[SECURITY] Fedora EPEL 6 Update: GraphicsMagick-1.3.28-1.el6

Wed, 14 Feb 2018 09:04:48 -0800 

--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2018-1049ca4872
2018-02-14 17:01:43.077684
--------------------------------------------------------------------------------

Name        : GraphicsMagick
Product     : Fedora EPEL 6
Version     : 1.3.28
Release     : 1.el6
URL         : http://www.graphicsmagick.org/
Summary     : An ImageMagick fork, offering faster image generation and better 
quality
Description :
GraphicsMagick is a comprehensive image processing package which is initially
based on ImageMagick 5.5.2, but which has undergone significant re-work by
the GraphicsMagick Group to significantly improve the quality and performance
of the software.

--------------------------------------------------------------------------------
Update Information:

Latest stable release, includes many bug and security fixes.  See also
http://www.graphicsmagick.org/NEWS.html#january-20-2017
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1473729 - CVE-2017-11102 GraphicsMagick: Input validation failure 
in ReadOneJNGImage function may cause denial of service [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1473729
  [ 2 ] Bug #1473741 - CVE-2017-11139 GraphicsMagick: double free 
vulnerabilities in the [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1473741
  [ 3 ] Bug #1473752 - CVE-2017-11140 GraphicsMagick: Resource exhaustion 
denial of service in ReadJPEGImage function [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1473752
  [ 4 ] Bug #1475454 - CVE-2017-11637 GraphicsMagick: NULL pointer dereference 
in WritePCLImage() in coders/pcl.c [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1475454
  [ 5 ] Bug #1475458 - CVE-2017-11636 GraphicsMagick: Heap based buffer 
over-write in WriteRGBImage in coders/rgb.c [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1475458
  [ 6 ] Bug #1475490 - CVE-2017-11641 GraphicsMagick: Memory Leak in the 
PersistCache in magick/pixel_cache.c [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1475490
  [ 7 ] Bug #1475498 - CVE-2017-11643 GraphicsMagick: Heap based over-write in 
WriteCMYKImagefunction in coders/cmyk.c [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1475498
  [ 8 ] Bug #1484483 - CVE-2017-13147 GraphicsMagick: Allocation failure in 
ReadMNGImage function in coders/png.c [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1484483
  [ 9 ] Bug #1512038 - CVE-2017-16669 GraphicsMagick: Heap buffer over-write in 
AcquireCacheNexus function in magick/pixel_cache.c [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1512038
  [ 10 ] Bug #1512049 - CVE-2017-16353 GraphicsMagick: ImageMagick, 
GraphicsMagick: memory information disclosure in DescribeImage function in 
magick/describe.c [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1512049
  [ 11 ] Bug #1528037 - CVE-2017-17782 GraphicsMagick: heap-based buffer 
over-read in ReadOneJNGImage function in coders/png.c [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1528037
  [ 12 ] Bug #1528051 - CVE-2017-17783 GraphicsMagick: heap based buffer 
over-read in ReadPALMImage in coders/palm.c [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1528051
  [ 13 ] Bug #1529535 - CVE-2017-17915 GraphicsMagick: Memory leak in the 
function ReadMNGImage in coders/png.c [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1529535
  [ 14 ] Bug #1529557 - CVE-2017-17913 GraphicsMagick: stack-based buffer 
over-read in WriteWEBPImage in coders/webp.c [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1529557
  [ 15 ] Bug #1529580 - CVE-2017-17912 GraphicsMagick:  GraphicsMagick: 
heap-based buffer over-read in ReadNewsProfile in coders/tiff.c [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1529580
  [ 16 ] Bug #1536951 - CVE-2018-5685 GraphicsMagick: Infinite loop and 
application hang in coders/bmp.c:ReadBMPImage [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1536951
--------------------------------------------------------------------------------

This update can be installed with the "yum" update programs.  Use
su -c 'yum update GraphicsMagick' at the command line.
For more information, refer to "YUM", available at
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/System_Administrators_Guide/ch-yum.html

All packages are signed with the Fedora EPEL GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
epel-package-announce mailing list -- 
epel-package-announce@lists.fedoraproject.org
To unsubscribe send an email to 
epel-package-announce-le...@lists.fedoraproject.org

Reply via email to