Package "graphicsmagick"
| Name: |
graphicsmagick
|
Description: |
collection of image processing tools
|
| Latest version: |
1.3.23-1ubuntu0.6 |
| Release: |
xenial (16.04) |
| Level: |
updates |
| Repository: |
universe |
| Homepage: |
http://www.graphicsmagick.org/ |
Links
Download "graphicsmagick"
Other versions of "graphicsmagick" in Xenial
Packages in group
Deleted packages are displayed in grey.
Changelog
|
graphicsmagick (1.3.23-1ubuntu0.6) xenial-security; urgency=medium
* SECURITY UPDATE: Heap-based buffer over-read in ReadNewsProfile()
- debian/patches/CVE-2017-17912.patch: ReadNewsProfile() was allowing
reading heap data beyond the allocated size.
- CVE-2017-17912
* SECURITY UPDATE: Stack-based buffer over-read in WriteWEBPImage()
- debian/patches/CVE-2017-17913-1.patch: Add some assertions to verify that
the image pointer provided by libwebp is valid.
- debian/patches/CVE-2017-17913-2.patch: Fix stack overflow with libwebp
0.5.0+ by disabling progress indication.
- CVE-2017-17913
* SECURITY UPDATE: Heap-based buffer over-read in ReadMNGImage()
- debian/patches/CVE-2017-17915.patch: Check range limit before accessing
byte to avoid minor heap read overflow.
- CVE-2017-17915
* SECURITY UPDATE: Allocation failure in ReadOnePNGImage()
- debian/patches/CVE-2017-18219.patch: check MemoryResource before
attempting to allocate ping_pixels array.
- CVE-2017-18219
* SECURITY UPDATE: Allocation failure in ReadTIFFImage()
- debian/patches/CVE-2017-18229.patch: Rationalize scanline, strip, and
tile memory allocation requests based on file size.
- CVE-2017-18229
* SECURITY UPDATE: Null pointer dereference in ReadCINEONImage()
- debian/patches/CVE-2017-18230.patch: Validate scandata allocation.
- CVE-2017-18230
* SECURITY UPDATE: Null pointer dereference in ReadEnhMetaFile()
- debian/patches/CVE-2017-18231.patch: Verify pBits memory allocation.
- CVE-2017-18231
-- Eduardo Barretto <email address hidden> Mon, 03 Feb 2020 16:47:01 -0300
|
| Source diff to previous version |
| CVE-2017-17912 |
In GraphicsMagick 1.4 snapshot-20171217 Q8, there is a heap-based buffer over-read in ReadNewsProfile in coders/tiff.c, in which LocaleNCompare reads |
| CVE-2017-17913 |
In GraphicsMagick 1.4 snapshot-20171217 Q8, there is a stack-based buffer over-read in WriteWEBPImage in coders/webp.c, related to an incompatibility |
| CVE-2017-17915 |
In GraphicsMagick 1.4 snapshot-20171217 Q8, there is a heap-based buffer over-read in ReadMNGImage in coders/png.c, related to accessing one byte bef |
| CVE-2017-18219 |
An issue was discovered in GraphicsMagick 1.3.26. An allocation failure vulnerability was found in the function ReadOnePNGImage in coders/png.c, whic |
| CVE-2017-18229 |
An issue was discovered in GraphicsMagick 1.3.26. An allocation failure vulnerability was found in the function ReadTIFFImage in coders/tiff.c, which |
| CVE-2017-18230 |
An issue was discovered in GraphicsMagick 1.3.26. A NULL pointer dereference vulnerability was found in the function ReadCINEONImage in coders/cineon |
| CVE-2017-18231 |
An issue was discovered in GraphicsMagick 1.3.26. A NULL pointer dereference vulnerability was found in the function ReadEnhMetaFile in coders/emf.c, |
|
|
graphicsmagick (1.3.23-1ubuntu0.5) xenial-security; urgency=medium
* SECURITY UPDATE: DoS in ReadWPGImage()
- debian/patches/CVE-2017-16545.patch: Assure that colormapped image is a
PseudoClass type with valid colormapped indexes.
