FEDORA-EPEL-2018-ce6223e559

security update in Fedora EPEL 7 for GraphicsMagick

Status: stable a year ago

Latest stable release, includes many bug and security fixes.

See also http://www.graphicsmagick.org/NEWS.html#january-20-2017

How to install

sudo dnf upgrade --advisory=FEDORA-EPEL-2018-ce6223e559

Comments 7

This update has been submitted for testing by rdieter.

This update has been pushed to testing.

This update has reached 14 days in testing and can be pushed to stable now if the maintainer wishes

This update has been submitted for batched by rdieter.

Bodhi is unable to request this update for stabilization: invalid syntax (ssl.py, line 7)

This update has been submitted for stable by bodhi.

This update has been pushed to stable.

Content Type
RPM
Status
stable
Test Gating
Submitted by
Update Type
security
Update Severity
medium
Karma
0
stable threshold: 2
unstable threshold: -4
Autopush
Enabled
Dates
submitted 2 years ago
in testing a year ago
in stable a year ago

Related Bugs 16

00 #1473729 CVE-2017-11102 GraphicsMagick: Input validation failure in ReadOneJNGImage function may cause denial of service [epel-all]
00 #1473741 CVE-2017-11139 GraphicsMagick: double free vulnerabilities in the [epel-all]
00 #1473752 CVE-2017-11140 GraphicsMagick: Resource exhaustion denial of service in ReadJPEGImage function [epel-all]
00 #1475454 CVE-2017-11637 GraphicsMagick: NULL pointer dereference in WritePCLImage() in coders/pcl.c [epel-all]
00 #1475458 CVE-2017-11636 GraphicsMagick: Heap based buffer over-write in WriteRGBImage in coders/rgb.c [epel-all]
00 #1475490 CVE-2017-11641 GraphicsMagick: Memory Leak in the PersistCache in magick/pixel_cache.c [epel-all]
00 #1475498 CVE-2017-11643 GraphicsMagick: Heap based over-write in WriteCMYKImagefunction in coders/cmyk.c [epel-all]
00 #1484483 CVE-2017-13147 GraphicsMagick: Allocation failure in ReadMNGImage function in coders/png.c [epel-all]
00 #1512038 CVE-2017-16669 GraphicsMagick: Heap buffer over-write in AcquireCacheNexus function in magick/pixel_cache.c [epel-all]
00 #1512049 CVE-2017-16353 GraphicsMagick: ImageMagick, GraphicsMagick: memory information disclosure in DescribeImage function in magick/describe.c [epel-all]
00 #1528037 CVE-2017-17782 GraphicsMagick: heap-based buffer over-read in ReadOneJNGImage function in coders/png.c [epel-all]
00 #1528051 CVE-2017-17783 GraphicsMagick: heap based buffer over-read in ReadPALMImage in coders/palm.c [epel-all]
00 #1529535 CVE-2017-17915 GraphicsMagick: Memory leak in the function ReadMNGImage in coders/png.c [epel-all]
00 #1529557 CVE-2017-17913 GraphicsMagick: stack-based buffer over-read in WriteWEBPImage in coders/webp.c [epel-all]
00 #1529580 CVE-2017-17912 GraphicsMagick: GraphicsMagick: heap-based buffer over-read in ReadNewsProfile in coders/tiff.c [epel-all]
00 #1536951 CVE-2018-5685 GraphicsMagick: Infinite loop and application hang in coders/bmp.c:ReadBMPImage [epel-all]

Automated Test Results