UbuntuUpdates.org

Package "libmagickwand-dev"

Name: libmagickwand-dev

Description:

image manipulation library - development files

Latest version: 8:6.7.7.10-6ubuntu3.13
Release: trusty (14.04)
Level: security
Repository: main
Head package: imagemagick
Homepage: http://www.imagemagick.org/

Links


Download "libmagickwand-dev"


Other versions of "libmagickwand-dev" in Trusty

Repository Area Version
base main 8:6.7.7.10-6ubuntu3
updates main 8:6.7.7.10-6ubuntu3.13

Changelog

Version: 8:6.7.7.10-6ubuntu3.13 2018-10-04 23:06:48 UTC

  imagemagick (8:6.7.7.10-6ubuntu3.13) trusty-security; urgency=medium

  [ Steve Beattie ]
  * SECURITY UPDATE: code execution vulnerabilities in ghostscript as
    invoked by imagemagick
    - debian/patches/200-disable-ghostscript-formats.patch: disable
      ghostscript handled types by default in policy.xml
  * SECURITY UPDATE: information leak in ReadXBMImage
    - debian/patches/CVE-2018-16323.patch: don't leave data
      uninitialized with negative pixels
    - CVE-2018-16323
  * SECURITY UPDATE: memory leak of colormap in WriteMPCImage
    - debian/patches/CVE-2018-14434.patch: free colormap on bad
      color depth
    - CVE-2018-14434
  * SECURITY UPDATE: memory leak in DecodeImage
    - debian/patches/CVE-2018-14435.patch: free memory when given a
      bad plane
    - CVE-2018-14435
  * SECURITY UPDATE: memory leak in ReadMIFFImage
    - debian/patches/CVE-2018-14436.patch: free memory when given a bad
      depth
    - CVE-2018-14436
  * SECURITY UPDATE: memory leak in parse8BIM
    - debian/patches/CVE-2018-14437-prereq.patch: check for negative
      values
    - debian/patches/CVE-2018-14437.patch: free strings in error
      conditions
    - CVE-2018-14437
  * SECURITY UPDATE: memory leak in ReadOneJNGImage
    - debian/patches/CVE-2018-16640-prereq-1.patch: define DestroyJNG()
    - debian/patches/CVE-2018-16640-prereq-2.patch: fix DestroyJNG()
    - debian/patches/CVE-2018-16640.patch: free memory on error
    - CVE-2018-16640
  * SECURITY UPDATE: denial of service due to out-of-bounds write
    in InsertRow
    - debian/patches/CVE-2018-16642.patch: improve checking for errors
    - CVE-2018-16642
  * SECURITY UPDATE: denial of service due to missing fputc checks
    - debian/patches/CVE-2018-16643.patch: check fputc calls for error
    - CVE-2018-16643
  * SECURITY UPDATE: denial of service in ReadDCMImage and
    ReadPICTImage
    - debian/patches/CVE-2018-16644-prereq-1.patch: make
      ReadRectangle() a boolean returning function and use it.
    - debian/patches/CVE-2018-16644-prereq-2.patch: check for EOF
      when reading from file
    - debian/patches/CVE-2018-16644-prereq-3.patch: define
      ThrowPICTException() macro and use it
    - debian/patches/CVE-2018-16644-1.patch,
      debian/patches/CVE-2018-16644-2.patch: check for invalid length
    - CVE-2018-16644
  * SECURITY UPDATE: excessive memory allocation issue in ReadBMPImage
    - debian/patches/CVE-2018-16645.patch: ensure number_colors is
      not too large
    - CVE-2018-16645
  * SECURITY UPDATE: denial of service in ReadOneJNGImage
    - debian/patches/CVE-2018-16749.patch; check for NULL color_image
    - CVE-2018-16749
  * SECURITY UPDATE: memory leak in formatIPTCfromBuffer
    - debian/patches/CVE-2018-16750.patch: free memory on error
    - CVE-2018-16750

  [ Marc Deslauriers ]
  * SECURITY REGRESSION: segfault in png to gif conversion (LP: #1793485)
    - debian/patches/0297-CVE-2017-13144.patch: removed pending further
      investigation.
    - debian/patches/CVE-2017-12430.patch: refreshed.

