVE-2014-9808: SEGV due to corrupted dpc images (bsc#983796).
- CVE-2014-9820: Heap overflow in xpm files (bsc#984150).
- CVE-2014-9839: Theoretical out of bound access in
magick/colormap-private.h (bsc#984379). - CVE-2014-9809: SEGV due to corrupted xwd images. (bsc#983799).
- CVE-2016-5240: SVG converting issue resulting in DoS (endless loop)
(bsc#983309). - CVE-2014-9840: Out of bound access in palm file (bsc#984433).
- CVE-2014-9847: Incorrect handling of "previous" image in the JNG decoder
(bsc#984144). - CVE-2016-5241: Arithmetic exception (div by 0) in SVG conversion
(bsc#983455). - CVE-2014-9845: Crash due to corrupted dib file (bsc#984394).
- CVE-2014-9844: Out of bound issue in rle file (bsc#984373).
- CVE-2014-9835: Heap overflow in wpf file (bsc#984145).
- CVE-2014-9829: Out of bound access in sun file (bsc#984409).
- CVE-2014-9846: Added checks to prevent overflow in rle file.
(bsc#983521). - CVE-2016-2317: Multiple vulnerabilities when parsing and processing SVG
files (bsc#965853). - CVE-2016-2318: Multiple vulnerabilities when parsing and processing SVG
files (bsc#965853).
References
bugzilla.suse.com/965853
bugzilla.suse.com/983234
bugzilla.suse.com/983259
bugzilla.suse.com/983309
bugzilla.suse.com/983455
bugzilla.suse.com/983521
bugzilla.suse.com/983523
bugzilla.suse.com/983533
bugzilla.suse.com/983752
bugzilla.suse.com/983794
bugzilla.suse.com/983796
bugzilla.suse.com/983799
bugzilla.suse.com/983803
bugzilla.suse.com/984028
bugzilla.suse.com/984032
bugzilla.suse.com/984035
bugzilla.suse.com/984135
bugzilla.suse.com/984142
bugzilla.suse.com/984144
bugzilla.suse.com/984145
bugzilla.suse.com/984150
bugzilla.suse.com/984166
bugzilla.suse.com/984181
bugzilla.suse.com/984193
bugzilla.suse.com/984372
bugzilla.suse.com/984373
bugzilla.suse.com/984375
bugzilla.suse.com/984379
bugzilla.suse.com/984394
bugzilla.suse.com/984398
bugzilla.suse.com/984400
bugzilla.suse.com/984408
bugzilla.suse.com/984409
bugzilla.suse.com/984433
bugzilla.suse.com/984436
bugzilla.suse.com/985442
Related
nessus
nessus
openSUSE Security Update : GraphicsMagick (openSUSE-2016-825)
2016-07-05 00:00:00
openSUSE Security Update : GraphicsMagick (openSUSE-2016-984)
2016-08-16 00:00:00
SUSE SLES11 Security Update : ImageMagick (SUSE-SU-2016:1782-1)
2016-08-29 00:00:00
suse
suse
Security update for GraphicsMagick (important)
2016-07-01 17:07:58
Security update for GraphicsMagick (important)
2016-08-15 15:11:03
Security update for ImageMagick (important)
2016-07-11 16:08:01
openvas
openvas
openSUSE: Security Advisory for GraphicsMagick (openSUSE-SU-2016:1724-1)
2016-07-02 00:00:00
openSUSE: Security Advisory for GraphicsMagick (openSUSE-SU-2016:2073-1)
2016-08-16 00:00:00
SUSE: Security Advisory (SUSE-SU-2016:1782-1)
2021-06-09 00:00:00
amazon
amazon
Important: GraphicsMagick
2016-06-22 15:00:00
fedora
fedora
[SECURITY] Fedora 22 Update: GraphicsMagick-1.3.24-1.fc22
2016-06-19 07:19:42
[SECURITY] Fedora 24 Update: GraphicsMagick-1.3.24-1.fc24
2016-06-18 19:49:22
[SECURITY] Fedora 23 Update: GraphicsMagick-1.3.24-1.fc23
2016-06-19 07:29:29
debian
debian
[SECURITY] [DLA 574-1] graphicsmagick security update
2016-07-11 16:27:25
[SECURITY] [DLA 731-1] imagemagick security update
2016-12-02 05:44:49
osv
osv
graphicsmagick - security update
2016-07-11 00:00:00
imagemagick - security update
2016-12-02 00:00:00
CVE-2016-2317
2017-02-03 15:59:00
mageia
mageia
Updated graphicsmagick packages fix security vulnerability
2016-07-14 23:33:59
ubuntu
ubuntu
ImageMagick vulnerabilities
2016-11-21 00:00:00
cve
cve
veracode
veracode
Denial Of Service (DoS)
2017-03-01 02:14:19
Heap Overflow In The Wpf File
2017-03-21 08:24:22
Buffer Overflow
2017-03-21 07:03:13
prion
prion
Design/Logic Flaw
2017-08-07 20:29:00
Design/Logic Flaw
2017-02-27 22:59:00
Design/Logic Flaw
2017-08-07 20:29:00
alpinelinux
alpinelinux
ubuntucve
ubuntucve
debiancve
debiancve
freebsd
freebsd
GraphicsMagick -- SVG/Rendering vulnerability
2018-06-23 00:00:00