You are here
Home > Preporuke > Sigurnosni nedostaci programskog paketa ImageMagick

Sigurnosni nedostaci programskog paketa ImageMagick

  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LRH

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA256

=====================================================================
Red Hat Security Advisory

Synopsis: Moderate: ImageMagick security, bug fix, and enhancement update
Advisory ID: RHSA-2020:1180-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2020:1180
Issue date: 2020-03-31
CVE Names: CVE-2017-11166 CVE-2017-12805 CVE-2017-12806
CVE-2017-18251 CVE-2017-18252 CVE-2017-18254
CVE-2017-18271 CVE-2017-18273 CVE-2017-1000476
CVE-2018-8804 CVE-2018-9133 CVE-2018-10177
CVE-2018-10804 CVE-2018-10805 CVE-2018-11656
CVE-2018-12599 CVE-2018-12600 CVE-2018-13153
CVE-2018-14434 CVE-2018-14435 CVE-2018-14436
CVE-2018-14437 CVE-2018-15607 CVE-2018-16328
CVE-2018-16749 CVE-2018-16750 CVE-2018-18544
CVE-2018-20467 CVE-2019-7175 CVE-2019-7397
CVE-2019-7398 CVE-2019-9956 CVE-2019-10131
CVE-2019-10650 CVE-2019-11470 CVE-2019-11472
CVE-2019-11597 CVE-2019-11598 CVE-2019-12974
CVE-2019-12975 CVE-2019-12976 CVE-2019-12978
CVE-2019-12979 CVE-2019-13133 CVE-2019-13134
CVE-2019-13135 CVE-2019-13295 CVE-2019-13297
CVE-2019-13300 CVE-2019-13301 CVE-2019-13304
CVE-2019-13305 CVE-2019-13306 CVE-2019-13307
CVE-2019-13309 CVE-2019-13310 CVE-2019-13311
CVE-2019-13454 CVE-2019-14980 CVE-2019-14981
CVE-2019-15139 CVE-2019-15140 CVE-2019-15141
CVE-2019-16708 CVE-2019-16709 CVE-2019-16710
CVE-2019-16711 CVE-2019-16712 CVE-2019-16713
CVE-2019-17540 CVE-2019-17541 CVE-2019-19948
CVE-2019-19949
=====================================================================

1. Summary:

An update for ImageMagick, autotrace, emacs, and inkscape is now available
for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Client (v. 7) – noarch, x86_64
Red Hat Enterprise Linux Client Optional (v. 7) – noarch, x86_64
Red Hat Enterprise Linux ComputeNode (v. 7) – noarch
Red Hat Enterprise Linux ComputeNode Optional (v. 7) – noarch, x86_64
Red Hat Enterprise Linux Server (v. 7) – noarch, ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 7) – noarch, ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 7) – noarch, x86_64
Red Hat Enterprise Linux Workstation Optional (v. 7) – noarch, x86_64

3. Description:

ImageMagick is an image display and manipulation tool for the X Window
System that can read and write multiple image formats.

The following packages have been upgraded to a later upstream version:
ImageMagick (6.9.10.68). (BZ#1764595)

Security Fix(es):