- CVE-2017-16545
* SECURITY UPDATE: DoS (negative strncpy) in DrawImage()
- debian/patches/CVE-2017-16547.patch: Fix pointer computation which leads
to large strncpy size request and bad array index.
- CVE-2017-16547
* SECURITY UPDATE: Heap-based buffer overflow in coders/wpg.c
- debian/patches/CVE-2017-16669-1.patch: Do not call SyncImagePixels() when
something fails.
- debian/patches/CVE-2017-16669-2.patch: Wrong row count checking.
- debian/patches/CVE-2017-16669-3.patch: Detect pending use of null indexes
pointer due to programming error and report it.
- debian/patches/CVE-2017-16669-4.patch: Fix crash which image fails to
produce expected PseudoClass indexes.
- debian/patches/CVE-2017-16669-5.patch: Check for InsertRow() return value.
- debian/patches/CVE-2017-16669-6.patch: Check InsertRow() return value for
all calls.
- CVE-2017-16669
* SECURITY UPDATE: Heap-based buffer overflow in WritePNMImage()
- debian/patches/CVE-2017-17498.patch: Fix buffer overflow when writing
gray+alpha 1-bit/sample.
- CVE-2017-17498
* SECURITY UPDATE: Heap-based buffer over-read in ReadRGBImage()
- debian/patches/CVE-2017-17500.patch: Fix heap-overflow due to tile
outside image bounds.
- CVE-2017-17500
* SECURITY UPDATE: Heap-based buffer over-read in WriteOnePNGImage()
- debian/patches/CVE-2017-17501.patch: Fix heap read overrun while
testing pixels for opacity.
- CVE-2017-17501
* SECURITY UPDATE: Heap-based buffer over-read in ReadCMYKImage()
- debian/patches/CVE-2017-17502.patch: Fix heap-overflow due to tile
outside image bounds.
- CVE-2017-17502
* SECURITY UPDATE: Heap-based buffer over-read in ReadGRAYImage()
- debian/patches/CVE-2017-17503.patch: Fix heap-overflow due to tile
outside image bounds.
- CVE-2017-17503
* SECURITY UPDATE: Heap-based buffer over-read in ReadOneJNGImage()
- debian/patches/CVE-2017-17782.patch: Fix wrong offset into oFFs chunk
which caused heap read overflow.
- CVE-2017-17782
* SECURITY UPDATE: Buffer over-read in ReadPALMImage()
- debian/patches/CVE-2017-17783.patch: Fix heap buffer overflow in Q8 build
while initializing color palette.
- CVE-2017-17783
-- Eduardo Barretto <email address hidden> Tue, 21 Jan 2020 14:15:33 -0300
|
| Source diff to previous version |
| CVE-2017-16545 |
The ReadWPGImage function in coders/wpg.c in GraphicsMagick 1.3.26 does not properly validate colormapped images, which allows remote attackers to ca |
| CVE-2017-16547 |
The DrawImage function in magick/render.c in GraphicsMagick 1.3.26 does not properly look for pop keywords that are associated with push keywords, wh |
| CVE-2017-16669 |
coders/wpg.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or poss |
| CVE-2017-17498 |
WritePNMImage in coders/pnm.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (bit_stream.c MagickBitStreamMSBWrite hea |
| CVE-2017-17500 |
ReadRGBImage in coders/rgb.c in GraphicsMagick 1.3.26 has a magick/import.c ImportRGBQuantumType heap-based buffer over-read via a crafted file. |
| CVE-2017-17501 |
WriteOnePNGImage in coders/png.c in GraphicsMagick 1.3.26 has a heap-based buffer over-read via a crafted file. |
| CVE-2017-17502 |
ReadCMYKImage in coders/cmyk.c in GraphicsMagick 1.3.26 has a magick/import.c ImportCMYKQuantumType heap-based buffer over-read via a crafted file. |
| CVE-2017-17503 |
ReadGRAYImage in coders/gray.c in GraphicsMagick 1.3.26 has a magick/import.c ImportGrayQuantumType heap-based buffer over-read via a crafted file. |
| CVE-2017-17782 |
In GraphicsMagick 1.3.27a, there is a heap-based buffer over-read in ReadOneJNGImage in coders/png.c, related to oFFs chunk allocation. |
| CVE-2017-17783 |
In GraphicsMagick 1.3.27a, there is a buffer over-read in ReadPALMImage in coders/palm.c when QuantumDepth is 8. |
|
|
graphicsmagick (1.3.23-1ubuntu0.4) xenial-security; urgency=medium
* SECURITY UPDATE: DoS (memory consumption) on ReadSUNImage()
- debian/patches/CVE-2017-14165.patch: Verify that file header data length,
and file length are sufficient for claimed image dimensions.
