imagemagick: multiple vulnerabilities
| Package(s): | ImageMagick | CVE #(s): | CVE-2014-9907 CVE-2015-8959 CVE-2016-7513 CVE-2016-7514 CVE-2016-7518 CVE-2016-7520 CVE-2016-7521 CVE-2016-7523 CVE-2016-7525 CVE-2016-7530 CVE-2016-7532 CVE-2016-7534 CVE-2016-7535 CVE-2016-7536 CVE-2016-7538 CVE-2016-7539 CVE-2016-7540 CVE-2016-8677 | ||||||||||||||||||||||||||||||||
| Created: | October 31, 2016 | Updated: | January 30, 2017 | ||||||||||||||||||||||||||||||||
| Description: | From the openSUSE advisory:
- CVE-2014-9907: DOS due to corrupted DDS files (bsc#1000714) - CVE-2015-8959: DOS due to corrupted DDS files (bsc#1000713) - CVE-2016-7513: Off-by-one error leading to segfault (bsc#1000686) - CVE-2016-7514: Out-of-bounds read in coders/psd.c (bsc#1000688) - CVE-2016-7518: Out-of-bounds read in coders/sun.c (bsc#1000694) - CVE-2016-7520: Heap overflow in hdr file handling (bsc#1000696) - CVE-2016-7521: Heap buffer overflow in psd file handling (bsc#1000697) - CVE-2016-7523: AddressSanitizer:heap-buffer-overflow READ of size 1 meta.c:496 (bsc#1000699) - CVE-2016-7525: Heap buffer overflow in psd file coder (bsc#1000701) - CVE-2016-7530: Out of bound in quantum handling (bsc#1000703) - CVE-2016-7532: Fix handling of corrupted psd file (bsc#1000706) - CVE-2016-7534: Out of bound access in generic decoder (bsc#1000708) - CVE-2016-7535: Out of bound access for corrupted psd file (bsc#1000709) - CVE-2016-7536: SEGV reported in corrupted profile handling (bsc#1000710) - CVE-2016-7538: SIGABRT for corrupted pdb file (bsc#1000712) - CVE-2016-7539: Potential DOS by not releasing memory (bsc#1000715) - CVE-2016-7540: Writing to RGF format aborts (bsc#1000394) - CVE-2016-8677: Memory allocation failure in AcquireQuantumPixels (bsc#1005328) | ||||||||||||||||||||||||||||||||||
| Alerts: |
| ||||||||||||||||||||||||||||||||||