* ImageMagick: multiple security vulnerabilities (CVE-2018-12599,
CVE-2018-12600, CVE-2019-9956, CVE-2019-11597, CVE-2019-11598,
CVE-2019-12974, CVE-2019-12978, CVE-2019-12979, CVE-2019-13135,
CVE-2019-13295, CVE-2019-13297, CVE-2019-13300, CVE-2019-13301,
CVE-2019-13304, CVE-2019-13305, CVE-2019-13306, CVE-2019-13307,
CVE-2019-15139, CVE-2019-15140, CVE-2019-15141, CVE-2019-17540,
CVE-2019-17541, CVE-2019-19948, CVE-2017-11166, CVE-2017-12805,
CVE-2017-12806, CVE-2017-18251, CVE-2017-18252, CVE-2017-18254,
CVE-2017-18271, CVE-2017-18273, CVE-2017-1000476, CVE-2018-8804,
CVE-2018-9133, CVE-2018-10177, CVE-2018-10804, CVE-2018-10805,
CVE-2018-11656, CVE-2018-13153, CVE-2018-14434, CVE-2018-14435,
CVE-2018-14436, CVE-2018-14437, CVE-2018-15607, CVE-2018-16328,
CVE-2018-16749, CVE-2018-16750, CVE-2018-18544, CVE-2018-20467,
CVE-2019-7175, CVE-2019-7397, CVE-2019-7398, CVE-2019-10131,
CVE-2019-10650, CVE-2019-11470, CVE-2019-11472, CVE-2019-12975,
CVE-2019-12976, CVE-2019-13133, CVE-2019-13134, CVE-2019-13309,
CVE-2019-13310, CVE-2019-13311, CVE-2019-13454, CVE-2019-14980,
CVE-2019-14981, CVE-2019-16708, CVE-2019-16709, CVE-2019-16710,
CVE-2019-16711, CVE-2019-16712, CVE-2019-16713, CVE-2019-19949)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat
Enterprise Linux 7.8 Release Notes linked from the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1532845 – CVE-2017-1000476 ImageMagick: CPU exhaustion vulnerability in function ReadDDSInfo in coders/dds.c
1559892 – CVE-2018-8804 ImageMagick: double free in WriteEPTImage function in coders/ept.c
1561741 – CVE-2017-18251 ImageMagick: memory leak in ReadPCDImage function in coders/pcd.c
1561742 – CVE-2017-18252 ImageMagick: assertion failure in MogrifyImageList function in MagickWand/mogrify.c
1561744 – CVE-2017-18254 ImageMagick: memory leak in WriteGIFImage function in coders/gif.c
1563875 – CVE-2018-9133 ImageMagick: excessive iteration in the DecodeLabImage and EncodeLabImage functions in coders/tiff.c
1572044 – CVE-2018-10177 ImageMagick: Infinite loop in coders/png.c:ReadOneMNGImage() allows attackers to cause a denial of service via crafted MNG file
1577398 – CVE-2018-10805 ImageMagick: Memory leak in ReadYCBCRImage
1577399 – CVE-2018-10804 ImageMagick: Memory leak in WriteTIFFImage
1581486 – CVE-2017-18271 ImageMagick: infinite loop in ReadMIFFImage function in coders/miff.c
1581489 – CVE-2017-18273 ImageMagick: infinite loop ReadTXTImage in function in coders/txt.c
1588170 – CVE-2018-11656 ImageMagick: memory leak in ReadDCMImage function in coders/dcm.c
1594338 – CVE-2018-12599 ImageMagick: out of bounds write in ReadBMPImage and WriteBMPImage in coders/bmp.c
1594339 – CVE-2018-12600 ImageMagick: out of bounds write ReadDIBImage and WriteDIBImage in coders/dib.c
1598471 – CVE-2018-13153 ImageMagick: memory leak in the XMagickCommand function in MagickCore/animate.c
1609933 – CVE-2018-14434 ImageMagick: memory leak for a colormap in WriteMPCImage in coders/mpc.c
1609936 – CVE-2018-14435 ImageMagick: memory leak in DecodeImage in coders/pcd.c
1609939 – CVE-2018-14436 ImageMagick: memory leak in ReadMIFFImage in coders/miff.c
1609942 – CVE-2018-14437 ImageMagick: memory leak in parse8BIM in coders/meta.c
1622738 – CVE-2018-15607 ImageMagick: CPU Exhaustion via crafted input file
1624955 – CVE-2018-16328 ImageMagick: NULL pointer dereference in CheckEventLogging function in MagickCore/log.c
1627916 – CVE-2018-16749 ImageMagick: reachable assertion in ReadOneJNGImage in coders/png.c
1627917 – CVE-2018-16750 ImageMagick: Memory leak in the formatIPTCfromBuffer function in coders/meta.c
1642614 – CVE-2018-18544 ImageMagick: memory leak in WriteMSLImage of coders/msl.c
1664845 – CVE-2018-20467 ImageMagick: infinite loop in coders/bmp.c
1672560 – CVE-2019-7398 ImageMagick: Memory leak in the WriteDIBImage function in coders/dib.c
1672564 – CVE-2019-7397 ImageMagick: Memory leak in the WritePDFImage function in coders/pdf.c
1687436 – CVE-2019-7175 imagemagick: memory leak in function DecodeImage in coders/pcd.c
1692300 – CVE-2019-9956 imagemagick: stack-based buffer overflow in function PopHexPixel in coders/ps.c
1700755 – CVE-2019-10650 ImageMagick: heap-based buffer over-read in WriteTIFFImage of coders/tiff.c leads to denial of service or information disclosure via crafted image file
1704762 – CVE-2019-10131 ImageMagick: off-by-one read in formatIPTCfromBuffer function in coders/meta.c
1705406 – CVE-2019-11597 ImageMagick: heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c leading to DoS or information disclosure
