ImageMagick 6.9.12.x with a bunch security fixes

This update's test gating status has been changed to 'waiting'.

3 weeks ago

This update has been submitted for testing by bodhi.

3 weeks ago

This update's test gating status has been changed to 'ignored'.

3 weeks ago

This update has been pushed to testing.

3 weeks ago
User Icon remi commented & provided feedback 3 weeks ago

subscribe

sergiomb edited this update.

3 weeks ago

sergiomb edited this update.

3 weeks ago

This update can be pushed to stable now if the maintainer wishes

2 weeks ago

sergiomb edited this update.

New build(s):

  • ImageMagick-6.9.12.48-1.el8

Removed build(s):

  • ImageMagick-6.9.12.44-1.el8

Karma has been reset.

2 weeks ago

This update has been submitted for testing by sergiomb.

2 weeks ago

This update has been pushed to testing.

2 weeks ago

sergiomb edited this update.

New build(s):

  • ImageMagick-6.9.12.48-2.el8

Removed build(s):

  • ImageMagick-6.9.12.48-1.el8

Karma has been reset.

2 weeks ago

This update has been submitted for testing by sergiomb.

2 weeks ago
User Icon sergiomb commented & provided feedback 2 weeks ago

ImageMagick-6.9.12.48-2.el8

  • Not require libraw on aaarch64

This update has been pushed to testing.

2 weeks ago
User Icon sergiomb commented & provided feedback a week ago

ImageMagick soname bump was approved [0] in EPEL Steering Committee meeting. and I'm continuing with the process for incompatible upgrades from step 4 forward [1]. and 81 security bugs will be fixed

[0] https://meetbot.fedoraproject.org/teams/epel/epel.2022-04-13-20.00.html [1] https://docs.fedoraproject.org/en-US/epel/epel-policy-incompatible-upgrades/#process_for_incompatible_upgrades

This update's test gating status has been changed to 'waiting'.

a week ago

This update's test gating status has been changed to 'ignored'.

6 days ago

This update's test gating status has been changed to 'waiting'.

6 days ago

This update's test gating status has been changed to 'ignored'.

6 days ago

This update can be pushed to stable now if the maintainer wishes

6 days ago

This update has been submitted for stable by sergiomb.

5 days ago

This update has been pushed to stable.

5 days ago

Please login to add feedback.