- CVE-2017-14165
* SECURITY UPDATE: Heap-based buffer over-read in DrawImage()
- debian/patches/CVE-2017-14314.patch: Fix heap out of bounds read in
DrawDashPolygon().
- CVE-2017-14314
* SECURITY UPDATE: Null pointer dereference in ReadPNMImage()
- debian/patches/CVE-2017-14504.patch: Require that XV 332 format have 256
colors.
- CVE-2017-14504
* SECURITY UPDATE: DoS (crash) assertion failure in magick/pixel_cache.c
- debian/patches/CVE-2017-14649.patch: Validate JNG data properly.
- CVE-2017-14649
* SECURITY UPDATE: Heap-based buffer over-read in ReadRLEImage()
- debian/patches/CVE-2017-14733.patch: Fully rationalize Ncolors when Alpha
flag is present.
- CVE-2017-14733
* SECURITY UPDATE: Null pointer dereference in ReadDCMImage()
- debian/patches/CVE-2017-14994.patch: DCM_ReadNonNativeImages() can produce
image list with no frames, resulting in null image pointer.
- CVE-2017-14994
* SECURITY UPDATE: Integer underflow in ReadPICTImage()
- debian/patches/CVE-2017-14997.patch: Avoid unsigned underflow leading to
astonishingly large allocation request.
- CVE-2017-14997
* SECURITY UPDATE: Resource leak in ReadGIFImage()
- debian/patches/CVE-2017-15277.patch: Assure that global colormap is fully
initialized.
- CVE-2017-15277
* SECURITY UPDATE: Null pointer dereference in ReadOneJNGImage()
- debian/patches/CVE-2017-15930-1.patch: Fix possible use of NULL pointer
when transferring JPEG scanlines.
- debian/patches/CVE-2017-15930-2.patch: Add more checks for use of null
PixelPacket pointer.
- debian/patches/CVE-2017-15930-3.patch: Reject JNG files with unreasonable
dimensions given the file size.
- debian/patches/CVE-2017-15930-4.patch: Ensure that reasonable exception
gets reported on read failure.
- CVE-2017-15930
* SECURITY UPDATE: Heap-based buffer overflow in DescribeImage()
- debian/patches/CVE-2017-16352.patch: Fix possible heap write overflow
while describing visual image directory.
- CVE-2017-16352
* SECURITY UPDATE: Memory information disclosure in DescribeImage()
- debian/patches/CVE-2017-16353.patch: Fix weaknesses while describing the
IPTC profile.