1705414 – CVE-2019-11598 ImageMagick: heap-based buffer over-read in the function WritePNMImage of coders/pnm.c leading to DoS or information disclosure
1707768 – CVE-2019-11472 ImageMagick: denial of service in ReadXWDImage in coders/xwd.c in the XWD image parsing component
1707770 – CVE-2019-11470 ImageMagick: denial of service in cineon parsing component
1708517 – CVE-2017-12806 ImageMagick: memory exhaustion in function format8BIM causing denial of service
1708521 – CVE-2017-12805 ImageMagick: memory exhaustion in function ReadTIFFImage causing denial of service
1726078 – CVE-2019-13133 ImageMagick: a memory leak vulnerability in the function ReadBMPImage in coders/bmp.c
1726081 – CVE-2019-13134 ImageMagick: a memory leak vulnerability in the function ReadVIFFImage in coders/viff.c
1726104 – CVE-2019-13135 ImageMagick: a “use of uninitialized value” vulnerability in the function ReadCUTImage leading to a crash and DoS
1728474 – CVE-2019-13454 ImageMagick: division by zero in RemoveDuplicateLayers in MagickCore/layer.c
1730329 – CVE-2019-13311 ImageMagick: memory leaks at AcquireMagickMemory because of a wand/mogrify.c error
1730333 – CVE-2019-13310 ImageMagick: memory leaks at AcquireMagickMemory because of an error in MagickWand/mogrify.c
1730337 – CVE-2019-13309 ImageMagick: memory leaks at AcquireMagickMemory due to mishandling the NoSuchImage error in CLIListOperatorImages
1730351 – CVE-2019-13307 ImageMagick: heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling rows
1730357 – CVE-2019-13306 ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of off-by-one errors
1730361 – CVE-2019-13305 ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced strncpy and an off-by-one error
1730364 – CVE-2019-13304 ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced assignment
1730575 – CVE-2019-13301 ImageMagick: memory leaks in AcquireMagickMemory
1730580 – CVE-2019-13300 ImageMagick: heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling columns
1730596 – CVE-2019-13297 ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is mishandled
1730604 – CVE-2019-13295 ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled
1732278 – CVE-2019-12974 imagemagick: null-pointer dereference in function ReadPANGOImage in coders/pango.c and ReadVIDImage in coders/vid.c causing denial of service
1732282 – CVE-2019-12975 imagemagick: memory leak vulnerability in function WriteDPXImage in coders/dpx.c
1732284 – CVE-2019-12976 imagemagick: memory leak vulnerability in function ReadPCLImage in coders/pcl.c
1732292 – CVE-2019-12978 imagemagick: use of uninitialized value in function ReadPANGOImage in coders/pango.c
1732294 – CVE-2019-12979 imagemagick: use of uninitialized value in functionSyncImageSettings in MagickCore/image.c
1743658 – [config/type-ghostscript.xml.in] using outdated hardcoded paths for (URW)++ fonts
1757779 – CVE-2019-14980 ImageMagick: use-after-free in magick/blob.c resulting in a denial of service
1757911 – CVE-2019-14981 ImageMagick: division by zero in MeanShiftImage in MagickCore/feature.c
1764595 – Rebase to ImageMagick 6.9
1765205 – Rebuild autotrace due to ImageMagick rebase
1765208 – Rebuild emacs due to ImageMagick rebase
1765211 – Rebuild inkscape due to ImageMagick rebase
1765330 – CVE-2019-17540 ImageMagick: heap-based buffer overflow in ReadPSInfo in coders/ps.c
1767087 – CVE-2019-17541 ImageMagick: Use after free in ReadICCProfile function in coders/jpeg.c
1767802 – CVE-2019-15141 ImageMagick: heap-based buffer overflow in WriteTIFFImage in coders/tiff.c
1767812 – CVE-2019-15139 ImageMagick: out-of-bounds read in ReadXWDImage in coders/xwd.c
1767828 – CVE-2019-15140 ImageMagick: Use after free in ReadMATImage in coders/mat.c
1772643 – CVE-2017-11166 ImageMagick: memory leak vulnerability in ReadXWDImage function in coders/xwd.c
1792480 – CVE-2019-19949 ImageMagick: heap-based buffer over-read in WritePNGImage in coders/png.c
1793177 – CVE-2019-19948 ImageMagick: heap-based buffer overflow in WriteSGIImage in coders/sgi.c
1801661 – CVE-2019-16709 ImageMagick: memory leak in coders/dps.c
1801665 – CVE-2019-16708 ImageMagick: memory leak in magick/xwindow.c
1801667 – CVE-2019-16710 ImageMagick: memory leak in coders/dot.c
1801673 – CVE-2019-16711 ImageMagick: memory leak in Huffman2DEncodeImage in coders/ps2.c
1801674 – CVE-2019-16712 ImageMagick: memory leak in Huffman2DEncodeImage in coders/ps3.c
1801681 – CVE-2019-16713 ImageMagick: memory leak in coders/dot.c

