UbuntuUpdates.org

Package "graphicsmagick"

Name: graphicsmagick

Description:

collection of image processing tools

Latest version: 1.3.23-1ubuntu0.2
Release: xenial (16.04)
Level: updates
Repository: universe
Homepage: http://www.graphicsmagick.org/

Links

Save this URL for the latest version of "graphicsmagick": https://www.ubuntuupdates.org/graphicsmagick


Download "graphicsmagick"


Other versions of "graphicsmagick" in Xenial

Repository Area Version
base universe 1.3.23-1build1
security universe 1.3.23-1ubuntu0.2

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 1.3.23-1ubuntu0.2 2019-12-02 21:07:06 UTC

  graphicsmagick (1.3.23-1ubuntu0.2) xenial-security; urgency=medium

  * SECURITY UPDATE: Allocation failure vulnerability
    - debian/patches/CVE-2017-13147.patch: deal with too-large MNG chunks in
      coders/png.c
    - CVE-2017-13147
  * SECURITY UPDATE: Allocation failure vulnerability
    - debian/patches/CVE-2017-14042.patch: PNM for binary formats, verify
      sufficient backing file data before memory request.
    - CVE-2017-14042
  * SECURITY UPDATE: DoS (out-of-bounds read and crash) via a small samples
    per pixel value in a CMYKA TIFF file.
    - debian/patches/CVE-2017-6335.patch: Fix out of bounds access when reading
      CMYKA tiff which claims wrong samples/pixel.
    - CVE-2017-6335
  * SECURITY UPDATE: Buffer overflow while processing an RGB TIFF picture with
    metadata.
    - debian/patches/CVE-2017-10794.patch: Use a generalized method to enforce
      that buffer overflow can not happen while importing pixels.
    - CVE-2017-10794
  * SECURITY UPDATE: DoS (out-of-memory) when processing a DPX image with
    metadata.
    - debian/patches/CVE-2017-10799.patch: Estimate minimum required file sized
      based on header, and reject files with insufficient data.
    - CVE-2017-10799
  * SECURITY UPDATE: DoS (crash) while reading a JNG file via a zero-length
    color_image data structure.
    - debian/patches/CVE-2017-11102.patch: Stop crash due to zero-length color_image
      while reading a JNG.
    - CVE-2017-11102
  * SECURITY UPDATE: DoS (resource consumption) via a crafted JPEG file.
    - debian/patches/CVE-2017-11140.patch: Defer creating pixel cache until first
      scanline.
    - CVE-2017-11140
  * SECURITY UPDATE: Use-after-free via a crafted MNG file.
    - debian/patches/CVE-2017-11403-1.patch: Fix out-of-order CloseBlob() and
      DestroyImageList() that caused a use-after-free crash.
    - debian/patches/CVE-2017-11403-2.patch: Improve fix of use-after-free.
    - CVE-2017-11403
  * SECURITY UPDATE: Heap overflow when processing multiple frames that have
    non-identical widths.
    - debian/patches/CVE-2017-11636.patch: Fixed heap overflow with multiple
      frames with varying widths.
    - CVE-2017-11636
  * SECURITY UPDATE: NULL pointer deference in the WritePCLImage() function.
    - debian/patches/CVE-2017-11637.patch: Fix null pointer dereference in
      writing monochrome images.
    - CVE-2017-11637

 -- Eduardo Barretto <email address hidden> Thu, 28 Nov 2019 11:36:23 -0300

Source diff to previous version
CVE-2017-13147 In GraphicsMagick 1.3.26, an allocation failure vulnerability was found in the function ReadMNGImage in coders/png.c when a small MNG file has a MEND
CVE-2017-14042 A memory allocation failure was discovered in the ReadPNMImage function in coders/pnm.c in GraphicsMagick 1.3.26. The vulnerability causes a big memo
CVE-2017-6335 The QuantumTransferMode function in coders/tiff.c in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service (out-of-b
CVE-2017-10794 When GraphicsMagick 1.3.25 processes an RGB TIFF picture (with metadata indicating a single sample per pixel) in coders/tiff.c, a buffer overflow occ
CVE-2017-10799 When GraphicsMagick 1.3.25 processes a DPX image (with metadata indicating a large width) in coders/dpx.c, a denial of service (OOM) can occur in Rea
CVE-2017-11102 The ReadOneJNGImage function in coders/png.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (application crash) during
CVE-2017-11140 The ReadJPEGImage function in coders/jpeg.c in GraphicsMagick 1.3.26 creates a pixel cache before a successful read of a scanline, which allows remot
CVE-2017-11403 The ReadMNGImage function in coders/png.c in GraphicsMagick 1.3.26 has an out-of-order CloseBlob call, resulting in a use-after-free via a crafted fi
CVE-2017-11636 GraphicsMagick 1.3.26 has a heap overflow in the WriteRGBImage() function in coders/rgb.c when processing multiple frames that have non-identical wid
CVE-2017-11637 GraphicsMagick 1.3.26 has a NULL pointer dereference in the WritePCLImage() function in coders/pcl.c during writes of monochrome images.