- CVE-2017-16353
-- Eduardo Barretto <email address hidden> Mon, 06 Jan 2020 15:39:05 -0300
|
| Source diff to previous version |
| CVE-2017-14165 |
The ReadSUNImage function in coders/sun.c in GraphicsMagick 1.3.26 has an issue where memory allocation is excessive because it depends only on a len |
| CVE-2017-14314 |
Off-by-one error in the DrawImage function in magick/render.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (DrawDash |
| CVE-2017-14504 |
ReadPNMImage in coders/pnm.c in GraphicsMagick 1.3.26 does not ensure the correct number of colors for the XV 332 format, leading to a NULL Pointer D |
| CVE-2017-14649 |
ReadOneJNGImage in coders/png.c in GraphicsMagick version 1.3.26 does not properly validate JNG data, leading to a denial of service (assertion failu |
| CVE-2017-14733 |
ReadRLEImage in coders/rle.c in GraphicsMagick 1.3.26 mishandles RLE headers that specify too few colors, which allows remote attackers to cause a de |
| CVE-2017-14994 |
ReadDCMImage in coders/dcm.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted D |
| CVE-2017-14997 |
GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (excessive memory allocation) because of an integer underflow in ReadPICTI |
| CVE-2017-15277 |
ReadGIFImage in coders/gif.c in ImageMagick 7.0.6-1 and GraphicsMagick 1.3.26 leaves the palette uninitialized when processing a GIF file that has ne |
| CVE-2017-15930 |
In ReadOneJNGImage in coders/png.c in GraphicsMagick 1.3.26, a Null Pointer Dereference occurs while transferring JPEG scanlines, related to a PixelP |
| CVE-2017-16352 |
GraphicsMagick 1.3.26 is vulnerable to a heap-based buffer overflow vulnerability found in the "Display visual image directory" feature of the Descri |
| CVE-2017-16353 |
GraphicsMagick 1.3.26 is vulnerable to a memory information disclosure vulnerability found in the DescribeImage function of the magick/describe.c fil |
|
|
graphicsmagick (1.3.23-1ubuntu0.3) xenial-security; urgency=medium
* SECURITY UPDATE: Null pointer dereference in WriteMAPImage()
- debian/patches/CVE-2017-11638_CVE-2017-11642.patch: Fix null pointer
dereference or SEGV if input is not colormapped.
- CVE-2017-11638
- CVE-2017-11642
* SECURITY UPDATE: Memory leak in PersistCache()
- debian/patches/CVE-2017-11641.patch: Fix memory leak while writing Magick
Persistent Cache format.
- CVE-2017-11641
* SECURITY UPDATE: Heap overflow in WriteCMYKImage()
- debian/patches/CVE-2017-11643.patch: Fixed heap overflow with multiple
frames with varying widths.
- CVE-2017-11643
* SECURITY UPDATE: Invalid memory read in SetImageColorCallBack()
- debian/patches/CVE-2017-12935.patch: Reject MNG with too-large dimensions
(over 65535).
- CVE-2017-12935
* SECURITY UPDATE: Use-after-free in ReadWMFImage()
- debian/patches/CVE-2017-12936.patch: Eliminate use of already freed heap
data in error reporting path.
- CVE-2017-12936
* SECURITY UPDATE: Heap-based buffer over-read in ReadSUNImage()
- debian/patches/CVE-2017-12937.patch: Fix heap read overflow while indexing
colormap in bilevel decoder.
- CVE-2017-12937
* SECURITY UPDATE: Heap-based buffer overflow vulnerability
- debian/patches/CVE-2017-13063_CVE-2017-13064_CVE-2017-13065.patch: Fix
buffer-overflow and inconsistent behavior in GetStyleTokens().
- CVE-2017-13063
- CVE-2017-13064
- CVE-2017-13065
* SECURITY UPDATE: Heap-based buffer over-read in SFWScan
- debian/patches/CVE-2017-13134.patch: Fix heap buffer overflow in
SFWScan().
- CVE-2017-13134
* SECURITY UPDATE: Invalid free in MagickFree()
- debian/patches/CVE-2017-13737.patch: NumberOfObjectsInArray() must round
down, rather than up.
