Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Step:15
patchinfo.18189
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.18189
<patchinfo incident="18189"> <issue tracker="cve" id="2023-34151"/> <issue tracker="cve" id="2022-2719"/> <issue tracker="cve" id="2021-20246"/> <issue tracker="cve" id="2021-20243"/> <issue tracker="cve" id="2021-20241"/> <issue tracker="cve" id="2021-20244"/> <issue tracker="cve" id="2021-20176"/> <issue tracker="cve" id="2021-20313"/> <issue tracker="cve" id="2021-20312"/> <issue tracker="cve" id="2021-20311"/> <issue tracker="cve" id="2021-20309"/> <issue tracker="cve" id="2022-0284"/> <issue tracker="cve" id="2022-28463"/> <issue tracker="cve" id="2022-32545"/> <issue tracker="cve" id="2022-32547"/> <issue tracker="cve" id="2022-32546"/> <issue tracker="cve" id="2019-17540"/> <issue tracker="cve" id="2021-20224"/> <issue tracker="cve" id="2022-44267"/> <issue tracker="cve" id="2022-44268"/> <issue tracker="cve" id="2023-1289"/> <issue tracker="cve" id="2023-3745"/> <issue tracker="cve" id="2020-21679"/> <issue tracker="cve" id="2023-5341"/> <issue tracker="bnc" id="1215939">VUL-0: CVE-2023-5341: ImageMagick: Heap use-after-free in coders/bmp.c</issue> <issue tracker="bnc" id="1214578">VUL-0: CVE-2020-21679: GraphicsMagick, ImageMagick: Buffer Overflow vulnerability in WritePCXImage function in pcx.c in GraphicsMagick 1.4 allows remote attackers to cause a denial of service.</issue> <issue tracker="bnc" id="1211791">VUL-0: CVE-2023-34151: ImageMagick,GraphicsMagick: ImageMagick: Undefined behaviors of casting double to size_t in svg, mvg and other coders</issue> <issue tracker="bnc" id="1209141">VUL-0: CVE-2023-1289: GraphicsMagick,ImageMagick: segmentation fault and possible DoS via specially crafted SVG</issue> <issue tracker="bnc" id="1202800">VUL-0: CVE-2021-20224: ImageMagick: integer overflow in ExportIndexQuantum() function in MagickCore/quantum-export.c</issue> <issue tracker="bnc" id="1202250">VUL-0: CVE-2022-2719: ImageMagick: DoS due to attempted writing of NULL image list</issue> <issue tracker="bnc" id="1153866">VUL-0: CVE-2019-17540: ImageMagick: heap-based buffer overflow in ReadPSInfo in coders/ps.c</issue> <issue tracker="bnc" id="1200388">VUL-1: CVE-2022-32545: ImageMagick: outside the range of representable values of type 'unsigned char' at coders/psd.c</issue> <issue tracker="bnc" id="1200387">VUL-0: CVE-2022-32547: ImageMagick: load of misaligned address at MagickCore/property.c</issue> <issue tracker="bnc" id="1200389">VUL-1: CVE-2022-32546: ImageMagick: outside the range of representable values of type 'unsigned long' at coders/pcl.c</issue> <issue tracker="bnc" id="1182337">VUL-0: CVE-2021-20246: ImageMagick: Division by zero in ScaleResampleFilter in MagickCore/resample.c</issue> <issue tracker="bnc" id="1181836">VUL-0: CVE-2021-20176,CVE-2021-20242: ImageMagick: processing crafted file leads to division by zero</issue> <issue tracker="bnc" id="1182336">VUL-0: CVE-2021-20243: ImageMagick: Division by zero in GetResizeFilterWeight in MagickCore/resize.c</issue> <issue tracker="bnc" id="1182325">VUL-0: CVE-2021-20244: ImageMagick: Division by zero in ImplodeImage in MagickCore/visual-effects.c</issue> <issue tracker="bnc" id="1182335">VUL-0: CVE-2021-20241: ImageMagick: Division by zero in WriteJP2Image() in coders/jp2.c</issue> <issue tracker="bnc" id="1184627">VUL-0: CVE-2021-20312: ImageMagick: Integer overflow in WriteTHUMBNAILImage of coders/thumbnail.c</issue> <issue tracker="bnc" id="1184628">VUL-1: CVE-2021-20313: ImageMagick: Cipher leak when the calculating signatures in TransformSignatureof MagickCore/signature.c</issue> <issue tracker="bnc" id="1184624">VUL-0: CVE-2021-20309: