ImageMagick soname bump was approved [0] in EPEL Steering Committee meeting.
and I'm continuing with the process for incompatible upgrades from step 4 forward [1].
and 81 security bugs will be fixed
BZ#1792470 CVE-2019-19952 ImageMagick: use-after-free in MngInfoDiscardObject in coders/png.c [epel-8]
0
0
BZ#1792482 CVE-2019-19949 ImageMagick: heap-based buffer over-read in WritePNGImage in coders/png.c [epel-8]
0
0
BZ#1793178 CVE-2019-19948 ImageMagick: heap-based buffer overflow in WriteSGIImage in coders/sgi.c [epel-8]
0
0
BZ#1801664 CVE-2019-16709 ImageMagick: memory leak in coders/dps.c [epel-8]
0
0
BZ#1801669 CVE-2019-16708 ImageMagick: memory leak in magick/xwindow.c [epel-8]
0
0
BZ#1801671 CVE-2019-16710 ImageMagick: memory leak in coders/dot.c [epel-8]
0
0
BZ#1801678 CVE-2019-16711 ImageMagick: memory leak in Huffman2DEncodeImage in coders/ps2.c [epel-8]
0
0
BZ#1801679 CVE-2019-16712 ImageMagick: memory leak in Huffman2DEncodeImage in coders/ps3.c [epel-8]
0
0
BZ#1801683 CVE-2019-16713 ImageMagick: memory leak in coders/dot.c [epel-8]
0
0
BZ#1820589 CVE-2019-18853 ImageMagick: XML_PARSE_HUGE not properly restricted in coders/svg.c [epel-8]
0
0
BZ#1890690 CVE-2020-27560 ImageMagick: division by zero in OptimizeLayerFrames function in MagickCore/layer.c [epel-8]
0
0
BZ#1901225 CVE-2020-25664 ImageMagick: heap-based buffer overflow in PopShortPixel in MagickCore/quantum-private.h [epel-8]
0
0
BZ#1901227 CVE-2020-25665 ImageMagick: heap-based buffer overflow in WritePALMImage in coders/palm.c [epel-8]
0
0
BZ#1901229 CVE-2020-25666 ImageMagick: outside the range of representable values of type int and signed integer overflow in MagickCore/histogram.c [epel-8]
0
0
BZ#1901231 CVE-2020-25667 ImageMagick: heap-based buffer overflow in TIFFGetProfiles in coders/tiff.c [epel-8]
0
0
BZ#1901233 CVE-2020-25674 ImageMagick: heap-based buffer overflow in WriteOnePNGImage in coders/png.c [epel-8]
0
0
BZ#1901236 CVE-2020-25675 ImageMagick: outside the range of representable values of type 'long' and integer overflow at MagickCore/transform.c and MagickCore/image.c [epel-8]
0
0
BZ#1901239 CVE-2020-25676 ImageMagick: outside the range of representable values of type 'long' and integer overflow at MagickCore/pixel.c and MagickCore/cache.c [epel-8]
0
0
BZ#1901241 CVE-2020-27750 ImageMagick: division by zero in MagickCore/colorspace-private.h [epel-8]
0
0
BZ#1901243 CVE-2020-27751 ImageMagick: integer overflow in MagickCore/quantum-export.c [epel-8]
0
0
BZ#1901245 CVE-2020-25663 ImageMagick: use-after-free, heap-buffer-overflow triggered by GetPixelRed, GetPixelBlue in MagickCore/pixel-accessor.h [epel-8]
0
0
BZ#1901247 CVE-2020-27752 ImageMagick: heap-based buffer overflow in PopShortPixel in MagickCore/quantum-private.h [epel-8]
0
0
BZ#1901249 CVE-2020-27753 ImageMagick: memory leaks in AcquireMagickMemory function [epel-8]
0
0
BZ#1901251 CVE-2020-27754 ImageMagick: outside the range of representable values of type 'long' and signed integer overflow at MagickCore/quantize.c [epel-8]
0
0
BZ#1901253 CVE-2020-27755 ImageMagick: memory leaks in ResizeMagickMemory function in ImageMagick/MagickCore/memory.c [epel-8]
0
0
BZ#1901257 CVE-2020-27756 ImageMagick: division by zero at MagickCore/geometry.c [epel-8]
0
0
BZ#1901259 CVE-2020-27757 ImageMagick: outside the range of representable values of type 'unsigned long long' at MagickCore/quantum-private.h [epel-8]
0
0
BZ#1901261 CVE-2020-27758 ImageMagick: outside the range of representable values of type 'unsigned long long' at coders/txt.c [epel-8]
0
0
