UbuntuUpdates.org

Package "libmagickcore-6.q16-6-extra"

Name: libmagickcore-6.q16-6-extra

Description:

low-level image manipulation library - extra codecs (Q16)
Latest version: 8:6.9.11.60+dfsg-1.6ubuntu0.23.04.1
Release: lunar (23.04)
Level: updates
Repository: universe
Head package: imagemagick
Homepage: https://www.imagemagick.org/

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "libmagickcore-6.q16-6-extra"

32-bit deb package
64-bit deb package
APT INSTALL

Other versions of "libmagickcore-6.q16-6-extra" in Lunar

Repository Area Version
base universe 8:6.9.11.60+dfsg-1.6
security universe 8:6.9.11.60+dfsg-1.6ubuntu0.23.04.1

Changelog

Version: 8:6.9.11.60+dfsg-1.6ubuntu0.23.04.1 2023-07-04 12:06:57 UTC

  imagemagick (8:6.9.11.60+dfsg-1.6ubuntu0.23.04.1) lunar-security; urgency=medium

  * SECURITY UPDATE: heap-based buffer overflow issue
    - debian/patches/CVE-2021-3610.patch: eliminate heap buffer overflow
      vulnerability
    - debian/patches/CVE-2023-3428.patch: fix heap buffer overflow
    - CVE-2021-3610
    - CVE-2023-3428
  * SECURITY UPDATE: DoS while processing crafted SVG files
    - debian/patches/CVE-2023-1289*.patch: erecursion detection
    - CVE-2023-1289
  * SECURITY UPDATE: out-of-bound read issue
    - debian/patches/CVE-2023-1906.patch: fix possible heap buffer overflow
    - CVE-2023-1906
  * SECURITY UPDATE: stack-based buffer overflow issue
    - debian/patches/CVE-2023-3195.patch: fix stack overflow when parsing
      malicious tiff image
    - CVE-2023-3195
  * SECURITY UPDATE: integer overflow vulnerability
    - debian/patches/CVE-2023-34151*.patch: properly cast double to size_t
    - CVE-2023-34151

 -- Nishit Majithia <email address hidden> Mon, 03 Jul 2023 14:52:44 +0530
CVE-2021-3610 A heap-based buffer overflow vulnerability was found in ImageMagick in versions prior to 7.0.11-14 in ReadTIFFImage() in coders/tiff.c. This issue is
CVE-2023-3428 heap-buffer-overflow in coders/tiff.c
CVE-2023-1289 A vulnerability was discovered in ImageMagick where a specially created SVG file loads itself and causes a segmentation fault. This flaw allows a rem
CVE-2023-1906 A heap-based buffer overflow issue was discovered in ImageMagick's ImportMultiSpectralQuantum() function in MagickCore/quantum-import.c. An attacker
CVE-2023-3195 A stack-based buffer overflow issue was found in ImageMagick's coders/tiff.c. This flaw allows an attacker to trick the user into opening a specially
CVE-2023-34151 A vulnerability was found in ImageMagick. This security flaw ouccers as an undefined behaviors of casting double to size_t in svg, mvg and other code


About   -   Send Feedback to @ubuntu_updates