 -- Steve Beattie <email address hidden> Fri, 28 Sep 2018 11:21:01 -0700

Source diff to previous version
1793485 segfault in png to gif conversion
CVE-2018-16323 ReadXBMImage in coders/xbm.c in ImageMagick before 7.0.8-9 leaves data uninitialized when processing an XBM file that has a negative pixel value. If
CVE-2018-14434 ImageMagick 7.0.8-4 has a memory leak for a colormap in WriteMPCImage in coders/mpc.c.
CVE-2018-14435 ImageMagick 7.0.8-4 has a memory leak in DecodeImage in coders/pcd.c.
CVE-2018-14436 ImageMagick 7.0.8-4 has a memory leak in ReadMIFFImage in coders/miff.c.
CVE-2018-14437 ImageMagick 7.0.8-4 has a memory leak in parse8BIM in coders/meta.c.
CVE-2018-16640 ImageMagick 7.0.8-5 has a memory leak vulnerability in the function ReadOneJNGImage in coders/png.c.
CVE-2018-16642 The function InsertRow in coders/cut.c in ImageMagick 7.0.7-37 allows remote attackers to cause a denial of service via a crafted image file due to a
CVE-2018-16643 The functions ReadDCMImage in coders/dcm.c, ReadPWPImage in coders/pwp.c, ReadCALSImage in coders/cals.c, and ReadPICTImage in coders/pict.c in Image
CVE-2018-16644 There is a missing check for length in the functions ReadDCMImage of coders/dcm.c and ReadPICTImage of coders/pict.c in ImageMagick 7.0.8-11, which a
CVE-2018-16645 There is an excessive memory allocation issue in the functions ReadBMPImage of coders/bmp.c and ReadDIBImage of coders/dib.c in ImageMagick 7.0.8-11,
CVE-2018-16749 In ImageMagick 7.0.7-29 and earlier, a missing NULL check in ReadOneJNGImage in coders/png.c allows an attacker to cause a denial of service (WriteBl
CVE-2018-16750 In ImageMagick 7.0.7-29 and earlier, a memory leak in the formatIPTCfromBuffer function in coders/meta.c was found.
CVE-2017-13144 In ImageMagick before 6.9.7-10, there is a crash (rather than a "width or height exceeds limit" error report) if the image dimensions are too large,
CVE-2017-12430 In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in the function ReadMPCImage in coders/mpc.c, which allows attackers to cause a d

Version: 8:6.7.7.10-6ubuntu3.12 2018-07-11 14:07:04 UTC

  imagemagick (8:6.7.7.10-6ubuntu3.12) trusty-security; urgency=medium

  * SECURITY UPDATE: out-of-bounds write in ReadBMPImage and WriteBMPImage
    - debian/patches/CVE-2018-12599.patch: use proper lengths in
      coders/bmp.c.
    - CVE-2018-12599
  * SECURITY UPDATE: out-of-bounds write in ReadDIBImage and WriteDIBImage
    - debian/patches/CVE-2018-12600.patch: use proper lengths in
      coders/dib.c.
    - CVE-2018-12600
  * SECURITY UPDATE: memory leak in XMagickCommand
    - debian/patches/CVE-2018-13153.patch: free memory in magick/animate.c.
    - CVE-2018-13153

 -- Marc Deslauriers <email address hidden> Tue, 10 Jul 2018 10:15:44 -0400

Source diff to previous version
CVE-2018-12599 In ImageMagick 7.0.8-3 Q16, ReadBMPImage and WriteBMPImage in coders/bmp.c allow attackers to cause an out of bounds write via a crafted file.
CVE-2018-12600 In ImageMagick 7.0.8-3 Q16, ReadDIBImage and WriteDIBImage in coders/dib.c allow attackers to cause an out of bounds write via a crafted file.
CVE-2018-13153 In ImageMagick 7.0.8-4, there is a memory leak in the XMagickCommand function in MagickCore/animate.c.

