#7911: ImageMagick-7.0.1-9
-------------------------+-----------------------
 Reporter:  renodr       |       Owner:  renodr
     Type:  enhancement  |      Status:  assigned
 Priority:  normal       |   Milestone:  7.10
Component:  BOOK         |     Version:  SVN
 Severity:  normal       |  Resolution:
 Keywords:               |
-------------------------+-----------------------
Description changed by renodr:

Old description:

> Major security fixes.

New description:

 Major security fixes.

 Security Issues:

 {{{
 CVE-2015-8894 (tgs processing issue: Double free in coders/tga.c)
 CVE-2015-8895
 CVE-2015-8896 (integer truncation issue)
 CVE-2016-5239 (ImageMagick, GraphicsMagick: Gnuplot delegate vulnerability
 allowing command injection).
 CVE-2015-8897 (Out of bounds error in SpliceImage.)
 CVE-2015-8898 (Prevent null pointer access in magick/constitute.c)
 CVE-2014-9804 (Avoid a DoS in vision.c due to an infinite loop.)
 CVE-2014-9805 (Avoid a SEGV due to a corrupted pnm file.)
 CVE-2014-9806 (Do not leak fd due to corrupted file.)
 CVE-2014-9807 (Fix a double free in pdb coder.)
 CVE-2014-9808 (Fix a SEGV due to corrupted dpc images.)
 CVE-2014-9809 (Fix a SEGV due to a corrupted xwd image.)
 CVE-2014-9810 (Fix a SEGV in dpx file handler.)
 CVE-2014-9811 (Fix a SEGV in malformed xwd file handler.)
 CVE-2014-9812 (Avoid a NULL pointer dereference in ps file handling.)
 CVE-2014-9813 (Fix a crash with corrupted viff file.)
 CVE-2014-9814 (Fix a NULL pointer dererference in wpg file handling.)
 CVE-2014-9815 (Do not continue on corrupted wpg file.)
 CVE-2014-9816 (Avoid an out-of-bounds access in viff image.)
 CVE-2014-9817 (Avoid a heap buffer overflow in pdb file handling.)
 CVE-2014-9818 (Avoid an out of bounds access on malformed sun file.)
 CVE-2014-9819 (Avoid heap overflow in palm files.)
 CVE-2014-9820 (Avoid heap overflow in pnm files.)
 CVE-2014-9821 (Avoid heap overflow in xpm files.)
 CVE-2014-9822 (Fix heap overflow in quantum files.)
 CVE-2014-9823 (Fix heap overflow in palm files.)
 CVE-2014-9824 (Fix heap overflow in psd files.)
 CVE-2014-9825 (Fix handling of corrupted psd file.)
 CVE-2014-9826 (Fix handling of corrupted sun file.)
 CVE-2014-9827 (Fix handling of corrupted xpm file.)
 CVE-2014-9828 (Fix handling of corrupted (too many colors) psd file.)
 CVE-2014-9829 (FIx out-of-bounds access in sun file.)
 CVE-2014-9830 (Fix handling of corrupted sun file.)
 CVE-2014-9831 (Fix handling of corrupted wpg file.)
 CVE-2014-9832 (Fix heap overflow in pcx file.)
 CVE-2014-9833 (Fix heap overflow in psd file.)
 CVE-2014-9834 (Fix heap overflow in pict file.)
 CVE-2014-9835 (Fix heap overflow in wpf file.)
 CVE-2014-9836 (Fix heap overflow in xpm file.)
 CVE-2014-9837 (Add additional PNM sanity checks.)
 CVE-2014-9838 (Avoid a crash to out of memory in magick/cache.c)
 CVE-2014-9839 (Fix a theoretical out-of-bounds access in magick/colormap-
 private.h)
 CVE-2014-9840 (Fix an out-of-bounds access in palm file.)
 CVE-2014-9841 (Fixed throwing of exceptions in psd handling.)
 CVE-2014-9842 (Memory leak.)
 CVE-2014-9843 (Fixed boundary checks in DecodePSDPixels.)
 CVE-2014-9844 (Fixed another out-of-bound problem in rle file.)
 CVE-2014-9845 (Fix crash due to corrupted dib file.)
 CVE-2014-9846 (Added checks to prevent overflow in rle file.)
 CVE-2014-9847 (Don't try to handle a "previous" image in the JNG decoder.)
 CVE-2014-9848 (Avoid a memory leak in quantum management.)
 CVE-2014-9849 (Avoid a crash in png coder.)
 CVE-2014-9850
 CVE-2014-9851 (In psd file handling fixed parsing resource block and avoid
 a crash.)
 CVE-2014-9852 (In cache fix usage of object after it has been destroyed.)
 CVE-2014-9853 (Avoid a memory leak in rle file handling.)
 CVE-2014-9854
 }}}

--

--
Ticket URL: <http://wiki.linuxfromscratch.org/blfs/ticket/7911#comment:3>
BLFS Trac <http://wiki.linuxfromscratch.org/blfs>
Beyond Linux From Scratch
-- 
http://lists.linuxfromscratch.org/listinfo/blfs-book
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page

Reply via email to