Version: 1.3.23-1ubuntu0.1 2018-11-05 14:07:08 UTC

  graphicsmagick (1.3.23-1ubuntu0.1) xenial-security; urgency=medium

  * SECURITY UPDATE: DoS (crash) via a crafted SVG file.
    - debian/patches/CVE-2016-2317_part1.patch: Fix heap buffer overflow
    - debian/patches/CVE-2016-2317_part2.patch: Fix stack buffer overflow
    - debian/patches/CVE-2016-2317_part3.patch: Fix segmentation violation
    - CVE-2016-2317
  * SECURITY UPDATE: DoS (NULL pointer dereference) via a crafted SVG
    file.
    - debian/patches/CVE-2016-2318.patch: Make SVG path and other
      primitive parsing more robust
    - CVE-2016-2318
  * SECURITY UPDATE: Arbitrary code execution via shell metacharacters in
    a crafted image file.
    - debian/patches/CVE-2016-3714.patch: Remove delegates support for
      reading gnuplot files.
    - CVE-2016-3714
  * SECURITY UPDATE: Remote attackers are able to delete arbitrary files
    via a crafted image.
    - debian/patches/CVE-2016-3715.patch: remove undocumented "TMP" magic
      prefix.
    - CVE-2016-3715
  * SECURITY UPDATE: Remote attackers can move arbitrary files via a
    crafted image.
    - debian/patches/CVE-2016-3716_part1.patch: Ignore the file extension
      on MSL files.
    - debian/patches/CVE-2016-3716_part2.patch: Do not auto-detect MVG
      format based on file extension.
    - CVE-2016-3716
  * SECURITY UPDATE: Remote attackers can read arbitrary files via a
    crafted image.
    - debian/patches/CVE-2016-3717.patch: fix in delegates.mgk.in
    - CVE-2016-3717
  * SECURITY UPDATE: Remote attackers can conduct server-side request
    forgery (SSRF) attacks via a crafted image.
    - debian/patches/CVE-2016-3718.patch: fix in render.c
    - CVE-2016-3718
  * SECURITY UPDATE: Remote attackers can execute arbitrary files via a
    pipe character at the start of a filename.
    - debian/patches/CVE-2016-5118.patch: remove support for reading
      input from a shell command or writing output to a shell command
    - CVE-2016-5118
  * SECURITY UPDATE: Remote attackers can execute arbitrary commands via
    unspecified vectors.
    - debian/patches/CVE-2016-5239.patch: remove delegates support for
      Gnuplot and varios other file types.
    - CVE-2016-5239
  * SECURITY UPDATE: Remote attackers to cause a DoS (infinite loop) by
    converting a circularly defined SVG file.
    - debian/patches/CVE-2016-5240.patch: endless loop problem caused by
      negative stroke-dasharray arguments
    - CVE-2016-5240
  * SECURITY UPDATE: Remote attackers to cause DoS (arithmetic exception
    and application crash) via a crafted svg file.
    - debian/patches/CVE-2016-5241.patch: Fix divide-by-zero problem if
      fill or stroke pattern image has zero columns or rows
    - CVE-2016-5241
  * SECURITY UPDATE: Buffer overflow in MVG and SVG rendering code.
    - debian/patches/CVE-2016-7446.patch: fix in svg.c
    - CVE-2016-7446
  * SECURITY UPDATE: Heap buffer overflow in the EscapeParenthesis.
    - debian/patches/CVE-2016-7447.patch: re-wrote the implementation of
      EscapeParenthesis() in annotate.c
    - CVE-2016-7447
  * SECURITY UPDATE: DoS (CPU consumption or large memory allocations)
    via vectors involving the header information and the file size.
    - debian/patches/CVE-2016-7448_part1.patch: fix in rle.c
    - debian/patches/CVE-2016-7448_part2.patch: fix in rle.c
    - CVE-2016-7448
  * SECURITY UPDATE: DoS (out-of-bounds heap read) via a file containing
    an "unterminated" string.
    - debian/patches/CVE-2016-7449.patch: fix a heap buffer read overrun
      if buffer not null terminated
    - CVE-2016-7449
  * SECURITY UPDATE: Integer underflow in the parse8BIM function.
    - debian/patches/CVE-2016-7800.patch: fix unsigned underflow.
    - CVE-2016-7800
  * SECURITY UPDATE: Heap buffer overflow and DoS in the WPG format
    reader.
    - debian/patches/CVE-2016-7996_CVE-2016-7997.patch: fix in wpg.c
    - CVE-2016-7996
    - CVE-2016-7997
  * SECURITY UPDATE: DoS (out-of-bounds read) via a crafted SCT header.
    - debian/patches/CVE-2016-8682.patch: Fix stack-buffer read overflow
      while reading SCT file header.
    - CVE-2016-8682
  * SECURITY UPDATE: Memory allocation failure and a "file truncation
    error for corrupt file" via a crafted PCX image.
    - debian/patches/CVE-2016-8683.patch: check that filesize is
      reasonable given header.
    - CVE-2016-8683
  * SECURITY UPDATE: Memory allocation failure and a "file truncation
    error for corrupt file" via a crafted SGI image.
    - debian/patches/CVE-2016-8684.patch: Check that filesize is
      reasonable given header.
    - CVE-2016-8684
  * SECURITY UPDATE: DoS (crash) via a large dimensions in a jpeg image.
    - debian/patches/CVE-2016-9830.patch: enforce spec requirement that
      the dimensions of the JPEG embedded in a JDAT chunk must match the
      JHDR dimensions.
    - CVE-2016-9830