- CVE-2017-13737
* SECURITY UPDATE: DoS in ReadJNXImage()
- debian/patches/CVE-2017-13775.patch: Fix DOS issues.
- CVE-2017-13775
* SECURITY UPDATE: DoS in ReadXBMImage()
- debian/patches/CVE-2017-13776_CVE-2017-13777.patch: Fix DOS issues.
- CVE-2017-13776
- CVE-2017-13777
-- Eduardo Barretto <email address hidden> Thu, 12 Dec 2019 11:31:23 -0300
|
| Source diff to previous version |
| CVE-2017-11638 |
GraphicsMagick 1.3.26 has a segmentation violation in the WriteMAPImage() function in coders/map.c when processing a non-colormapped image, a differe |
| CVE-2017-11642 |
GraphicsMagick 1.3.26 has a NULL pointer dereference in the WriteMAPImage() function in coders/map.c when processing a non-colormapped image, a diffe |
| CVE-2017-11641 |
GraphicsMagick 1.3.26 has a Memory Leak in the PersistCache function in magick/pixel_cache.c during writing of Magick Persistent Cache (MPC) files. |
| CVE-2017-11643 |
GraphicsMagick 1.3.26 has a heap overflow in the WriteCMYKImage() function in coders/cmyk.c when processing multiple frames that have non-identical w |
| CVE-2017-12935 |
The ReadMNGImage function in coders/png.c in GraphicsMagick 1.3.26 mishandles large MNG images, leading to an invalid memory read in the SetImageColo |
| CVE-2017-12936 |
The ReadWMFImage function in coders/wmf.c in GraphicsMagick 1.3.26 has a use-after-free issue for data associated with exception reporting. |
| CVE-2017-12937 |
The ReadSUNImage function in coders/sun.c in GraphicsMagick 1.3.26 has a colormap heap-based buffer over-read. |
| CVE-2017-13063 |
GraphicsMagick 1.3.26 has a heap-based buffer overflow vulnerability in the function GetStyleTokens in coders/svg.c:314:12. |
| CVE-2017-13064 |
GraphicsMagick 1.3.26 has a heap-based buffer overflow vulnerability in the function GetStyleTokens in coders/svg.c:311:12. |
| CVE-2017-13065 |
GraphicsMagick 1.3.26 has a NULL pointer dereference vulnerability in the function SVGStartElement in coders/svg.c. |
| CVE-2017-13134 |
In ImageMagick 7.0.6-6 and GraphicsMagick 1.3.26, a heap-based buffer over-read was found in the function SFWScan in coders/sfw.c, which allows attac |
| CVE-2017-13737 |
There is an invalid free in the MagickFree function in magick/memory.c in GraphicsMagick 1.3.26 that will lead to a remote denial of service attack. |
| CVE-2017-13775 |
GraphicsMagick 1.3.26 has a denial of service issue in ReadJNXImage() in coders/jnx.c whereby large amounts of CPU and memory resources may be consum |
| CVE-2017-13776 |
GraphicsMagick 1.3.26 has a denial of service issue in ReadXBMImage() in a coders/xbm.c "Read hex image data" version!=10 case that results in the re |
| CVE-2017-13777 |
GraphicsMagick 1.3.26 has a denial of service issue in ReadXBMImage() in a coders/xbm.c "Read hex image data" version==10 case that results in the re |
|
|
graphicsmagick (1.3.23-1ubuntu0.2) xenial-security; urgency=medium
* SECURITY UPDATE: Allocation failure vulnerability
- debian/patches/CVE-2017-13147.patch: deal with too-large MNG chunks in
coders/png.c
- CVE-2017-13147
* SECURITY UPDATE: Allocation failure vulnerability
- debian/patches/CVE-2017-14042.patch: PNM for binary formats, verify
sufficient backing file data before memory request.
- CVE-2017-14042
* SECURITY UPDATE: DoS (out-of-bounds read and crash) via a small samples
per pixel value in a CMYKA TIFF file.
