Lucene search

K
suseSuseSUSE-SU-2017:2229-1
HistoryAug 22, 2017 - 6:07 p.m.

Security update for GraphicsMagick (important)

2017-08-2218:07:53
lists.opensuse.org
43

0.224 Low

EPSS

Percentile

96.0%

This update for GraphicsMagick fixes the following issues:

Security issues fixed:

  • CVE-2017-8350: The PNG/JNG decoder recieved an incremental fix, fixing
    some related issues in the same code. (bsc#1036985)
  • CVE-2017-9439: A memory leak was found in the function ReadPDBImage
    incoders/pdb.c (bsc#1042826)
  • CVE-2017-9501: An assertion failure could cause a denial of service via
    a crafted file (bsc#1043289)
  • CVE-2017-11403: The ReadMNGImage function in coders/png.c has an
    out-of-order CloseBlob call, resulting in a use-after-free via a crafted
    file (bsc#1049072)
  • CVE-2017-11643: A heap overflow in WriteCMYKImage()function in
    coders/cmyk.c was fixed (bsc#1050611)
  • CVE-2017-11636: A heap overflow in WriteRGBImage() in coders/rgb.c was
    fixed (bsc#1050674)