6. Package List:

Red Hat Enterprise Linux Client (v. 7):

Source:
ImageMagick-6.9.10.68-3.el7.src.rpm
emacs-24.3-23.el7.src.rpm
inkscape-0.92.2-3.el7.src.rpm

noarch:
emacs-filesystem-24.3-23.el7.noarch.rpm

x86_64:
ImageMagick-6.9.10.68-3.el7.i686.rpm
ImageMagick-6.9.10.68-3.el7.x86_64.rpm
ImageMagick-c++-6.9.10.68-3.el7.i686.rpm
ImageMagick-c++-6.9.10.68-3.el7.x86_64.rpm
ImageMagick-debuginfo-6.9.10.68-3.el7.i686.rpm
ImageMagick-debuginfo-6.9.10.68-3.el7.x86_64.rpm
emacs-24.3-23.el7.x86_64.rpm
emacs-common-24.3-23.el7.x86_64.rpm
emacs-debuginfo-24.3-23.el7.x86_64.rpm
emacs-nox-24.3-23.el7.x86_64.rpm
inkscape-0.92.2-3.el7.x86_64.rpm
inkscape-debuginfo-0.92.2-3.el7.x86_64.rpm

Red Hat Enterprise Linux Client Optional (v. 7):

Source:
autotrace-0.31.1-38.el7.src.rpm

noarch:
emacs-el-24.3-23.el7.noarch.rpm
emacs-terminal-24.3-23.el7.noarch.rpm

x86_64:
ImageMagick-c++-devel-6.9.10.68-3.el7.i686.rpm
ImageMagick-c++-devel-6.9.10.68-3.el7.x86_64.rpm
ImageMagick-debuginfo-6.9.10.68-3.el7.i686.rpm
ImageMagick-debuginfo-6.9.10.68-3.el7.x86_64.rpm
ImageMagick-devel-6.9.10.68-3.el7.i686.rpm
ImageMagick-devel-6.9.10.68-3.el7.x86_64.rpm
ImageMagick-doc-6.9.10.68-3.el7.x86_64.rpm
ImageMagick-perl-6.9.10.68-3.el7.x86_64.rpm
autotrace-0.31.1-38.el7.i686.rpm
autotrace-0.31.1-38.el7.x86_64.rpm
autotrace-debuginfo-0.31.1-38.el7.i686.rpm
autotrace-debuginfo-0.31.1-38.el7.x86_64.rpm
autotrace-devel-0.31.1-38.el7.i686.rpm
autotrace-devel-0.31.1-38.el7.x86_64.rpm
inkscape-debuginfo-0.92.2-3.el7.x86_64.rpm
inkscape-docs-0.92.2-3.el7.x86_64.rpm
inkscape-view-0.92.2-3.el7.x86_64.rpm

Red Hat Enterprise Linux ComputeNode (v. 7):

Source:
emacs-24.3-23.el7.src.rpm

noarch:
emacs-filesystem-24.3-23.el7.noarch.rpm

Red Hat Enterprise Linux ComputeNode Optional (v. 7):

Source:
ImageMagick-6.9.10.68-3.el7.src.rpm
autotrace-0.31.1-38.el7.src.rpm
inkscape-0.92.2-3.el7.src.rpm

noarch:
emacs-el-24.3-23.el7.noarch.rpm
emacs-terminal-24.3-23.el7.noarch.rpm

x86_64:
ImageMagick-6.9.10.68-3.el7.i686.rpm
ImageMagick-6.9.10.68-3.el7.x86_64.rpm
ImageMagick-c++-6.9.10.68-3.el7.i686.rpm
ImageMagick-c++-6.9.10.68-3.el7.x86_64.rpm
ImageMagick-c++-devel-6.9.10.68-3.el7.i686.rpm
ImageMagick-c++-devel-6.9.10.68-3.el7.x86_64.rpm
ImageMagick-debuginfo-6.9.10.68-3.el7.i686.rpm
ImageMagick-debuginfo-6.9.10.68-3.el7.x86_64.rpm
ImageMagick-devel-6.9.10.68-3.el7.i686.rpm
ImageMagick-devel-6.9.10.68-3.el7.x86_64.rpm
ImageMagick-doc-6.9.10.68-3.el7.x86_64.rpm
ImageMagick-perl-6.9.10.68-3.el7.x86_64.rpm
autotrace-0.31.1-38.el7.i686.rpm
autotrace-0.31.1-38.el7.x86_64.rpm
autotrace-debuginfo-0.31.1-38.el7.i686.rpm
autotrace-debuginfo-0.31.1-38.el7.x86_64.rpm
autotrace-devel-0.31.1-38.el7.i686.rpm
autotrace-devel-0.31.1-38.el7.x86_64.rpm
emacs-24.3-23.el7.x86_64.rpm
emacs-common-24.3-23.el7.x86_64.rpm
emacs-debuginfo-24.3-23.el7.x86_64.rpm
emacs-nox-24.3-23.el7.x86_64.rpm
inkscape-0.92.2-3.el7.x86_64.rpm
inkscape-debuginfo-0.92.2-3.el7.x86_64.rpm
inkscape-docs-0.92.2-3.el7.x86_64.rpm
inkscape-view-0.92.2-3.el7.x86_64.rpm