ImageMagick: Division by zero in WaveImage() of MagickCore/visual-effects.c</issue> <issue tracker="bnc" id="1184626">VUL-0: CVE-2021-20311: ImageMagick: Division by zero in sRGBTransformImage() in MagickCore/colorspace.c</issue> <issue tracker="bnc" id="1195563">VUL-0: CVE-2022-0284: ImageMagick: Heap buffer overread in GetPixelAlpha() in MagickCore/pixel-accessor.h</issue> <issue tracker="bnc" id="1199350"></issue> <issue tracker="bnc" id="1197147"></issue> <issue tracker="bnc" id="1207983">VUL-0: CVE-2022-44268: GraphicsMagick,ImageMagick: arbitrary file disclosure when parsing a PNG image</issue> <issue tracker="bnc" id="1207982">VUL-0: CVE-2022-44267: GraphicsMagick,ImageMagick: denial of service when parsing a PNG image</issue> <issue tracker="bnc" id="1213624">VUL-1: CVE-2023-3745: GraphicsMagick,ImageMagick: heap out of bounds read in PushCharPixel() in quantum-private.h</issue> <packager>pgajdos</packager> <rating>important</rating> <category>security</category> <summary>Security update for ImageMagick</summary> <description>This update for ImageMagick fixes the following issues: Security issues: - CVE-2023-5341: Fixed a heap use-after-free in coders/bmp.c. (bsc#1215939) - CVE-2020-21679: Fixed a buffer overflow in WritePCXImage function in pcx.c which may allow a remote attackers to cause a denial of service. (bsc#1214578) - CVE-2023-3745: Fixed heap out of bounds read in PushCharPixel() in quantum-private.h (bsc#1213624). - CVE-2023-34151: Fixed an undefined behavior issue due to floating point truncation (bsc#1211791). - CVE-2023-1289: Fixed segmentation fault and possible DoS via specially crafted SVG. (bsc#1209141) - CVE-2022-44268: Fixed arbitrary file disclosure when parsing a PNG image (bsc#1207983). - CVE-2022-44267: Fixed a denial of service when parsing a PNG image (bsc#1207982). - CVE-2022-32547: Fixed a load of misaligned address at MagickCore/property.c. (bsc#1200387) - CVE-2022-32546: Fixed an outside the range of representable values of type. (bsc#1200389) - CVE-2022-32545: Fixed an outside the range of representable values of type. (bsc#1200388) - CVE-2022-28463: Fixed buffer overflow in coders/cin.c (bsc#1199350). - CVE-2022-2719: Fixed a reachable assertion that could lead to denial of service via a crafted file (bsc#1202250). - CVE-2022-0284: Fixed heap buffer overread in GetPixelAlpha() in MagickCore/pixel-accessor.h (bsc#1195563). - CVE-2021-3574: Fixed memory leaks with convert command (bsc#1203212). - CVE-2021-20313: Cipher leak when the calculating signatures in TransformSignatureof MagickCore/signature.c (bsc#1184628) - CVE-2021-20312: Integer overflow in WriteTHUMBNAILImage of coders/thumbnail.c (bsc#1184627) - CVE-2021-20311: Division by zero in sRGBTransformImage() in MagickCore/colorspace.c (bsc#1184626) - CVE-2021-20309: Division by zero in WaveImage() of MagickCore/visual-effects. (bsc#1184624) - CVE-2021-20246: Division by zero in ScaleResampleFilter in MagickCore/resample.c (bsc#1182337). - CVE-2021-20244: Division by zero in ImplodeImage in MagickCore/visual-effects.c (bsc#1182325). - CVE-2021-20243: Division by zero in GetResizeFilterWeight in MagickCore/resize.c (bsc#1182336). - CVE-2021-20241: Division by zero in WriteJP2Image() in coders/jp2.c (bsc#1182335). - CVE-2021-20224: Fixed an integer overflow that could be triggered via a crafted file (bsc#1202800). - CVE-2021-20176: Fixed an issue where processing a crafted file could lead to division by zero (bsc#1181836). - CVE-2019-17540: Fixed heap-based buffer overflow in ReadPSInfo in coders/ps.c. (bsc#1153866) Bugfixes: - Use png_get_eXIf_1 when available (bsc#1197147). </description> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor