ALT-PU-2019-2660-1
Package ImageMagick updated to version 6.9.10.63-alt1 for branch sisyphus in task 237261.
Closed vulnerabilities
BDU:2020-01864
Уязвимость функции ReadCUTImage консольного графического редактора ImageMagick, связанная с использованием неинициализированного ресурса, позволяющая нарушителю получить доступ к конфиденциальной информации или вызвать отказ в обслуживании
Modified: 2024-11-21
CVE-2016-6823
Integer overflow in the BMP coder in ImageMagick before 7.0.2-10 allows remote attackers to cause a denial of service (crash) via crafted height and width values, which triggers an out-of-bounds write.
- [oss-security] 20160926 CVE-2016-6823 - ImageMagick BMP Coder Out-Of-Bounds Write Vulnerability
- [oss-security] 20160926 CVE-2016-6823 - ImageMagick BMP Coder Out-Of-Bounds Write Vulnerability
- 93158
- 93158
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=834504
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=834504
- https://github.com/ImageMagick/ImageMagick/commit/4cc6ec8a4197d4c008577127736bf7985d632323
- https://github.com/ImageMagick/ImageMagick/commit/4cc6ec8a4197d4c008577127736bf7985d632323
Modified: 2024-11-21
CVE-2019-13135
ImageMagick before 7.0.8-50 has a "use of uninitialized value" vulnerability in the function ReadCUTImage in coders/cut.c.
- openSUSE-SU-2019:1983
- openSUSE-SU-2019:1983
- https://github.com/ImageMagick/ImageMagick/commit/cdb383749ef7b68a38891440af8cc23e0115306d
- https://github.com/ImageMagick/ImageMagick/commit/cdb383749ef7b68a38891440af8cc23e0115306d
- https://github.com/ImageMagick/ImageMagick/issues/1599
- https://github.com/ImageMagick/ImageMagick/issues/1599
- https://github.com/ImageMagick/ImageMagick6/commit/1e59b29e520d2beab73e8c78aacd5f1c0d76196d
- https://github.com/ImageMagick/ImageMagick6/commit/1e59b29e520d2beab73e8c78aacd5f1c0d76196d
- [debian-lts-announce] 20190816 [SECURITY] [DLA 1888-1] imagemagick security update
- [debian-lts-announce] 20190816 [SECURITY] [DLA 1888-1] imagemagick security update
- [debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update
- [debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update
- https://support.f5.com/csp/article/K20336394
- https://support.f5.com/csp/article/K20336394
- https://support.f5.com/csp/article/K20336394?utm_source=f5support&%3Butm_medium=RSS
- https://support.f5.com/csp/article/K20336394?utm_source=f5support&%3Butm_medium=RSS
- USN-4192-1
- USN-4192-1
- DSA-4712
- DSA-4712
Modified: 2024-11-21
CVE-2019-13137
ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadPSImage in coders/ps.c.
- openSUSE-SU-2019:1983
- openSUSE-SU-2019:1983
- https://github.com/ImageMagick/ImageMagick/commit/35ccb468ee2dcbe8ce9cf1e2f1957acc27f54c34
- https://github.com/ImageMagick/ImageMagick/commit/35ccb468ee2dcbe8ce9cf1e2f1957acc27f54c34
- https://github.com/ImageMagick/ImageMagick/issues/1601
- https://github.com/ImageMagick/ImageMagick/issues/1601
- https://github.com/ImageMagick/ImageMagick6/commit/7d11230060fa9c8f67e53c85224daf6648805c7b
- https://github.com/ImageMagick/ImageMagick6/commit/7d11230060fa9c8f67e53c85224daf6648805c7b
- USN-4192-1
- USN-4192-1
- DSA-4712
- DSA-4712
Modified: 2024-11-21
CVE-2019-17541
ImageMagick before 7.0.8-55 has a use-after-free in DestroyStringInfo in MagickCore/string.c because the error manager is mishandled in coders/jpeg.c.
- https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15827
- https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15827
- https://github.com/ImageMagick/ImageMagick/commit/39f226a9c137f547e12afde972eeba7551124493
- https://github.com/ImageMagick/ImageMagick/commit/39f226a9c137f547e12afde972eeba7551124493
- https://github.com/ImageMagick/ImageMagick/compare/7.0.8-54...7.0.8-55
- https://github.com/ImageMagick/ImageMagick/compare/7.0.8-54...7.0.8-55
- https://github.com/ImageMagick/ImageMagick/issues/1641
- https://github.com/ImageMagick/ImageMagick/issues/1641