Package "graphicsmagick"
Name: |
graphicsmagick
|
Description: |
collection of image processing tools
|
Latest version: |
1.3.28-2ubuntu0.2 |
Release: |
bionic (18.04) |
Level: |
security |
Repository: |
universe |
Homepage: |
http://www.graphicsmagick.org/ |
Links
Download "graphicsmagick"
Other versions of "graphicsmagick" in Bionic
Packages in group
Deleted packages are displayed in grey.
Changelog
graphicsmagick (1.3.28-2ubuntu0.2) bionic-security; urgency=medium
* No-change rebuild for jbigkit security update.
-- Camila Camargo de Matos <email address hidden> Fri, 17 Mar 2023 08:39:01 -0300
|
Source diff to previous version |
graphicsmagick (1.3.28-2ubuntu0.1) bionic-security; urgency=medium
* SECURITY UPDATE: Heap-based buffer overflow in the WriteTGAImage function.
- debian/patches/CVE-2018-20184.patch: reject image rows/columns larger than
65535.
- CVE-2018-20184
* SECURITY UPDATE: Heap based buffer over-read in the ReadBMPImage function.
- debian/patches/CVE-2018-20185-1.patch: Only compute unsigned_maxvalue if
sample_bits <= 32.
- debian/patches/CVE-2018-20185-2.patch: Fix heap overflow in 32-bit due
to arithmetic overflow.
- debian/patches/CVE-2018-20185-3.patch: Improve buffer size calculations
to guard against arithmetic overflow.
- CVE-2018-20185
* SECURITY UPDATE: DoS (crash) in ReadDIBImage.
- debian/patches/CVE-2018-20189.patch: DIB images claiming more than 8-bits
per pixel are not colormapped.
- CVE-2018-20189
* SECURITY UPDATE: Stack-based buffer overflow in the function
SVGStartElement.
- debian/patches/CVE-2019-11005.patch: Fix stack buffer overflow while
parsing quoted font family value.
- CVE-2019-11005
* SECURITY UPDATE: Heap-based buffer over-read in the function ReadMIFFImage.
- debian/patches/CVE-2019-11006.patch: Detect end of file while reading
RLE packets.
- CVE-2019-11006
* SECURITY UPDATE: Heap-based buffer over-read in the function ReadMNGImage.
- debian/patches/CVE-2019-11007-1.patch: New function to reallocate an
image colormap.
- debian/patches/CVE-2019-11007-2.patch: Fix small buffer overflow (one
PixelPacket) of image colormap.
- CVE-2019-11007
* SECURITY UPDATE: Heap-based buffer overflow in the function WriteXWDImage.
- debian/patches/CVE-2019-11008.patch: Perform more header validations, a
file size validation, and fix arithmetic overflows leading to heap
overwrite.
- CVE-2019-11008
* SECURITY UPDATE: Heap-based buffer over-read in the function ReadXWDImage.
- debian/patches/CVE-2019-11009.patch: Fix heap buffer overflow while
reading DirectClass XWD file.
- CVE-2019-11009
* SECURITY UPDATE: Memory leak in the function ReadMPCImage.
- debian/patches/CVE-2019-11010.patch: Deal with a profile length of zero,
or an irrationally large profile length.
- CVE-2019-11010
* SECURITY UPDATE: DoS (out-of-bounds read, floating-point exception and
crash) by crafting an XWD image file.
- debian/patches/CVE-2019-11473_11474-1.patch: Add more validation logic to
avoid crashes due to FPE and invalid reads.
- debian/patches/CVE-2019-11473_11474-2.patch: Address header-directed
arbitrary memory allocation.
- debian/patches/CVE-2019-11473_11474-3.patch: Address segmentation
violation and invalid memory read with more validations.
- CVE-2019-11473
- CVE-2019-11474
* SECURITY UPDATE: Heap-based buffer overflow in the function WritePDBImage.
- debian/patches/CVE-2019-11505.patch: Use correct bits/sample rather than
image->depth. Avoids potential buffer overflow.
- CVE-2019-11505
* SECURITY UPDATE: Heap-based buffer overflow in the function
WriteMATLABImage.
- debian/patches/CVE-2019-11506.patch: Add completely missing error
handling.
- CVE-2019-11506
-- Eduardo Barretto <email address hidden> Thu, 28 Nov 2019 11:12:37 -0300
|
CVE-2018-20184 |
In GraphicsMagick 1.4 snapshot-20181209 Q8, there is a heap-based buffer overflow in the WriteTGAImage function of tga.c, which allows attackers to c |
CVE-2018-20185 |
In GraphicsMagick 1.4 snapshot-20181209 Q8 on 32-bit platforms, there is a heap-based buffer over-read in the ReadBMPImage function of bmp.c, which a |
CVE-2018-20189 |
In GraphicsMagick 1.3.31, the ReadDIBImage function of coders/dib.c has a vulnerability allowing a crash and denial of service via a dib file that is |
CVE-2019-11005 |
In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a stack-based buffer overflow in the function SVGStartElement of coders/svg.c, which allows remo |
CVE-2019-11006 |
In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer over-read in the function ReadMIFFImage of coders/miff.c, which allows attac |
CVE-2019-11007 |
In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer over-read in the ReadMNGImage function of coders/png.c, which allows attacke |
CVE-2019-11008 |
In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer overflow in the function WriteXWDImage of coders/xwd.c, which allows remote |
CVE-2019-11009 |
In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer over-read in the function ReadXWDImage of coders/xwd.c, which allows attacke |
CVE-2019-11010 |
In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a memory leak in the function ReadMPCImage of coders/mpc.c, which allows attackers to cause a de |
CVE-2019-11473 |
coders/xwd.c in GraphicsMagick 1.3.31 allows attackers to cause a denial of service (out-of-bounds read and application crash) by crafting an XWD ima |
CVE-2019-11474 |
coders/xwd.c in GraphicsMagick 1.3.31 allows attackers to cause a denial of service (floating-point exception and application crash) by crafting an X |
CVE-2019-11505 |
In GraphicsMagick from version 1.3.8 to 1.4 snapshot-20190403 Q8, there is a heap-based buffer overflow in the function WritePDBImage of coders/pdb.c |
CVE-2019-11506 |
In GraphicsMagick from version 1.3.30 to 1.4 snapshot-20190403 Q8, there is a heap-based buffer overflow in the function WriteMATLABImage of coders/m |
|
About
-
Send Feedback to @ubuntu_updates