[ubuntu/xenial-updates] graphicsmagick 1.3.23-1ubuntu0.3 (Accepted)

Mon, 16 Dec 2019 09:29:06 -0800 

graphicsmagick (1.3.23-1ubuntu0.3) xenial-security; urgency=medium

  * SECURITY UPDATE: Null pointer dereference in WriteMAPImage()
    - debian/patches/CVE-2017-11638_CVE-2017-11642.patch: Fix null pointer
      dereference or SEGV if input is not colormapped.
    - CVE-2017-11638
    - CVE-2017-11642
  * SECURITY UPDATE: Memory leak in PersistCache()
    - debian/patches/CVE-2017-11641.patch: Fix memory leak while writing Magick
      Persistent Cache format.
    - CVE-2017-11641
  * SECURITY UPDATE: Heap overflow in WriteCMYKImage()
    - debian/patches/CVE-2017-11643.patch: Fixed heap overflow with multiple
      frames with varying widths.
    - CVE-2017-11643
  * SECURITY UPDATE: Invalid memory read in SetImageColorCallBack()
    - debian/patches/CVE-2017-12935.patch: Reject MNG with too-large dimensions
      (over 65535).
    - CVE-2017-12935
  * SECURITY UPDATE: Use-after-free in ReadWMFImage()
    - debian/patches/CVE-2017-12936.patch: Eliminate use of already freed heap
      data in error reporting path.
    - CVE-2017-12936
  * SECURITY UPDATE: Heap-based buffer over-read in ReadSUNImage()
    - debian/patches/CVE-2017-12937.patch: Fix heap read overflow while indexing
      colormap in bilevel decoder.
    - CVE-2017-12937
  * SECURITY UPDATE: Heap-based buffer overflow vulnerability 
    - debian/patches/CVE-2017-13063_CVE-2017-13064_CVE-2017-13065.patch: Fix
      buffer-overflow and inconsistent behavior in GetStyleTokens().
    - CVE-2017-13063
    - CVE-2017-13064
    - CVE-2017-13065
  * SECURITY UPDATE: Heap-based buffer over-read in SFWScan
    - debian/patches/CVE-2017-13134.patch: Fix heap buffer overflow in
      SFWScan().
    - CVE-2017-13134
  * SECURITY UPDATE: Invalid free in MagickFree()
    - debian/patches/CVE-2017-13737.patch: NumberOfObjectsInArray() must round
      down, rather than up.
    - CVE-2017-13737
  * SECURITY UPDATE: DoS in ReadJNXImage()
    - debian/patches/CVE-2017-13775.patch: Fix DOS issues.
    - CVE-2017-13775
  * SECURITY UPDATE: DoS in ReadXBMImage()
    - debian/patches/CVE-2017-13776_CVE-2017-13777.patch: Fix DOS issues.
    - CVE-2017-13776
    - CVE-2017-13777

Date: 2019-12-16 14:52:14.979278+00:00
Changed-By: Eduardo dos Santos Barretto <eduardo.barre...@canonical.com>
Signed-By: Ubuntu Archive Robot 
<cjwatson+ubuntu-archive-ro...@chiark.greenend.org.uk>
https://launchpad.net/ubuntu/+source/graphicsmagick/1.3.23-1ubuntu0.3

Sorry, changesfile not available.
-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

Reply via email to