Download
| Alert*
oval:org.secpod.oval:def:89043780
This update for ImageMagick fixes several issues. These security issues were fixed: - CVE-2017-18027: Prevent memory leak vulnerability in the function ReadMATImage which allowed remote attackers to cause a denial of service via a crafted file - CVE-2017-18029: Prevent memory leak in the function R ... oval:org.secpod.oval:def:89043497 This update for ImageMagick fixes several issues. These security issues were fixed: - CVE-2018-5685: Prevent infinite loop and application hang in the ReadBMPImage function. Remote attackers could leverage this vulnerability to cause a denial of service via an image file with a crafted bit-field mas ... oval:org.secpod.oval:def:1600847 Memory information disclosure in DescribeImage function in magick/describe.cGraphicsMagick is vulnerable to a memory information disclosure vulnerability found in the DescribeImage function of the magick/describe.c file, because of a heap-based buffer over-read. The portion of the code containing th ... oval:org.secpod.oval:def:1900065 In GraphicsMagick 1.3.27, there is an infinite loop and application hang in the ReadBMPImage function . Remote attackers could leverage this vulnerability to cause a denial of service via an image file with a crafted bit-field mask value. oval:org.secpod.oval:def:603558 The update of Graphicsmagick in DSA-4321-1 introduced a change in the handling of case-sensitivity in an internal API function which could affect some code built against the GraphicsMagick libraries. This update restores the previous behaviour. oval:org.secpod.oval:def:603548 Several vulnerabilities have been discovered in GraphicsMagick, a set of command-line applications to manipulate image files, which could result in denial of service or the execution of arbitrary code if malformed image files are processed. oval:org.secpod.oval:def:53442 Several vulnerabilities have been discovered in GraphicsMagick, a set of command-line applications to manipulate image files, which could result in denial of service or the execution of arbitrary code if malformed image files are processed. |