BZ#1901263 CVE-2020-27759 ImageMagick: outside the range of representable values of type 'int' at MagickCore/quantize.c [epel-8]
0
0
BZ#1901265 CVE-2020-27760 ImageMagick: division by zero at MagickCore/enhance.c [epel-8]
0
0
BZ#1901267 CVE-2020-27761 ImageMagick: outside the range of representable values of type 'unsigned long' at coders/palm.c [epel-8]
0
0
BZ#1901269 CVE-2020-27762 ImageMagick: outside the range of representable values of type 'unsigned char' at coders/hdr.c [epel-8]
0
0
BZ#1901271 CVE-2020-27763 ImageMagick: division by zero at MagickCore/resize.c [epel-8]
0
0
BZ#1901273 CVE-2020-27764 ImageMagick: outside the range of representable values of type 'unsigned long' at MagickCore/statistic.c [epel-8]
0
0
BZ#1901275 CVE-2020-27765 ImageMagick: division by zero at MagickCore/segment.c [epel-8]
0
0
BZ#1901277 CVE-2020-27766 ImageMagick: outside the range of representable values of type 'unsigned long' at MagickCore/statistic.c [epel-8]
0
0
BZ#1901279 CVE-2020-27767 ImageMagick: outside the range of representable values of type 'float' at MagickCore/quantum.h [epel-8]
0
0
BZ#1901281 CVE-2020-27768 ImageMagick: outside the range of representable values of type 'unsigned int' at MagickCore/quantum-private.h [epel-8]
0
0
BZ#1901283 CVE-2020-27769 ImageMagick: outside the range of representable values of type 'float' at MagickCore/quantize.c [epel-8]
0
0
BZ#1901285 CVE-2020-27770 ImageMagick: unsigned offset overflowed at MagickCore/string.c [epel-8]
0
0
BZ#1901287 CVE-2020-27771 ImageMagick: outside the range of representable values of type 'unsigned char' at coders/pdf.c [epel-8]
0
0
BZ#1901289 CVE-2020-27772 ImageMagick: outside the range of representable values of type 'unsigned int' at coders/bmp.c [epel-8]
0
0
BZ#1901291 CVE-2020-27773 ImageMagick: division by zero at MagickCore/gem-private.h [epel-8]
0
0
BZ#1901293 CVE-2020-27774 ImageMagick: integer overflow at MagickCore/statistic.c [epel-8]
0
0
BZ#1901295 CVE-2020-27775 ImageMagick: outside the range of representable values of type 'unsigned char' at MagickCore/quantum.h [epel-8]
0
0
BZ#1901297 CVE-2020-27776 ImageMagick: outside the range of representable values of type 'unsigned long' at MagickCore/statistic.c [epel-8]
0
0
BZ#1907457 CVE-2020-29599 ImageMagick: Shell injection via PDF password could result in arbitrary code execution [epel-8]
0
0
BZ#1922526 CVE-2020-27829 ImageMagick: heap buffer overflow in coders/tiff.c [epel-8]
0
0
BZ#1929886 CVE-2021-20246 ImageMagick: Division by zero in ScaleResampleFilter in MagickCore/resample.c [epel-8]
0
0
BZ#1929889 CVE-2021-20245 ImageMagick: Division by zero in WriteAnimatedWEBPImage() in coders/webp.c [epel-8]
0
0
BZ#1929894 CVE-2021-20241 ImageMagick: Division by zero in WriteJP2Image() in coders/jp2.c [epel-8]
0
0
BZ#1929932 CVE-2021-20244 ImageMagick: Division by zero in ImplodeImage in MagickCore/visual-effects.c [epel-8]
0
0
BZ#1932009 CVE-2021-20243 ImageMagick: Division by zero in GetResizeFilterWeight in MagickCore/resize.c [epel-8]
0
0
BZ#1946723 CVE-2021-20309 ImageMagick: ImagemMagick: Division by zero in WaveImage() of MagickCore/visual-effects.c [epel-8]
0
0
BZ#1946729 CVE-2021-20310 ImageMagick: Division by zero in ConvertXYZToJzazbz() of MagickCore/colorspace.c [epel-8]
0
0
BZ#1946740 CVE-2021-20311 ImageMagick: Division by zero in sRGBTransformImage() in MagickCore/colorspace.c [epel-8]
0
0
BZ#1946743 CVE-2021-20312 ImageMagick: Integer overflow in WriteTHUMBNAILImage of coders/thumbnail.c [epel-8]
0
0
BZ#1947020 CVE-2021-20313 ImageMagick: Cipher leak when the calculating signatures in TransformSignatureof MagickCore/signature.c [epel-8]