Metadata
Type
security
Severity
medium
Karma
0
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
disabled
Stable by Time
disabled
Dates
submitted
3 weeks ago
in testing
2 weeks ago
in stable
5 days ago
modified
2 weeks ago
BZ#1767804 CVE-2019-15141 ImageMagick: heap-based buffer overflow in WriteTIFFImage in coders/tiff.c [epel-8]
0
0
BZ#1767814 CVE-2019-15139 ImageMagick: out-of-bounds read in ReadXWDImage in coders/xwd.c [epel-8]
0
0
BZ#1767830 CVE-2019-15140 ImageMagick: use-after-free in ReadImage in MagickCore/constitute.c [epel-8]
0
0
BZ#1772645 CVE-2017-11166 ImageMagick: memory leak vulnerability in ReadXWDImage function in coders/xwd.c [epel-8]
0
0
BZ#1777545 CVE-2014-8561 ImageMagick: convert +profile regression enters infinite loop exhausting memory [epel-8]
0
0
BZ#1792470 CVE-2019-19952 ImageMagick: use-after-free in MngInfoDiscardObject in coders/png.c [epel-8]
0
0
BZ#1792482 CVE-2019-19949 ImageMagick: heap-based buffer over-read in WritePNGImage in coders/png.c [epel-8]
0
0
BZ#1793178 CVE-2019-19948 ImageMagick: heap-based buffer overflow in WriteSGIImage in coders/sgi.c [epel-8]
0
0
BZ#1801664 CVE-2019-16709 ImageMagick: memory leak in coders/dps.c [epel-8]
0
0
BZ#1801669 CVE-2019-16708 ImageMagick: memory leak in magick/xwindow.c [epel-8]
0
0
BZ#1801671 CVE-2019-16710 ImageMagick: memory leak in coders/dot.c [epel-8]
0
0
BZ#1801678 CVE-2019-16711 ImageMagick: memory leak in Huffman2DEncodeImage in coders/ps2.c [epel-8]
0
0
BZ#1801679 CVE-2019-16712 ImageMagick: memory leak in Huffman2DEncodeImage in coders/ps3.c [epel-8]
0
0
BZ#1801683 CVE-2019-16713 ImageMagick: memory leak in coders/dot.c [epel-8]
0
0
BZ#1820589 CVE-2019-18853 ImageMagick: XML_PARSE_HUGE not properly restricted in coders/svg.c [epel-8]
0
0
BZ#1890690 CVE-2020-27560 ImageMagick: division by zero in OptimizeLayerFrames function in MagickCore/layer.c [epel-8]
0
0
BZ#1901225 CVE-2020-25664 ImageMagick: heap-based buffer overflow in PopShortPixel in MagickCore/quantum-private.h [epel-8]
0
0
BZ#1901227 CVE-2020-25665 ImageMagick: heap-based buffer overflow in WritePALMImage in coders/palm.c [epel-8]
0
0
BZ#1901229 CVE-2020-25666 ImageMagick: outside the range of representable values of type int and signed integer overflow in MagickCore/histogram.c [epel-8]
0
0
BZ#1901231 CVE-2020-25667 ImageMagick: heap-based buffer overflow in TIFFGetProfiles in coders/tiff.c [epel-8]
0
0
BZ#1901233 CVE-2020-25674 ImageMagick: heap-based buffer overflow in WriteOnePNGImage in coders/png.c [epel-8]
0
0
BZ#1901236 CVE-2020-25675 ImageMagick: outside the range of representable values of type 'long' and integer overflow at MagickCore/transform.c and MagickCore/image.c [epel-8]
0
0
BZ#1901239 CVE-2020-25676 ImageMagick: outside the range of representable values of type 'long' and integer overflow at MagickCore/pixel.c and MagickCore/cache.c [epel-8]
0
0
BZ#1901241 CVE-2020-27750 ImageMagick: division by zero in MagickCore/colorspace-private.h [epel-8]
0
0
BZ#1901243 CVE-2020-27751 ImageMagick: integer overflow in MagickCore/quantum-export.c [epel-8]
0
0
BZ#1901245 CVE-2020-25663 ImageMagick: use-after-free, heap-buffer-overflow triggered by GetPixelRed, GetPixelBlue in MagickCore/pixel-accessor.h [epel-8]
0
0
BZ#1901247 CVE-2020-27752 ImageMagick: heap-based buffer overflow in PopShortPixel in MagickCore/quantum-private.h [epel-8]
0
0
BZ#1901249 CVE-2020-27753 ImageMagick: memory leaks in AcquireMagickMemory function [epel-8]
0
0
BZ#1901251 CVE-2020-27754 ImageMagick: outside the range of representable values of type 'long' and signed integer overflow at MagickCore/quantize.c [epel-8]
0
0
BZ#1901253 CVE-2020-27755 ImageMagick: memory leaks in ResizeMagickMemory function in ImageMagick/MagickCore/memory.c [epel-8]
0
0
BZ#1901257 CVE-2020-27756 ImageMagick: division by zero at MagickCore/geometry.c [epel-8]
0
0
BZ#1901259 CVE-2020-27757 ImageMagick: outside the range of representable values of type 'unsigned long long' at MagickCore/quantum-private.h [epel-8]
0
0
BZ#1901261 CVE-2020-27758 ImageMagick: outside the range of representable values of type 'unsigned long long' at coders/txt.c [epel-8]
0
0
BZ#1901263 CVE-2020-27759 ImageMagick: outside the range of representable values of type 'int' at MagickCore/quantize.c [epel-8]
0
0
BZ#1901265 CVE-2020-27760 ImageMagick: division by zero at MagickCore/enhance.c [epel-8]
0
0
BZ#1901267 CVE-2020-27761 ImageMagick: outside the range of representable values of type 'unsigned long' at coders/palm.c [epel-8]
0
0
BZ#1901269 CVE-2020-27762 ImageMagick: outside the range of representable values of type 'unsigned char' at coders/hdr.c [epel-8]
0
0
BZ#1901271 CVE-2020-27763 ImageMagick: division by zero at MagickCore/resize.c [epel-8]
0
0
BZ#1901273 CVE-2020-27764 ImageMagick: outside the range of representable values of type 'unsigned long' at MagickCore/statistic.c [epel-8]
0
0
BZ#1901275 CVE-2020-27765 ImageMagick: division by zero at MagickCore/segment.c [epel-8]