Red Hat Enterprise Linux Server (v. 7):

Source:
ImageMagick-6.9.10.68-3.el7.src.rpm
emacs-24.3-23.el7.src.rpm
inkscape-0.92.2-3.el7.src.rpm

noarch:
emacs-filesystem-24.3-23.el7.noarch.rpm

ppc64:
ImageMagick-6.9.10.68-3.el7.ppc.rpm
ImageMagick-6.9.10.68-3.el7.ppc64.rpm
ImageMagick-debuginfo-6.9.10.68-3.el7.ppc.rpm
ImageMagick-debuginfo-6.9.10.68-3.el7.ppc64.rpm
ImageMagick-perl-6.9.10.68-3.el7.ppc64.rpm
emacs-24.3-23.el7.ppc64.rpm
emacs-common-24.3-23.el7.ppc64.rpm
emacs-debuginfo-24.3-23.el7.ppc64.rpm
emacs-nox-24.3-23.el7.ppc64.rpm

ppc64le:
ImageMagick-6.9.10.68-3.el7.ppc64le.rpm
ImageMagick-c++-6.9.10.68-3.el7.ppc64le.rpm
ImageMagick-debuginfo-6.9.10.68-3.el7.ppc64le.rpm
ImageMagick-perl-6.9.10.68-3.el7.ppc64le.rpm
emacs-24.3-23.el7.ppc64le.rpm
emacs-common-24.3-23.el7.ppc64le.rpm
emacs-debuginfo-24.3-23.el7.ppc64le.rpm
emacs-nox-24.3-23.el7.ppc64le.rpm
inkscape-0.92.2-3.el7.ppc64le.rpm
inkscape-debuginfo-0.92.2-3.el7.ppc64le.rpm

s390x:
ImageMagick-6.9.10.68-3.el7.s390.rpm
ImageMagick-6.9.10.68-3.el7.s390x.rpm
ImageMagick-debuginfo-6.9.10.68-3.el7.s390.rpm
ImageMagick-debuginfo-6.9.10.68-3.el7.s390x.rpm
ImageMagick-perl-6.9.10.68-3.el7.s390x.rpm
emacs-24.3-23.el7.s390x.rpm
emacs-common-24.3-23.el7.s390x.rpm
emacs-debuginfo-24.3-23.el7.s390x.rpm
emacs-nox-24.3-23.el7.s390x.rpm

x86_64:
ImageMagick-6.9.10.68-3.el7.i686.rpm
ImageMagick-6.9.10.68-3.el7.x86_64.rpm
ImageMagick-c++-6.9.10.68-3.el7.i686.rpm
ImageMagick-c++-6.9.10.68-3.el7.x86_64.rpm
ImageMagick-debuginfo-6.9.10.68-3.el7.i686.rpm
ImageMagick-debuginfo-6.9.10.68-3.el7.x86_64.rpm
ImageMagick-perl-6.9.10.68-3.el7.x86_64.rpm
emacs-24.3-23.el7.x86_64.rpm
emacs-common-24.3-23.el7.x86_64.rpm
emacs-debuginfo-24.3-23.el7.x86_64.rpm
emacs-nox-24.3-23.el7.x86_64.rpm
inkscape-0.92.2-3.el7.x86_64.rpm
inkscape-debuginfo-0.92.2-3.el7.x86_64.rpm

Red Hat Enterprise Linux Server Optional (v. 7):