0
0
BZ#1950841 ImageMagick: division by zero vulnerability in ConvertRGBToHSV() in MagickCore/gem.c [epel-8]
0
0
BZ#1950845 ImageMagick: division by zero vulnerability in ConvertRGBToHSL() in MagickCore/gem.c [epel-8]
0
0
BZ#1950848 ImageMagick: division by zero vulnerability in DrawGradientImage() in MagickCore/draw.c [epel-8]
0
0
BZ#1950851 ImageMagick: division by zero vulnerability in XTextViewWidget() in MagickCore/widget.c [epel-8]
0
0
BZ#1950854 ImageMagick: division by zero vulnerability in XListBrowserWidget() in MagickCore/widget.c [epel-8]
0
0
BZ#1950858 ImageMagick: division by zero vulnerability in XFontBrowserWidget() in MagickCore/widget.c [epel-8]
0
0
BZ#1950862 ImageMagick: division by zero vulnerability in XFileBrowserWidget() in MagickCore/widget.c [epel-8]
0
0
BZ#1950865 ImageMagick: division by zero vulnerability in XColorBrowserWidget() in MagickCore/widget.c [epel-8]
0
0
BZ#1950868 ImageMagick: division by zero vulnerability in ApplyFunction() in MagickCore/statistic.c [epel-8]
0
0
BZ#1950871 ImageMagick: division by zero vulnerability in DistortImage() in MagickCore/distort.c [epel-8]
0
0
BZ#1950874 ImageMagick: division by zero vulnerability in ConvertLuvToXYZ() in MagickCore/gem-private.h [epel-8]
0
0
BZ#1950877 ImageMagick: division by zero vulnerability in TraceStrokePolygon() in MagickCore/draw.c [epel-8]
0
0
BZ#1970571 CVE-2021-3596 ImageMagick: NULL pointer dereference in ReadSVGImage() in coders/svg.c [epel-8]
0
0
BZ#1973691 CVE-2021-3610 ImageMagick: heap-based buffer overflow in ReadTIFFImage() in coders/tiff.c [epel-8]
0
0
BZ#1976976 CVE-2021-34183 ImageMagick: memory leak in AcquireSemaphoreMemory() in semaphore.c and AcquireMagickMemory() in memory.c [epel-8]
0
0
BZ#2009393 CVE-2021-39212 ImageMagick: possible read or write in postscript files [epel-8]
0
0
BZ#2023411 CVE-2021-3962 ImageMagick: heap-use-after-free in at dcm.c RelinquishDCMMemory [epel-8]
0
0
BZ#2054612 CVE-2021-4219 ImageMagick: remote DoS in MagicCore/draw.c via crafted SVG file [epel-8]
This update's test gating status has been changed to 'waiting'.
This update has been submitted for testing by bodhi.
This update's test gating status has been changed to 'ignored'.
This update has been pushed to testing.
subscribe
sergiomb edited this update.
sergiomb edited this update.
This update can be pushed to stable now if the maintainer wishes
sergiomb edited this update.
New build(s):
Removed build(s):
Karma has been reset.
This update has been submitted for testing by sergiomb.
This update has been pushed to testing.
sergiomb edited this update.
New build(s):
Removed build(s):
Karma has been reset.
This update has been submitted for testing by sergiomb.
ImageMagick-6.9.12.48-2.el8
This update has been pushed to testing.
ImageMagick soname bump was approved [0] in EPEL Steering Committee meeting. and I'm continuing with the process for incompatible upgrades from step 4 forward [1]. and 81 security bugs will be fixed
[0] https://meetbot.fedoraproject.org/teams/epel/epel.2022-04-13-20.00.html [1] https://docs.fedoraproject.org/en-US/epel/epel-policy-incompatible-upgrades/#process_for_incompatible_upgrades
This update's test gating status has been changed to 'waiting'.
This update's test gating status has been changed to 'ignored'.
This update's test gating status has been changed to 'waiting'.
This update's test gating status has been changed to 'ignored'.
This update can be pushed to stable now if the maintainer wishes
This update has been submitted for stable by sergiomb.
This update has been pushed to stable.