You are here

Home > Preporuke > Sigurnosni nedostaci programskog paketa ImageMagic

Sigurnosni nedostaci programskog paketa ImageMagic

Preporuke

by ncert - 20. rujna 2017.0

Detalji os-a: WN7
Važnost: IMP

——————————————————————————–
Fedora Update Notification
FEDORA-2017-8f27031c8f
2017-09-19 02:41:35.415951
——————————————————————————–

Name : autotrace
Product : Fedora 26
Version : 0.31.1
Release : 49.fc26
URL : http://autotrace.sourceforge.net/
Summary : Utility for converting bitmaps to vector graphics
Description :
AutoTrace is a program for converting bitmaps to vector graphics.

Supported input formats include BMP, TGA, PNM, PPM, and any format
supported by ImageMagick, whereas output can be produced in
Postscript, SVG, xfig, SWF, and others.

——————————————————————————–
Update Information:

Many security fixes, bug fixes, and other changes from the previous version
6.9.3.0. See the [6.9 branch ChangeLog](https://github.com/ImageMagick/ImageMagi
ck/blob/3fd358e2ac34977fda38a2cf4d88a1cb4dd2d7c7/ChangeLog). Dependent packages
are mostly straight rebuilds, a couple also include bugfix version updates.
——————————————————————————–
References:

[ 1 ] Bug #1471837 – CVE-2017-11352 ImageMagick: Improper EOF handling in coders/rle.c can trigger crash (Incomplete fix for CVE-2017-9144) [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1471837
[ 2 ] Bug #1471122 – CVE-2017-10995 ImageMagick: Out-of-bounds heap read in mng_get_long function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1471122
[ 3 ] Bug #1470670 – CVE-2017-11170 ImageMagick: Memory leak in ReadTGAImage function when processing TGA or VST file [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1470670
[ 4 ] Bug #1465064 – CVE-2017-7941 CVE-2017-7942 CVE-2017-7943 CVE-2017-8352 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1465064
[ 5 ] Bug #1455602 – CVE-2017-9141 CVE-2017-9142 CVE-2017-9143 CVE-2017-9144 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1455602
[ 6 ] Bug #1453125 – CVE-2017-9098 ImageMagick: use of uninitialized memory in RLE decoder [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1453125
[ 7 ] Bug #1413898 – CVE-2016-9556 CVE-2016-9559 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1413898
[ 8 ] Bug #1408404 – CVE-2016-8707 ImageMagick: OOB write in convert utility when deflating TIFF files [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1408404
[ 9 ] Bug #1483575 – CVE-2017-12587 ImageMagick: Resource exhaustion in ReadPWPImage function in coders\pwp.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1483575
[ 10 ] Bug #1299275 – ImageMagick-7.0.6-9 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1299275
[ 11 ] Bug #1483132 – CVE-2017-12433 CVE-2017-12434 CVE-2017-12435 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1483132
[ 12 ] Bug #1483117 – CVE-2017-12640 CVE-2017-12641 CVE-2017-12642 CVE-2017-12643 CVE-2017-12644 CVE-2017-12654 CVE-2017-12662 CVE-2017-12663 CVE-2017-12664 CVE-2017-12665 CVE-2017-12666 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1483117
[ 13 ] Bug #1482655 – CVE-2017-12427 CVE-2017-12428 CVE-2017-12429 CVE-2017-12430 CVE-2017-12432 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1482655
[ 14 ] Bug #1482626 – CVE-2017-12418 ImageMagick: Memory leaks in the parse8BIMW and format8BIM functions in coders/meta.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1482626