Source:
autotrace-0.31.1-38.el7.src.rpm
inkscape-0.92.2-3.el7.src.rpm

noarch:
emacs-el-24.3-23.el7.noarch.rpm
emacs-terminal-24.3-23.el7.noarch.rpm

ppc64:
ImageMagick-c++-6.9.10.68-3.el7.ppc.rpm
ImageMagick-c++-6.9.10.68-3.el7.ppc64.rpm
ImageMagick-c++-devel-6.9.10.68-3.el7.ppc.rpm
ImageMagick-c++-devel-6.9.10.68-3.el7.ppc64.rpm
ImageMagick-debuginfo-6.9.10.68-3.el7.ppc.rpm
ImageMagick-debuginfo-6.9.10.68-3.el7.ppc64.rpm
ImageMagick-devel-6.9.10.68-3.el7.ppc.rpm
ImageMagick-devel-6.9.10.68-3.el7.ppc64.rpm
ImageMagick-doc-6.9.10.68-3.el7.ppc64.rpm
autotrace-0.31.1-38.el7.ppc.rpm
autotrace-0.31.1-38.el7.ppc64.rpm
autotrace-debuginfo-0.31.1-38.el7.ppc.rpm
autotrace-debuginfo-0.31.1-38.el7.ppc64.rpm
autotrace-devel-0.31.1-38.el7.ppc.rpm
autotrace-devel-0.31.1-38.el7.ppc64.rpm
inkscape-0.92.2-3.el7.ppc64.rpm
inkscape-debuginfo-0.92.2-3.el7.ppc64.rpm
inkscape-docs-0.92.2-3.el7.ppc64.rpm
inkscape-view-0.92.2-3.el7.ppc64.rpm

ppc64le:
ImageMagick-c++-devel-6.9.10.68-3.el7.ppc64le.rpm
ImageMagick-debuginfo-6.9.10.68-3.el7.ppc64le.rpm
ImageMagick-devel-6.9.10.68-3.el7.ppc64le.rpm
ImageMagick-doc-6.9.10.68-3.el7.ppc64le.rpm
autotrace-0.31.1-38.el7.ppc64le.rpm
autotrace-debuginfo-0.31.1-38.el7.ppc64le.rpm
autotrace-devel-0.31.1-38.el7.ppc64le.rpm
inkscape-debuginfo-0.92.2-3.el7.ppc64le.rpm
inkscape-docs-0.92.2-3.el7.ppc64le.rpm
inkscape-view-0.92.2-3.el7.ppc64le.rpm

s390x:
ImageMagick-c++-6.9.10.68-3.el7.s390.rpm
ImageMagick-c++-6.9.10.68-3.el7.s390x.rpm
ImageMagick-c++-devel-6.9.10.68-3.el7.s390.rpm
ImageMagick-c++-devel-6.9.10.68-3.el7.s390x.rpm
ImageMagick-debuginfo-6.9.10.68-3.el7.s390.rpm
ImageMagick-debuginfo-6.9.10.68-3.el7.s390x.rpm
ImageMagick-devel-6.9.10.68-3.el7.s390.rpm
ImageMagick-devel-6.9.10.68-3.el7.s390x.rpm
ImageMagick-doc-6.9.10.68-3.el7.s390x.rpm
autotrace-0.31.1-38.el7.s390.rpm
autotrace-0.31.1-38.el7.s390x.rpm
autotrace-debuginfo-0.31.1-38.el7.s390.rpm
autotrace-debuginfo-0.31.1-38.el7.s390x.rpm
autotrace-devel-0.31.1-38.el7.s390.rpm
autotrace-devel-0.31.1-38.el7.s390x.rpm
inkscape-0.92.2-3.el7.s390x.rpm
inkscape-debuginfo-0.92.2-3.el7.s390x.rpm
inkscape-docs-0.92.2-3.el7.s390x.rpm
inkscape-view-0.92.2-3.el7.s390x.rpm

x86_64:
ImageMagick-c++-devel-6.9.10.68-3.el7.i686.rpm
ImageMagick-c++-devel-6.9.10.68-3.el7.x86_64.rpm
ImageMagick-debuginfo-6.9.10.68-3.el7.i686.rpm
ImageMagick-debuginfo-6.9.10.68-3.el7.x86_64.rpm
ImageMagick-devel-6.9.10.68-3.el7.i686.rpm
ImageMagick-devel-6.9.10.68-3.el7.x86_64.rpm
ImageMagick-doc-6.9.10.68-3.el7.x86_64.rpm
autotrace-0.31.1-38.el7.i686.rpm
autotrace-0.31.1-38.el7.x86_64.rpm
autotrace-debuginfo-0.31.1-38.el7.i686.rpm
autotrace-debuginfo-0.31.1-38.el7.x86_64.rpm
autotrace-devel-0.31.1-38.el7.i686.rpm
autotrace-devel-0.31.1-38.el7.x86_64.rpm
inkscape-debuginfo-0.92.2-3.el7.x86_64.rpm
inkscape-docs-0.92.2-3.el7.x86_64.rpm
inkscape-view-0.92.2-3.el7.x86_64.rpm

Red Hat Enterprise Linux Workstation (v. 7):

