SUSE-SU-2018:1163-1
- Source
- https://www.suse.com/support/update/announcement/2018/suse-su-20181163-1/
- Import Source
- https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2018:1163-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/SUSE-SU-2018:1163-1
- Related
- Published
- 2018-05-08T08:24:41Z
- Modified
- 2018-05-08T08:24:41Z
- Summary
- Security update for GraphicsMagick
- Details
-
This update for GraphicsMagick fixes the following issues:
- CVE-2017-18229: An allocation failure vulnerability was found in the function ReadTIFFImage in coders/tiff.c, which could allows attackers to cause a denial of service via a crafted file, because file size is not properly used to restrict scanline, strip, and tile allocations. [bsc#1085236]
- CVE-2017-11641: A memory Leak in the PersistCache function in magick/pixel_cache.c during writing of Magick Persistent Cache (MPC) files could lead to denial of servic3. [bsc#1050623]
- CVE-2017-13066: A memory leak vulnerability in the function CloneImage in magick/image.c could lead to denial of service [bsc#1055010]
- CVE-2018-10177: An infinite loop when reading MNG was fixed which could lead to a denial of service (hang) [bsc#1089781]
- References
-
- https://www.suse.com/support/update/announcement/2018/suse-su-20181163-1/
- https://bugzilla.suse.com/1050623
- https://bugzilla.suse.com/1055010
- https://bugzilla.suse.com/1085236
- https://bugzilla.suse.com/1089781
- https://www.suse.com/security/cve/CVE-2017-11641
- https://www.suse.com/security/cve/CVE-2017-13066
- https://www.suse.com/security/cve/CVE-2017-18229
- https://www.suse.com/security/cve/CVE-2018-10177
Affected packages
SUSE:Linux Enterprise Software Development Kit 11 SP4 / GraphicsMagick
Package
- Name
- GraphicsMagick
- Purl
- purl:rpm/suse/GraphicsMagick&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2011%20SP4