FEDORA-2017-c276ee400a — security update for ImageMagick

ImageMagick-7.0.6-9.2.fc25

FEDORA-2017-c276ee400a created by moezroy 4 years ago for Fedora 25

obsolete

Tagging this update now as it is an urgent fix. This update includes a soname bump so affected packages will need to be rebuilt by the package maintainer or someone with proven packager privs.

This update fixes ImageTragick in Fedora as well as numerous other security issues such as:

Fix CVE-2017-11644 ImageMagick: Memory-Leak in ReadMATImage() coders/mat.c - bug #1475485
Fix CVE-2017-11639 ImageMagick: heap-based buffer over-read in the WriteCIPImage() function in coders/cip.c - bug #1475470
Fix CVE-2017-11640 ImageMagick: NULL pointer dereference in WritePTIFImage() in coders/tiff.c - bug #1475463
Fix CVE-2017-11523 ImageMagick: Endless loop in ReadTXTImage function in coders/txt.c - bug #1474845
Fix CVE-2017-11446 CVE-2017-11478 ImageMagick: various flaws - bug #1474363,1474391
Fix CVE-2017-11360 ImageMagick: Resource exhaustion in ReadRLEImage function - bug #1473847
Fix CVE-2017-11188 ImageMagick: Resource exhaustion in ReadDPXImage function in coders\dpx.c - bug #1473824
Fix CVE-2017-11448 ImageMagick: Info leak from from uninitialized memory in ReadJPEGImage function - bug #1473801
Fix CVE-2017-11447 ImageMagick: Memory leak in ReadSCREENSHOTImage function in coders/screenshot.c - bug #1473798
Fix CVE-2017-11449 ImageMagick: coders/mpc.c don't validade blob sizes of stdin image input - bug #1473796
Fix CVE-2017-11450 ImageMagick: Too short JPEG data causes denial of service in coders/jpeg.c - bug #1473774
Fix CVE-2017-11141 ImageMagick: Memory exhaustion in ReadMATImage function in coders\mat.c - bug #1473757
Fix CVE-2017-10928 ImageMagick: heap-based buffer over-read in the GetNextToken function - bug #1473717
Fix CVE-2017-11352 ImageMagick: Improper EOF handling in coders/rle.c can trigger crash (Incomplete fix for CVE-2017-9144) - bug #1471835 - Fix CVE-2017-10995 ImageMagick: Out-of-bounds heap read in mng_get_long function - bug #1471121
Fix CVE-2017-11170 ImageMagick: Memory leak in ReadTGAImage function when processing TGA or VST file - bug #1470669
Fix CVE-2017-7941 CVE-2017-7942 CVE-2017-7943 CVE-2017-8352 ImageMagick: various flaws - bug #1445676,1445677,1445679,1449253
Fix CVE-2017-9141 CVE-2017-9142 CVE-2017-9143 CVE-2017-9144 ImageMagick: various flaws - bug #1455578,1455581,1455583,1455584
Fix CVE-2016-9559 ImageMagick: Null pointer dereference in tiff.c - bug #1398189,1398198,1413898
Fix CVE-2017-5507 ImageMagick: Memory leak in mpc file handling - bug #1414444
Fix CVE-2016-10146 ImageMagick: Memory leak in caption and label handling - bug #1414446
Fix CVE-2017-5508 ImageMagick: Heap-buffer-overflow in PushQuantumPixel - bug #1414445
Fix CVE-2016-10070 ImageMagick: Out-of-bounds read in mat.c - bug #1410510
Fix CVE-2017-5506 ImageMagick: Double-free memory corruption in profile.c - bug #1414442
Fix CVE-2016-10064 ImageMagick: Buffer overflow in tiff.c - bug #1410478
Fix CVE-2016-10071 ImageMagick: Out-of-bounds read in mat.c - bug #1410513
Fix CVE-2016-10059 ImageMagick: TIFF file buffer overflow - bug #1410469
Fix CVE-2016-10057 ImageMagick: Buffer overflow in CALS coder - bug #1410466
Fix CVE-2016-10052 ImageMagick: Out-of-bounds write in exif (jpeg) reader - bug #1410459
Fix CVE-2016-10050 ImageMagick: Heap overflow when reading corrupt RLE files - bug #1410454
Fix CVE-2016-10049 ImageMagick: Buffer overflow when reading corrupt RLE files - bug #1410452
Fix CVE-2016-10046 ImageMagick: Buffer overflow in draw.c - bug #1410448
Fix CVE-2016-8677 ImageMagick: Memory allocation failure in AcquireQuantumPixel - bug #1385698
Fix CVE-2016-7906 ImageMagick: Mogrify heap-use-after-free in attribute.c - bug #1381141
Fix CVE-2016-7799 ImageMagick: Mogrify buffer over-read in profile.c - bug #1381138 - ImageMagick: Hang when supplying file ending with colon to identify - bug #1380428
Fix CVE-2014-9907 CVE-2015-8957 CVE-2015-8958 CVE-2015-8959 CVE-2016-6823 CVE-2016-7101 CVE-2016-7513 CVE-2016-7514 CVE-2016-7515 CVE-2016-7516 CVE-2016-7517 CVE-2016-7518 CVE-2016-7519 CVE-2016-7520 CVE-2016-7521 ... ImageMagick: various flaws - bug #1378734,1378735,1378736,1378738,1378733,1378739,1378741,1378743,1378744,1378745,1378746,1378747,1378748,1378751,1378754,1378756,1378757,1378758,1378759,1378760,1378761,1378762,1378763,1378764,1378765,1378767,1378768,1378772,1378773,1378775,1378776,1378777,1378790
Fix CVE-2016-5010 ImageMagick: Out-of-bounds read when processing crafted tiff file - bug #1354500,1361578

Logout Required

After installing this update it is required that you logout of your current user session and log back in to ensure the changes supplied by this update are applied properly.

This update has been submitted for testing by moezroy.

4 years ago

mooninite edited this update.

4 years ago

remi commented & provided feedback 4 years ago

karma

Not acceptable, see update policy.

lupinix commented & provided feedback 4 years ago

karma

The required rebuilds have to be done first and then pushed as one ssingle update. But the update is not compatible with update policy anyway :( (soname bump etc.)

besser82 commented & provided feedback 4 years ago

karma

Even 6.9.9.X breaks SO-name. @kevin did an update to that in Rawhide before branching and it required several rebuilds. So IMHO it doesn't matter which version gets pushed, since both require the rebuild of their consuming apps and libs.

@moezroy Please rebuild all consumers of libimagemagick against this update / or 6.9.9.X and make sure they are a part of this update.

This update has been obsoleted.

4 years ago

robert commented & provided feedback 4 years ago

karma

ABI breakage.

Please login to add feedback.

Metadata

Type

security

Severity

urgent

Karma

-4

Signed

Content Type

RPM

Test Gating

Builds

ImageMagick-7.0.6-9.2.fc25

Settings

Unstable by Karma

-3

Stable by Karma

disabled

Stable by Time

disabled

Dates

submitted

4 years ago

modified

4 years ago

ImageMagick-7.0.6-9.2.fc25

Logout Required

Automated Test Results