Source:
ImageMagick-6.9.10.68-3.el7.src.rpm
emacs-24.3-23.el7.src.rpm
inkscape-0.92.2-3.el7.src.rpm

noarch:
emacs-filesystem-24.3-23.el7.noarch.rpm

x86_64:
ImageMagick-6.9.10.68-3.el7.i686.rpm
ImageMagick-6.9.10.68-3.el7.x86_64.rpm
ImageMagick-c++-6.9.10.68-3.el7.i686.rpm
ImageMagick-c++-6.9.10.68-3.el7.x86_64.rpm
ImageMagick-debuginfo-6.9.10.68-3.el7.i686.rpm
ImageMagick-debuginfo-6.9.10.68-3.el7.x86_64.rpm
ImageMagick-perl-6.9.10.68-3.el7.x86_64.rpm
emacs-24.3-23.el7.x86_64.rpm
emacs-common-24.3-23.el7.x86_64.rpm
emacs-debuginfo-24.3-23.el7.x86_64.rpm
emacs-nox-24.3-23.el7.x86_64.rpm
inkscape-0.92.2-3.el7.x86_64.rpm
inkscape-debuginfo-0.92.2-3.el7.x86_64.rpm

Red Hat Enterprise Linux Workstation Optional (v. 7):

Source:
autotrace-0.31.1-38.el7.src.rpm

noarch:
emacs-el-24.3-23.el7.noarch.rpm
emacs-terminal-24.3-23.el7.noarch.rpm

x86_64:
ImageMagick-c++-devel-6.9.10.68-3.el7.i686.rpm
ImageMagick-c++-devel-6.9.10.68-3.el7.x86_64.rpm
ImageMagick-debuginfo-6.9.10.68-3.el7.i686.rpm
ImageMagick-debuginfo-6.9.10.68-3.el7.x86_64.rpm
ImageMagick-devel-6.9.10.68-3.el7.i686.rpm
ImageMagick-devel-6.9.10.68-3.el7.x86_64.rpm
ImageMagick-doc-6.9.10.68-3.el7.x86_64.rpm
autotrace-0.31.1-38.el7.i686.rpm
autotrace-0.31.1-38.el7.x86_64.rpm
autotrace-debuginfo-0.31.1-38.el7.i686.rpm
autotrace-debuginfo-0.31.1-38.el7.x86_64.rpm
autotrace-devel-0.31.1-38.el7.i686.rpm
autotrace-devel-0.31.1-38.el7.x86_64.rpm
inkscape-debuginfo-0.92.2-3.el7.x86_64.rpm
inkscape-docs-0.92.2-3.el7.x86_64.rpm
inkscape-view-0.92.2-3.el7.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2017-11166
https://access.redhat.com/security/cve/CVE-2017-12805
https://access.redhat.com/security/cve/CVE-2017-12806
https://access.redhat.com/security/cve/CVE-2017-18251
https://access.redhat.com/security/cve/CVE-2017-18252
https://access.redhat.com/security/cve/CVE-2017-18254
https://access.redhat.com/security/cve/CVE-2017-18271
https://access.redhat.com/security/cve/CVE-2017-18273
https://access.redhat.com/security/cve/CVE-2017-1000476
https://access.redhat.com/security/cve/CVE-2018-8804
https://access.redhat.com/security/cve/CVE-2018-9133
https://access.redhat.com/security/cve/CVE-2018-10177
https://access.redhat.com/security/cve/CVE-2018-10804
https://access.redhat.com/security/cve/CVE-2018-10805
https://access.redhat.com/security/cve/CVE-2018-11656
https://access.redhat.com/security/cve/CVE-2018-12599
https://access.redhat.com/security/cve/CVE-2018-12600
https://access.redhat.com/security/cve/CVE-2018-13153
https://access.redhat.com/security/cve/CVE-2018-14434
https://access.redhat.com/security/cve/CVE-2018-14435
https://access.redhat.com/security/cve/CVE-2018-14436
https://access.redhat.com/security/cve/CVE-2018-14437
https://access.redhat.com/security/cve/CVE-2018-15607
https://access.redhat.com/security/cve/CVE-2018-16328
https://access.redhat.com/security/cve/CVE-2018-16749
https://access.redhat.com/security/cve/CVE-2018-16750
https://access.redhat.com/security/cve/CVE-2018-18544
https://access.redhat.com/security/cve/CVE-2018-20467
https://access.redhat.com/security/cve/CVE-2019-7175
https://access.redhat.com/security/cve/CVE-2019-7397
https://access.redhat.com/security/cve/CVE-2019-7398
https://access.redhat.com/security/cve/CVE-2019-9956
https://access.redhat.com/security/cve/CVE-2019-10131
https://access.redhat.com/security/cve/CVE-2019-10650
https://access.redhat.com/security/cve/CVE-2019-11470
https://access.redhat.com/security/cve/CVE-2019-11472
https://access.redhat.com/security/cve/CVE-2019-11597
https://access.redhat.com/security/cve/CVE-2019-11598
https://access.redhat.com/security/cve/CVE-2019-12974
https://access.redhat.com/security/cve/CVE-2019-12975
https://access.redhat.com/security/cve/CVE-2019-12976
https://access.redhat.com/security/cve/CVE-2019-12978
https://access.redhat.com/security/cve/CVE-2019-12979
https://access.redhat.com/security/cve/CVE-2019-13133
https://access.redhat.com/security/cve/CVE-2019-13134
https://access.redhat.com/security/cve/CVE-2019-13135
https://access.redhat.com/security/cve/CVE-2019-13295
https://access.redhat.com/security/cve/CVE-2019-13297
https://access.redhat.com/security/cve/CVE-2019-13300
https://access.redhat.com/security/cve/CVE-2019-13301
https://access.redhat.com/security/cve/CVE-2019-13304
https://access.redhat.com/security/cve/CVE-2019-13305
https://access.redhat.com/security/cve/CVE-2019-13306
https://access.redhat.com/security/cve/CVE-2019-13307
https://access.redhat.com/security/cve/CVE-2019-13309
https://access.redhat.com/security/cve/CVE-2019-13310
https://access.redhat.com/security/cve/CVE-2019-13311
https://access.redhat.com/security/cve/CVE-2019-13454
https://access.redhat.com/security/cve/CVE-2019-14980
https://access.redhat.com/security/cve/CVE-2019-14981
https://access.redhat.com/security/cve/CVE-2019-15139
https://access.redhat.com/security/cve/CVE-2019-15140
https://access.redhat.com/security/cve/CVE-2019-15141
https://access.redhat.com/security/cve/CVE-2019-16708
https://access.redhat.com/security/cve/CVE-2019-16709
https://access.redhat.com/security/cve/CVE-2019-16710
https://access.redhat.com/security/cve/CVE-2019-16711
https://access.redhat.com/security/cve/CVE-2019-16712
https://access.redhat.com/security/cve/CVE-2019-16713
https://access.redhat.com/security/cve/CVE-2019-17540
https://access.redhat.com/security/cve/CVE-2019-17541
https://access.redhat.com/security/cve/CVE-2019-19948
https://access.redhat.com/security/cve/CVE-2019-19949
https://access.redhat.com/security/updates/classification/#moderate
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.8_release_notes/index