Version: 8:6.7.7.10-6ubuntu3.11 2018-06-12 13:06:32 UTC

  imagemagick (8:6.7.7.10-6ubuntu3.11) trusty-security; urgency=medium

  * SECURITY UPDATE: Multiple security issues
    - debian/patches/*: synchronize security fixes with Debian's
      8:6.7.7.10-5+deb7u22 release. Thanks to Markus Koschany,
      Chris Lamb, and Roberto C. Sánchez for the excellent work this
      update is based on!
    - debian/patches/CVE-201[78]*.patch: backport large number of upstream
      security patches.
    - CVE-2017-10995, CVE-2017-11533, CVE-2017-11535, CVE-2017-11537,
      CVE-2017-11639, CVE-2017-11640, CVE-2017-12140, CVE-2017-12429,
      CVE-2017-12430, CVE-2017-12431, CVE-2017-12432, CVE-2017-12435,
      CVE-2017-12563, CVE-2017-12587, CVE-2017-12640, CVE-2017-12643,
      CVE-2017-12670, CVE-2017-12674, CVE-2017-12691, CVE-2017-12692,
      CVE-2017-12693, CVE-2017-12875, CVE-2017-12877, CVE-2017-12983,
      CVE-2017-13134, CVE-2017-13139, CVE-2017-13142, CVE-2017-13143,
      CVE-2017-13144, CVE-2017-13758, CVE-2017-13768, CVE-2017-13769,
      CVE-2017-14060, CVE-2017-14172, CVE-2017-14173, CVE-2017-14174,
      CVE-2017-14175, CVE-2017-14224, CVE-2017-14249, CVE-2017-14325,
      CVE-2017-14341, CVE-2017-14342, CVE-2017-14343, CVE-2017-14400,
      CVE-2017-14505, CVE-2017-14531, CVE-2017-14607, CVE-2017-14682,
      CVE-2017-14739, CVE-2017-14741, CVE-2017-14989, CVE-2017-15016,
      CVE-2017-15017, CVE-2017-15277, CVE-2017-15281, CVE-2017-16546,
      CVE-2017-17504, CVE-2017-17682, CVE-2017-17879, CVE-2017-17914,
      CVE-2017-18252, CVE-2017-18271, CVE-2017-18273, CVE-2017-1000445,
      CVE-2017-1000476, CVE-2018-7443, CVE-2018-8804, CVE-2018-8960,
      CVE-2018-10177, CVE-2018-11251