[ 15 ] Bug #1350462 – CVE-2016-5841 CVE-2016-5842 imagemagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1350462
[ 16 ] Bug #1361494 – CVE-2016-6491 ImageMagick: Out-of-bounds read in CopyMagickMemory [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1361494
[ 17 ] Bug #1378790 – CVE-2014-9907 CVE-2015-8957 CCVE-2015-8958 CVE-2015-8959 CVE-2016-6823 CVE-2016-7101 CVE-2016-7513 CVE-2016-7514 CVE-2016-7515 CVE-2016-7516 CVE-2016-7517 CVE-2016-7518 CVE-2016-7519 CVE-2016-7520 CVE-2016-7521 … ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1378790
[ 18 ] Bug #1361578 – CVE-2016-5010 ImageMagick: Out-of-bounds read when processing crafted tiff file [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1361578
[ 19 ] Bug #1477566 – CVE-2017-12140 ImageMagick: integer signedness error in ReadDCMImage function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1477566
[ 20 ] Bug #1477070 – CVE-2017-11724 CVE-2017-11750 CVE-2017-11751 CVE-2017-11752 CVE-2017-11753 CVE-2017-11754 CVE-2017-11755 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1477070
[ 21 ] Bug #1475486 – CVE-2017-11644 ImageMagick: Memory-Leak in ReadMATImage() coders/mat.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1475486
[ 22 ] Bug #1475471 – CVE-2017-11639 ImageMagick: heap-based buffer over-read in the WriteCIPImage() function in coders/cip.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1475471
[ 23 ] Bug #1475464 – CVE-2017-11640 ImageMagick: NULL pointer dereference in WritePTIFImage() in coders/tiff.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1475464
[ 24 ] Bug #1474846 – CVE-2017-11523 ImageMagick: Endless loop in ReadTXTImage function in coders/txt.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1474846
[ 25 ] Bug #1474420 – CVE-2017-11446 CVE-2017-11478 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1474420
[ 26 ] Bug #1473848 – CVE-2017-11360 ImageMagick: Resource exhaustion in ReadRLEImage function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473848
[ 27 ] Bug #1473825 – CVE-2017-11188 ImageMagick: Resource exhaustion in ReadDPXImage function in coders\dpx.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473825
[ 28 ] Bug #1473802 – CVE-2017-11448 ImageMagick: Info leak from from uninitialized memory in ReadJPEGImage function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473802
[ 29 ] Bug #1473799 – CVE-2017-11447 ImageMagick: Memory leak in ReadSCREENSHOTImage function in coders/screenshot.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473799
[ 30 ] Bug #1473797 – CVE-2017-11449 ImageMagick: coders/mpc.c don’t validade blob sizes of stdin image input [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473797
[ 31 ] Bug #1473775 – CVE-2017-11450 ImageMagick: Too short JPEG data causes denial of service in coders/jpeg.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473775
[ 32 ] Bug #1473758 – CVE-2017-11141 ImageMagick: Memory exhaustion in ReadMATImage function in coders\mat.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473758
[ 33 ] Bug #1473719 – CVE-2017-10928 ImageMagick: heap-based buffer over-read in the GetNextToken function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473719
[ 34 ] Bug #1410515 – ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1410515
[ 35 ] Bug #1479313 – synfigstudio doesn’t start
https://bugzilla.redhat.com/show_bug.cgi?id=1479313
——————————————————————————–