- debian/patches/CVE-2017-6335.patch: Fix out of bounds access when reading
CMYKA tiff which claims wrong samples/pixel.
- CVE-2017-6335
* SECURITY UPDATE: Buffer overflow while processing an RGB TIFF picture with
metadata.
- debian/patches/CVE-2017-10794.patch: Use a generalized method to enforce
that buffer overflow can not happen while importing pixels.
- CVE-2017-10794
* SECURITY UPDATE: DoS (out-of-memory) when processing a DPX image with
metadata.
- debian/patches/CVE-2017-10799.patch: Estimate minimum required file sized
based on header, and reject files with insufficient data.
- CVE-2017-10799
* SECURITY UPDATE: DoS (crash) while reading a JNG file via a zero-length
color_image data structure.
- debian/patches/CVE-2017-11102.patch: Stop crash due to zero-length color_image
while reading a JNG.
- CVE-2017-11102
* SECURITY UPDATE: DoS (resource consumption) via a crafted JPEG file.
- debian/patches/CVE-2017-11140.patch: Defer creating pixel cache until first
scanline.
- CVE-2017-11140
* SECURITY UPDATE: Use-after-free via a crafted MNG file.
- debian/patches/CVE-2017-11403-1.patch: Fix out-of-order CloseBlob() and
DestroyImageList() that caused a use-after-free crash.
- debian/patches/CVE-2017-11403-2.patch: Improve fix of use-after-free.
- CVE-2017-11403
* SECURITY UPDATE: Heap overflow when processing multiple frames that have
non-identical widths.
- debian/patches/CVE-2017-11636.patch: Fixed heap overflow with multiple
frames with varying widths.
- CVE-2017-11636
* SECURITY UPDATE: NULL pointer deference in the WritePCLImage() function.
- debian/patches/CVE-2017-11637.patch: Fix null pointer dereference in
writing monochrome images.
- CVE-2017-11637
-- Eduardo Barretto <email address hidden> Thu, 28 Nov 2019 11:36:23 -0300
|
| CVE-2017-13147 |
In GraphicsMagick 1.3.26, an allocation failure vulnerability was found in the function ReadMNGImage in coders/png.c when a small MNG file has a MEND |
| CVE-2017-14042 |
A memory allocation failure was discovered in the ReadPNMImage function in coders/pnm.c in GraphicsMagick 1.3.26. The vulnerability causes a big memo |
| CVE-2017-6335 |
The QuantumTransferMode function in coders/tiff.c in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service (out-of-b |
| CVE-2017-10794 |
When GraphicsMagick 1.3.25 processes an RGB TIFF picture (with metadata indicating a single sample per pixel) in coders/tiff.c, a buffer overflow occ |
| CVE-2017-10799 |
When GraphicsMagick 1.3.25 processes a DPX image (with metadata indicating a large width) in coders/dpx.c, a denial of service (OOM) can occur in Rea |
| CVE-2017-11102 |
The ReadOneJNGImage function in coders/png.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (application crash) during |
| CVE-2017-11140 |
The ReadJPEGImage function in coders/jpeg.c in GraphicsMagick 1.3.26 creates a pixel cache before a successful read of a scanline, which allows remot |
| CVE-2017-11403 |
The ReadMNGImage function in coders/png.c in GraphicsMagick 1.3.26 has an out-of-order CloseBlob call, resulting in a use-after-free via a crafted fi |
| CVE-2017-11636 |
GraphicsMagick 1.3.26 has a heap overflow in the WriteRGBImage() function in coders/rgb.c when processing multiple frames that have non-identical wid |
| CVE-2017-11637 |
GraphicsMagick 1.3.26 has a NULL pointer dereference in the WritePCLImage() function in coders/pcl.c during writes of monochrome images. |
|
About
-
Send Feedback to @ubuntu_updates
