You are here
Home > Preporuke > Sigurnosni nedostaci programskog paketa GraphicsMagick

Sigurnosni nedostaci programskog paketa GraphicsMagick

  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LFE

——————————————————————————–
Fedora Update Notification
FEDORA-2019-f12cb1ddab
2020-01-12 01:14:24.201001
——————————————————————————–

Name : GraphicsMagick
Product : Fedora 30
Version : 1.3.34
Release : 1.fc30
URL : http://www.graphicsmagick.org/
Summary : An ImageMagick fork, offering faster image generation and better quality
Description :
GraphicsMagick is a comprehensive image processing package which is initially
based on ImageMagick 5.5.2, but which has undergone significant re-work by
the GraphicsMagick Group to significantly improve the quality and performance
of the software.

——————————————————————————–
Update Information:

New bugfix and security upstream release, see
http://www.graphicsmagick.org/NEWS.html#december-24-2019
——————————————————————————–
ChangeLog:

* Mon Dec 30 2019 Rex Dieter <rdieter@fedoraproject.org> – 1.3.34-1
– 1.3.34
* Sat Aug 17 2019 Rex Dieter <rdieter@fedoraproject.org> – 1.3.33-1
– 1.3.33
– use %perl feature macro (instead of %flatpak) everywhere
* Wed Jul 24 2019 Fedora Release Engineering <releng@fedoraproject.org> – 1.3.32-3
– Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
* Wed Jul 17 2019 Kalev Lember <klember@redhat.com> – 1.3.32-2
– Disable perl support for flatpak builds
* Mon Jun 17 2019 Rex Dieter <rdieter@fedoraproject.org> – 1.3.32-1
– 1.3.32
* Thu May 30 2019 Jitka Plesnikova <jplesnik@redhat.com> – 1.3.31-6
– Perl 5.30 rebuild
——————————————————————————–
References:

[ 1 ] Bug #1561225 – CVE-2018-9018 GraphicsMagick: divide-by-zero in the ReadMNGImage function in coders/png.c
https://bugzilla.redhat.com/show_bug.cgi?id=1561225
[ 2 ] Bug #1767812 – CVE-2019-15139 ImageMagick: out-of-bounds read in ReadXWDImage in coders/xwd.c
https://bugzilla.redhat.com/show_bug.cgi?id=1767812
——————————————————————————–

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade –advisory FEDORA-2019-f12cb1ddab’ at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org

——————————————————————————–
Fedora Update Notification
FEDORA-2019-210b0a6e4f
2020-01-12 01:40:13.410072
——————————————————————————–

Name : GraphicsMagick
Product : Fedora 31
Version : 1.3.34
Release : 1.fc31
URL : http://www.graphicsmagick.org/
Summary : An ImageMagick fork, offering faster image generation and better quality
Description :
GraphicsMagick is a comprehensive image processing package which is initially
based on ImageMagick 5.5.2, but which has undergone significant re-work by
the GraphicsMagick Group to significantly improve the quality and performance
of the software.

——————————————————————————–
Update Information:

New bugfix and security upstream release, see
http://www.graphicsmagick.org/NEWS.html#december-24-2019
——————————————————————————–
ChangeLog:

* Mon Dec 30 2019 Rex Dieter <rdieter@fedoraproject.org> – 1.3.34-1
– 1.3.34
——————————————————————————–
References:

[ 1 ] Bug #1767812 – CVE-2019-15139 ImageMagick: out-of-bounds read in ReadXWDImage in coders/xwd.c
https://bugzilla.redhat.com/show_bug.cgi?id=1767812
[ 2 ] Bug #1561225 – CVE-2018-9018 GraphicsMagick: divide-by-zero in the ReadMNGImage function in coders/png.c
https://bugzilla.redhat.com/show_bug.cgi?id=1561225
——————————————————————————–

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade –advisory FEDORA-2019-210b0a6e4f’ at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org

AutorJosip Papratovic
Cert idNCERT-REF-2020-01-0001-ADV
CveCERT-CVE-DUMMY
ID izvornikaCERT-ORIGID-DUMMY
ProizvodCERT-DUMMY-PRODUCT
IzvorAdobe
Top
More in Preporuke
Sigurnosni nedostatak programskog paketa dovecot

Otkriven je sigurnosni nedostatak u programskom paketu dovecot za operacijski sustav Fedora. Otkriveni nedostatak potencijalnim napadačima omogućuje izazivanje DoS stanja....

Close