 -- Marc Deslauriers <email address hidden> Fri, 08 Jun 2018 12:00:47 -0400

Source diff to previous version
CVE-2017-10995 The mng_get_long function in coders/png.c in ImageMagick 7.0.6-0 allows remote attackers to cause a denial of service (heap-based buffer over-read an
CVE-2017-11533 When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a heap-based buffer over-read in the WriteUILImage() function in coders/
CVE-2017-11535 When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a heap-based buffer over-read in the WritePSImage() function in coders/p
CVE-2017-11537 When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Floating Point Exception (FPE) in the WritePALMImage() function in cod
CVE-2017-11639 When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a heap-based buffer over-read in the WriteCIPImage() function in coders/
CVE-2017-11640 When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to an address access exception in the WritePTIFImage() function in coders/t
CVE-2017-12140 The ReadDCMImage function in coders\dcm.c in ImageMagick 7.0.6-1 has an integer signedness error leading to excessive memory consumption via a crafte
CVE-2017-12429 In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in the function ReadMIFFImage in coders/miff.c, which allows attackers to cause a
CVE-2017-12430 In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in the function ReadMPCImage in coders/mpc.c, which allows attackers to cause a d
CVE-2017-12431 In ImageMagick 7.0.6-1, a use-after-free vulnerability was found in the function ReadWMFImage in coders/wmf.c, which allows attackers to cause a deni
CVE-2017-12432 In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in the function ReadPCXImage in coders/pcx.c, which allows attackers to cause a d
CVE-2017-12435 In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in the function ReadSUNImage in coders/sun.c, which allows attackers to cause a d
CVE-2017-12563 In ImageMagick 7.0.6-2, a memory exhaustion vulnerability was found in the function ReadPSDImage in coders/psd.c, which allows attackers to cause a d
CVE-2017-12587 ImageMagick 7.0.6-1 has a large loop vulnerability in the ReadPWPImage function in coders\pwp.c.
CVE-2017-12640 ImageMagick 7.0.6-1 has an out-of-bounds read vulnerability in ReadOneMNGImage in coders/png.c.
CVE-2017-12643 ImageMagick 7.0.6-1 has a memory exhaustion vulnerability in ReadOneJNGImage in coders\png.c.
CVE-2017-12670 In ImageMagick 7.0.6-3, missing validation was found in coders/mat.c, leading to an assertion failure in the function DestroyImage in MagickCore/imag
CVE-2017-12674 In ImageMagick 7.0.6-2, a CPU exhaustion vulnerability was found in the function ReadPDBImage in coders/pdb.c, which allows attackers to cause a deni
CVE-2017-12691 The ReadOneLayer function in coders/xcf.c in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service (memory consumption) via a craf
CVE-2017-12692 The ReadVIFFImage function in coders/viff.c in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service (memory consumption) via a cr
CVE-2017-12693 The ReadBMPImage function in coders/bmp.c in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service (memory consumption) via a craf
CVE-2017-12875 The WritePixelCachePixels function in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service (CPU consumption) via a crafted file.
CVE-2017-12877 Use-after-free vulnerability in the DestroyImage function in image.c in ImageMagick before 7.0.6-6 allows remote attackers to cause a denial of servi
CVE-2017-12983 Heap-based buffer overflow in the ReadSFWImage function in coders/sfw.c in ImageMagick 7.0.6-8 allows remote attackers to cause a denial of service (
CVE-2017-13134 In ImageMagick 7.0.6-6 and GraphicsMagick 1.3.26, a heap-based buffer over-read was found in the function SFWScan in coders/sfw.c, which allows attac
CVE-2017-13139 In ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1, the ReadOneMNGImage function in coders/png.c has an out-of-bounds read with the MNG CLIP chunk.
CVE-2017-13142 In ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1, a crafted PNG file could trigger a crash because there was an insufficient check for short file
CVE-2017-13143 In ImageMagick before 6.9.7-6 and 7.x before 7.0.4-6, the ReadMATImage function in coders/mat.c uses uninitialized data, which might allow remote att
CVE-2017-13144 In ImageMagick before 6.9.7-10, there is a crash (rather than a "width or height exceeds limit" error report) if the image dimensions are too large,
CVE-2017-13758 In ImageMagick 7.0.6-10, there is a heap-based buffer overflow in the TracePoint() function in MagickCore/draw.c.
CVE-2017-13768 Null Pointer Dereference in the IdentifyImage function in MagickCore/identify.c in ImageMagick through 7.0.6-10 allows an attacker to perform denial
CVE-2017-13769 The WriteTHUMBNAILImage function in coders/thumbnail.c in ImageMagick through 7.0.6-10 allows an attacker to cause a denial of service (buffer over-r
CVE-2017-14060 In ImageMagick 7.0.6-10, a NULL Pointer Dereference issue is present in the ReadCUTImage function in coders/cut.c that could allow an attacker to cau
CVE-2017-14172 In coders/ps.c in ImageMagick 7.0.7-0 Q16, a DoS in ReadPSImage() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a
CVE-2017-14173 In the function ReadTXTImage() in coders/txt.c in ImageMagick 7.0.6-10, an integer overflow might occur for the addition operation "GetQuantumRange(d
