| |||||||||||||||||||
Mageia alert MGASA-2012-0267 (graphicsmagick)
MGASA-2012-0267 Date: September 13th, 2012 Affected releases: 1, 2 Description: Updated graphicsmagick packages fix security vulnerability: The Magick_png_malloc function in coders/png.c in GraphicsMagick 1.3.16 and earlier does not use the proper variable type for the allocation size, which might allow remote attackers to cause a denial of service (crash) via a crafted PNG file that triggers incorrect memory allocation (CVE-2012-3438). Updated Packages: Mageia 1: graphicsmagick-1.3.12-3.3.mga1 lib(64)graphicsmagick3-1.3.12-3.3.mga1 lib(64)graphicsmagickwand2-1.3.12-3.3.mga1 lib(64)graphicsmagick-devel-1.3.12-3.3.mga1 perl-Graphics-Magick-1.3.12-3.3.mga1 graphicsmagick-doc-1.3.12-3.3.mga1 Mageia 2: graphicsmagick-1.3.13-1.5.mga2 lib(64)graphicsmagick3-1.3.13-1.5.mga2 lib(64)graphicsmagickwand2-1.3.13-1.5.mga2 lib(64)graphicsmagick-devel-1.3.13-1.5.mga2 perl-Graphics-Magick-1.3.13-1.5.mga2 graphicsmagick-doc-1.3.13-1.5.mga2 References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3438 http://lists.fedoraproject.org/pipermail/package-announce... https://bugs.mageia.org/show_bug.cgi?id=7396 https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-... (Log in to post comments)
|
|||||||||||||||||||