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2020 Red Hat, Inc.
—–BEGIN PGP SIGNATURE—–
Version: GnuPG v1

iQIVAwUBXoOdPNzjgjWX9erEAQgkQw/+LM7Z3kk7JCZaRbvATwBJ9nULIP3sW5W8
tdrJ2sHqjn2kapTfN/uSMSLDtXkJVWsd3HTQ7+c4A4S+oFip+kaf6HonJyrfrxGO
YwJzklVQ6EcU4Latz40D5C11t0g9YfVqQM+udwylzqNpSQ3xxvfRpYB5qe2HAxXP
K2lh/8lU//Xl4+o4waZ3DBV3YljAvEB6a6Mh8KOIgyi+zDFJ4xH/gvlYC2FhzAuG
JFLHJSKAvt+MZFsq4IqdSCB6YgJnTj4tLKNxVSFgx/rKl4psO3zovrX8v6HWIe3M
F2+XZwRv8JDb1nZm3TcirSj9NCSdSQBKR8vkAU/DOBjGDlA7adEIjxLR1bUPjrsD
IZ7aZAEuFWZjVIGizBBdM0y13ER1ikVsNrLf1CzWMifCSqi/7U2j0hzCXefF6vxN
kkrw0jYn0N0neE74iwTjBQvm8wkSRs6VJcmjfna50szdI3JqNwneo11ag+YQXxYh
HwtZKadHCaml11i2Ir+dwkANVrO/Omz8G8iszL3PGVN4P7loxDNLjxr3XIe4FLHQ
BtxxF3LFkfdL2Aq/8L+xewLddMy9th/DJDMRwGZJpkDzumLuK7G6djxNTTa00buh
3HI45kryC4odYuZKNyzjB+8aCKVPROp03mBberA2ej0+ZEFVO/wWTl2490o3V8ji
GT9NXw7ciKE=
=Ca7e
—–END PGP SIGNATURE—–


RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce

AutorToni Vugdelija
Cert idNCERT-REF-2020-04-0001-ADV
CveCERT-CVE-DUMMY
ID izvornikaCERT-ORIGID-DUMMY
ProizvodCERT-DUMMY-PRODUCT
IzvorAdobe
Top
More in Preporuke
Sigurnosni nedostatak programskog paketa advancecomp

Otkriven je sigurnosni nedostatak u programskom paketu advancecomp za operacijski sustav RHEL. Otkriveni nedostatak potencijalnim udaljenim napadačima omogućuje izvršavanje proizvoljnog...

Close