CVE-2017-14174 In coders/psd.c in ImageMagick 7.0.7-0 Q16, a DoS in ReadPSDLayersInternal() due to lack of an EOF (End of File) check might cause huge CPU consumpti
CVE-2017-14175 In coders/xbm.c in ImageMagick 7.0.6-1 Q16, a DoS in ReadXBMImage() due to lack of an EOF (End of File) check might cause huge CPU consumption. When
CVE-2017-14224 A heap-based buffer overflow in WritePCXImage in coders/pcx.c in ImageMagick 7.0.6-8 Q16 allows remote attackers to cause a denial of service or code
CVE-2017-14249 ImageMagick 7.0.6-8 Q16 mishandles EOF checks in ReadMPCImage in coders/mpc.c, leading to division by zero in GetPixelCacheTileSize in MagickCore/cac
CVE-2017-14325 In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in the function PersistPixelCache in magick/cache.c, which allows attackers to caus
CVE-2017-14341 ImageMagick 7.0.6-6 has a large loop vulnerability in ReadWPGImage in coders/wpg.c, causing CPU exhaustion via a crafted wpg image file.
CVE-2017-14342 ImageMagick 7.0.6-6 has a memory exhaustion vulnerability in ReadWPGImage in coders/wpg.c via a crafted wpg image file.
CVE-2017-14343 ImageMagick 7.0.6-6 has a memory leak vulnerability in ReadXCFImage in coders/xcf.c via a crafted xcf image file.
CVE-2017-14400 In ImageMagick 7.0.7-1 Q16, the PersistPixelCache function in magick/cache.c mishandles the pixel cache nexus, which allows remote attackers to cause
CVE-2017-14505 DrawGetStrokeDashArray in wand/drawing-wand.c in ImageMagick 7.0.7-1 mishandles certain NULL arrays, which allows attackers to perform Denial of Serv
CVE-2017-14531 ImageMagick 7.0.7-0 has a memory exhaustion issue in ReadSUNImage in coders/sun.c.
CVE-2017-14607 In ImageMagick 7.0.7-4 Q16, an out of bounds read flaw related to ReadTIFFImage has been reported in coders/tiff.c. An attacker could possibly exploi
CVE-2017-14682 GetNextToken in MagickCore/token.c in ImageMagick 7.0.6 allows remote attackers to cause a denial of service (heap-based buffer overflow and applicat
CVE-2017-14739 The AcquireResampleFilterThreadSet function in magick/resample-private.h in ImageMagick 7.0.7-4 mishandles failed memory allocation, which allows rem
CVE-2017-14741 The ReadCAPTIONImage function in coders/caption.c in ImageMagick 7.0.7-3 allows remote attackers to cause a denial of service (infinite loop) via a c
CVE-2017-14989 A use-after-free in RenderFreetype in MagickCore/annotate.c in ImageMagick 7.0.7-4 Q16 allows attackers to crash the application via a crafted font f
CVE-2017-15016 ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability in ReadEnhMetaFile in coders/emf.c.
CVE-2017-15017 ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability in ReadOneMNGImage in coders/png.c.
CVE-2017-15277 ReadGIFImage in coders/gif.c in ImageMagick 7.0.6-1 and GraphicsMagick 1.3.26 leaves the palette uninitialized when processing a GIF file that has ne
CVE-2017-15281 ReadPSDImage in coders/psd.c in ImageMagick 7.0.7-6 allows remote attackers to cause a denial of service (application crash) or possibly have unspeci
CVE-2017-16546 The ReadWPGImage function in coders/wpg.c in ImageMagick 7.0.7-9 does not properly validate the colormap index in a WPG palette, which allows remote
CVE-2017-17504 ImageMagick before 7.0.7-12 has a coders/png.c Magick_png_read_raw_profile heap-based buffer over-read via a crafted file, related to ReadOneMNGImage
CVE-2017-17682 In ImageMagick 7.0.7-12 Q16, a large loop vulnerability was found in the function ExtractPostscript in coders/wpg.c, which allows attackers to cause
CVE-2017-17879 In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-21, there is a heap-based buffer over-read in ReadOneMNGImage in coders/png.c, related to length calculati
CVE-2017-17914 In ImageMagick 7.0.7-16 Q16, a vulnerability was found in the function ReadOnePNGImage in coders/png.c, which allows attackers to cause a denial of s
CVE-2017-18252 An issue was discovered in ImageMagick 7.0.7. The MogrifyImageList function in MagickWand/mogrify.c allows attackers to cause a denial of service (as
CVE-2017-18271 In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-22, an infinite loop vulnerability was found in the function ReadMIFFImage in coders/miff.c, which allows
CVE-2017-18273 In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-22, an infinite loop vulnerability was found in the function ReadTXTImage in coders/txt.c, which allows at
CVE-2017-1000445 ImageMagick 7.0.7-1 and older version are vulnerable to null pointer dereference in the MagickCore component and might lead to denial of service
CVE-2017-1000476 ImageMagick 7.0.7-12 Q16, a CPU exhaustion vulnerability was found in the function ReadDDSInfo in coders/dds.c, which allows attackers to cause a den
CVE-2018-7443 The ReadTIFFImage function in coders/tiff.c in ImageMagick 7.0.7-23 Q16 does not properly validate the amount of image data in a file, which allows r
CVE-2018-8804 WriteEPTImage in coders/ept.c in ImageMagick 7.0.7-25 Q16 allows remote attackers to cause a denial of service (MagickCore/memory.c double free and a
CVE-2018-8960 The ReadTIFFImage function in coders/tiff.c in ImageMagick 7.0.7-26 Q16 does not properly restrict memory allocation, leading to a heap-based buffer
CVE-2018-10177 In ImageMagick 7.0.7-28, there is an infinite loop in the ReadOneMNGImage function of the coders/png.c file. Remote attackers could leverage this vul
CVE-2018-11251 In ImageMagick 7.0.7-23 Q16 x86_64 2018-01-24, there is a heap-based buffer over-read in ReadSUNImage in coders/sun.c, which allows attackers to caus