0
0
BZ#1901277 CVE-2020-27766 ImageMagick: outside the range of representable values of type 'unsigned long' at MagickCore/statistic.c [epel-8]
0
0
BZ#1901279 CVE-2020-27767 ImageMagick: outside the range of representable values of type 'float' at MagickCore/quantum.h [epel-8]
0
0
BZ#1901281 CVE-2020-27768 ImageMagick: outside the range of representable values of type 'unsigned int' at MagickCore/quantum-private.h [epel-8]
0
0
BZ#1901283 CVE-2020-27769 ImageMagick: outside the range of representable values of type 'float' at MagickCore/quantize.c [epel-8]
0
0
BZ#1901285 CVE-2020-27770 ImageMagick: unsigned offset overflowed at MagickCore/string.c [epel-8]
0
0
BZ#1901287 CVE-2020-27771 ImageMagick: outside the range of representable values of type 'unsigned char' at coders/pdf.c [epel-8]
0
0
BZ#1901289 CVE-2020-27772 ImageMagick: outside the range of representable values of type 'unsigned int' at coders/bmp.c [epel-8]
0
0
BZ#1901291 CVE-2020-27773 ImageMagick: division by zero at MagickCore/gem-private.h [epel-8]
0
0
BZ#1901293 CVE-2020-27774 ImageMagick: integer overflow at MagickCore/statistic.c [epel-8]
0
0
BZ#1901295 CVE-2020-27775 ImageMagick: outside the range of representable values of type 'unsigned char' at MagickCore/quantum.h [epel-8]
0
0
BZ#1901297 CVE-2020-27776 ImageMagick: outside the range of representable values of type 'unsigned long' at MagickCore/statistic.c [epel-8]
0
0
BZ#1907457 CVE-2020-29599 ImageMagick: Shell injection via PDF password could result in arbitrary code execution [epel-8]
0
0
BZ#1922526 CVE-2020-27829 ImageMagick: heap buffer overflow in coders/tiff.c [epel-8]
0
0
BZ#1929886 CVE-2021-20246 ImageMagick: Division by zero in ScaleResampleFilter in MagickCore/resample.c [epel-8]
0
0
BZ#1929889 CVE-2021-20245 ImageMagick: Division by zero in WriteAnimatedWEBPImage() in coders/webp.c [epel-8]
0
0
BZ#1929894 CVE-2021-20241 ImageMagick: Division by zero in WriteJP2Image() in coders/jp2.c [epel-8]
0
0
BZ#1929932 CVE-2021-20244 ImageMagick: Division by zero in ImplodeImage in MagickCore/visual-effects.c [epel-8]
0
0
BZ#1932009 CVE-2021-20243 ImageMagick: Division by zero in GetResizeFilterWeight in MagickCore/resize.c [epel-8]
0
0
BZ#1946723 CVE-2021-20309 ImageMagick: ImagemMagick: Division by zero in WaveImage() of MagickCore/visual-effects.c [epel-8]
0
0
BZ#1946729 CVE-2021-20310 ImageMagick: Division by zero in ConvertXYZToJzazbz() of MagickCore/colorspace.c [epel-8]
0
0
BZ#1946740 CVE-2021-20311 ImageMagick: Division by zero in sRGBTransformImage() in MagickCore/colorspace.c [epel-8]
0
0
BZ#1946743 CVE-2021-20312 ImageMagick: Integer overflow in WriteTHUMBNAILImage of coders/thumbnail.c [epel-8]
0
0
BZ#1947020 CVE-2021-20313 ImageMagick: Cipher leak when the calculating signatures in TransformSignatureof MagickCore/signature.c [epel-8]
0
0
BZ#1950841 ImageMagick: division by zero vulnerability in ConvertRGBToHSV() in MagickCore/gem.c [epel-8]
0
0
BZ#1950845 ImageMagick: division by zero vulnerability in ConvertRGBToHSL() in MagickCore/gem.c [epel-8]
0
0
BZ#1950848 ImageMagick: division by zero vulnerability in DrawGradientImage() in MagickCore/draw.c [epel-8]
0
0
BZ#1950851 ImageMagick: division by zero vulnerability in XTextViewWidget() in MagickCore/widget.c [epel-8]
0
0
BZ#1950854 ImageMagick: division by zero vulnerability in XListBrowserWidget() in MagickCore/widget.c [epel-8]
0
0
BZ#1950858 ImageMagick: division by zero vulnerability in XFontBrowserWidget() in MagickCore/widget.c [epel-8]
0
0
BZ#1950862 ImageMagick: division by zero vulnerability in XFileBrowserWidget() in MagickCore/widget.c [epel-8]
0
0
BZ#1950865 ImageMagick: division by zero vulnerability in XColorBrowserWidget() in MagickCore/widget.c [epel-8]
0
0
BZ#1950868 ImageMagick: division by zero vulnerability in ApplyFunction() in MagickCore/statistic.c [epel-8]
0
0
BZ#1950871 ImageMagick: division by zero vulnerability in DistortImage() in MagickCore/distort.c [epel-8]
0
0
BZ#1950874 ImageMagick: division by zero vulnerability in ConvertLuvToXYZ() in MagickCore/gem-private.h [epel-8]
0
0
BZ#1950877 ImageMagick: division by zero vulnerability in TraceStrokePolygon() in MagickCore/draw.c [epel-8]
0
0
BZ#1970571 CVE-2021-3596 ImageMagick: NULL pointer dereference in ReadSVGImage() in coders/svg.c [epel-8]
0
0
BZ#1973691 CVE-2021-3610 ImageMagick: heap-based buffer overflow in ReadTIFFImage() in coders/tiff.c [epel-8]
0
0
BZ#1976976 CVE-2021-34183 ImageMagick: memory leak in AcquireSemaphoreMemory() in semaphore.c and AcquireMagickMemory() in memory.c [epel-8]
0
0
BZ#2009393 CVE-2021-39212 ImageMagick: possible read or write in postscript files [epel-8]
0
0
BZ#2023411 CVE-2021-3962 ImageMagick: heap-use-after-free in at dcm.c RelinquishDCMMemory [epel-8]
0
0
BZ#2054612 CVE-2021-4219 ImageMagick: remote DoS in MagicCore/draw.c via crafted SVG file [epel-8]
0
0

Automated Test Results