 -- Eduardo Barretto <email address hidden> Thu, 01 Nov 2018 15:03:05 -0300

CVE-2016-2317 Multiple buffer overflows in GraphicsMagick 1.3.23 allow remote attackers to cause a denial of service (crash) via a crafted SVG file, related to the
CVE-2016-2318 GraphicsMagick 1.3.23 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted SVG file, related to the (1) Draw
CVE-2016-3714 The (1) EPHEMERAL, (2) HTTPS, (3) MVG, (4) MSL, (5) TEXT, (6) SHOW, (7) WIN, and (8) PLT coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1
CVE-2016-3715 The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to delete arbitrary files via a crafted image.
CVE-2016-3716 The MSL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to move arbitrary files via a crafted image.
CVE-2016-3717 The LABEL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to read arbitrary files via a crafted image.
CVE-2016-3718 The (1) HTTP and (2) FTP coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to conduct server-side request forgery (
CVE-2016-5118 popen() shell vulnerability via filename
CVE-2016-5239 The gnuplot delegate functionality in ImageMagick before 6.9.4-0 and GraphicsMagick allows remote attackers to execute arbitrary commands via unspeci
CVE-2016-5240 The DrawDashPolygon function in magick/render.c in GraphicsMagick before 1.3.24 and the SVG renderer in ImageMagick allow remote attackers to cause a
CVE-2016-5241 magick/render.c in GraphicsMagick before 1.3.24 allows remote attackers to cause a denial of service (arithmetic exception and application crash) via
CVE-2016-7446 Buffer overflow in the MVG and SVG rendering code in GraphicsMagick 1.3.24 allows remote attackers to have unspecified impact via unknown vectors. No
CVE-2016-7447 Heap-based buffer overflow in the EscapeParenthesis function in GraphicsMagick before 1.3.25 allows remote attackers to have unspecified impact via u
CVE-2016-7448 The Utah RLE reader in GraphicsMagick before 1.3.25 allows remote attackers to cause a denial of service (CPU consumption or large memory allocations
CVE-2016-7449 The TIFFGetField function in coders/tiff.c in GraphicsMagick 1.3.24 allows remote attackers to cause a denial of service (out-of-bounds heap read) vi
CVE-2016-7800 Integer underflow in the parse8BIM function in coders/meta.c in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of servic
CVE-2016-7996 Heap-based buffer overflow in the WPG format reader in GraphicsMagick 1.3.25 and earlier allows remote attackers to have unspecified impact via a col
CVE-2016-7997 The WPG format reader in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service (assertion failure and crash) via vec
CVE-2016-8682 The ReadSCTImage function in coders/sct.c in GraphicsMagick 1.3.25 allows remote attackers to cause a denial of service (out-of-bounds read) via a cr
CVE-2016-8683 The ReadPCXImage function in coders/pcx.c in GraphicsMagick 1.3.25 allows remote attackers to have unspecified impact via a crafted image, which trig
CVE-2016-8684 The MagickMalloc function in magick/memory.c in GraphicsMagick 1.3.25 allows remote attackers to have unspecified impact via a crafted image, which t
CVE-2016-9830 The MagickRealloc function in memory.c in Graphicsmagick 1.3.25 allows remote attackers to cause a denial of service (crash) via large dimensions in



About   -   Send Feedback to @ubuntu_updates