Version: 8:6.7.7.10-6ubuntu3.9 2017-07-31 18:06:46 UTC

  imagemagick (8:6.7.7.10-6ubuntu3.9) trusty-security; urgency=medium

  * SECURITY REGRESSION: image composite function regression (LP: #1707015)
    - disabled the following patches which cause issue:
      0224-Ensure-token-does-not-overflow.patch,
      0225-Fix-off-by-one-error-when-checking-token-length.patch,
      0226-Use-proper-cast.patch.

 -- Marc Deslauriers <email address hidden> Mon, 31 Jul 2017 07:24:18 -0400

Source diff to previous version
1707015 image composite functions not working in php

Version: 8:6.7.7.10-6ubuntu3.8 2017-07-24 18:06:44 UTC

  imagemagick (8:6.7.7.10-6ubuntu3.8) trusty-security; urgency=medium

  * SECURITY UPDATE: multiple security issues
    - debian/patches/*: synchronize security fixes with Debian's
      8:6.8.9.9-5+deb8u10 release. Once again, thanks to Bastien Roucariès
      for the excellent work this update is based on!
    - CVE-2017-9261, CVE-2017-9262, CVE-2017-9405, CVE-2017-9407,
      CVE-2017-9409, CVE-2017-9439, CVE-2017-9501, CVE-2017-10928,
      CVE-2017-11141, CVE-2017-11170, CVE-2017-11188, CVE-2017-11352,
      CVE-2017-11360, CVE-2017-11448, CVE-2017-11449, CVE-2017-11450,
      CVE-2017-11478

 -- Marc Deslauriers <email address hidden> Fri, 21 Jul 2017 09:58:43 -0400

CVE-2017-9261 In ImageMagick 7.0.5-6 Q16, the ReadMNGImage function in coders/png.c allows attackers to cause a denial of service (memory leak) via a crafted file.
CVE-2017-9262 In ImageMagick 7.0.5-6 Q16, the ReadJNGImage function in coders/png.c allows attackers to cause a denial of service (memory leak) via a crafted file.
CVE-2017-9405 In ImageMagick 7.0.5-5, the ReadICONImage function in icon.c:452 allows attackers to cause a denial of service (memory leak) via a crafted file.
CVE-2017-9407 In ImageMagick 7.0.5-5, the ReadPALMImage function in palm.c allows attackers to cause a denial of service (memory leak) via a crafted file.
CVE-2017-9409 In ImageMagick 7.0.5-5, the ReadMPCImage function in mpc.c allows attackers to cause a denial of service (memory leak) via a crafted file.
CVE-2017-9439 In ImageMagick 7.0.5-5, a memory leak was found in the function ReadPDBImage in coders/pdb.c, which allows attackers to cause a denial of service via
CVE-2017-9501 In ImageMagick 7.0.5-7 Q16, an assertion failure was found in the function LockSemaphoreInfo, which allows attackers to cause a denial of service via
CVE-2017-1092 IBM Informix Open Admin Tool 11.5, 11.7, and 12.1 could allow an unauthorized user to execute arbitrary code as system admin on Windows servers. IBM
CVE-2017-1114 RESERVED
CVE-2017-1117 IBM WebSphere MQ 8.0 and 9.0 could allow an authenticated user to cause a denial of service to the MQXR channel when trace is enabled. IBM X-Force ID
CVE-2017-1118 RESERVED
CVE-2017-1135 RESERVED
CVE-2017-1136 RESERVED
CVE-2017-1144 IBM WebSphere Message Broker could allow a local user with specialized access to prevent the message broker from starting. IBM X-Force ID: 122033.
CVE-2017-1145 IBM WebSphere MQ 8.0.0.6 does not properly terminate channel agents when they are no longer needed, which could allow a user to cause a denial of ser
CVE-2017-1147 RESERVED



About   -   Send Feedback to @ubuntu_updates