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade autotrace’ at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

——————————————————————————–
Fedora Update Notification
FEDORA-2017-8f27031c8f
2017-09-19 02:41:35.415951
——————————————————————————–

Name : converseen
Product : Fedora 26
Version : 0.9.6.2
Release : 3.fc26
URL : http://converseen.sf.net/
Summary : A batch image conversion tool written in C++ with Qt5 and Magick++
Description :
Converseen is a batch image conversion tool and resizer written in C++ with Qt5
and Magick++. Converseen allows you to convert images in more than 100
different formats!

——————————————————————————–
Update Information:

Many security fixes, bug fixes, and other changes from the previous version
6.9.3.0. See the [6.9 branch ChangeLog](https://github.com/ImageMagick/ImageMagi
ck/blob/3fd358e2ac34977fda38a2cf4d88a1cb4dd2d7c7/ChangeLog). Dependent packages
are mostly straight rebuilds, a couple also include bugfix version updates.
——————————————————————————–
References:

[ 1 ] Bug #1471837 – CVE-2017-11352 ImageMagick: Improper EOF handling in coders/rle.c can trigger crash (Incomplete fix for CVE-2017-9144) [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1471837
[ 2 ] Bug #1471122 – CVE-2017-10995 ImageMagick: Out-of-bounds heap read in mng_get_long function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1471122
[ 3 ] Bug #1470670 – CVE-2017-11170 ImageMagick: Memory leak in ReadTGAImage function when processing TGA or VST file [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1470670
[ 4 ] Bug #1465064 – CVE-2017-7941 CVE-2017-7942 CVE-2017-7943 CVE-2017-8352 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1465064
[ 5 ] Bug #1455602 – CVE-2017-9141 CVE-2017-9142 CVE-2017-9143 CVE-2017-9144 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1455602
[ 6 ] Bug #1453125 – CVE-2017-9098 ImageMagick: use of uninitialized memory in RLE decoder [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1453125
[ 7 ] Bug #1413898 – CVE-2016-9556 CVE-2016-9559 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1413898
[ 8 ] Bug #1408404 – CVE-2016-8707 ImageMagick: OOB write in convert utility when deflating TIFF files [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1408404
[ 9 ] Bug #1483575 – CVE-2017-12587 ImageMagick: Resource exhaustion in ReadPWPImage function in coders\pwp.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1483575
[ 10 ] Bug #1299275 – ImageMagick-7.0.6-9 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1299275
[ 11 ] Bug #1483132 – CVE-2017-12433 CVE-2017-12434 CVE-2017-12435 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1483132
[ 12 ] Bug #1483117 – CVE-2017-12640 CVE-2017-12641 CVE-2017-12642 CVE-2017-12643 CVE-2017-12644 CVE-2017-12654 CVE-2017-12662 CVE-2017-12663 CVE-2017-12664 CVE-2017-12665 CVE-2017-12666 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1483117
[ 13 ] Bug #1482655 – CVE-2017-12427 CVE-2017-12428 CVE-2017-12429 CVE-2017-12430 CVE-2017-12432 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1482655
[ 14 ] Bug #1482626 – CVE-2017-12418 ImageMagick: Memory leaks in the parse8BIMW and format8BIM functions in coders/meta.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1482626
[ 15 ] Bug #1350462 – CVE-2016-5841 CVE-2016-5842 imagemagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1350462
[ 16 ] Bug #1361494 – CVE-2016-6491 ImageMagick: Out-of-bounds read in CopyMagickMemory [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1361494
[ 17 ] Bug #1378790 – CVE-2014-9907 CVE-2015-8957 CVE-2015-8958 CVE-2015-8959 CVE-2016-6823 CVE-2016-7101 CVE-2016-7513 CVE-2016-7514 CVE-2016-7515 CVE-2016-7516 CVE-2016-7517 CVE-2016-7518 CVE-2016-7519 CVE-2016-7520 CVE-2016-7521 … ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1378790
[ 18 ] Bug #1361578 – CVE-2016-5010 ImageMagick: Out-of-bounds read when processing crafted tiff file [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1361578
[ 19 ] Bug #1477566 – CVE-2017-12140 ImageMagick: integer signedness error in ReadDCMImage function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1477566
[ 20 ] Bug #1477070 – CVE-2017-11724 CVE-2017-11750 CVE-2017-11751 CVE-2017-11752 CVE-2017-11753 CVE-2017-11754 CVE-2017-11755 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1477070
[ 21 ] Bug #1475486 – CVE-2017-11644 ImageMagick: Memory-Leak in ReadMATImage() coders/mat.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1475486
[ 22 ] Bug #1475471 – CVE-2017-11639 ImageMagick: heap-based buffer over-read in the WriteCIPImage() function in coders/cip.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1475471
[ 23 ] Bug #1475464 – CVE-2017-11640 ImageMagick: NULL pointer dereference in WritePTIFImage() in coders/tiff.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1475464
[ 24 ] Bug #1474846 – CVE-2017-11523 ImageMagick: Endless loop in ReadTXTImage function in coders/txt.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1474846
[ 25 ] Bug #1474420 – CVE-2017-11446 CVE-2017-11478 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1474420
[ 26 ] Bug #1473848 – CVE-2017-11360 ImageMagick: Resource exhaustion in ReadRLEImage function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473848
[ 27 ] Bug #1473825 – CVE-2017-11188 ImageMagick: Resource exhaustion in ReadDPXImage function in coders\dpx.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473825
[ 28 ] Bug #1473802 – CVE-2017-11448 ImageMagick: Info leak from from uninitialized memory in ReadJPEGImage function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473802
[ 29 ] Bug #1473799 – CVE-2017-11447 ImageMagick: Memory leak in ReadSCREENSHOTImage function in coders/screenshot.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473799
[ 30 ] Bug #1473797 – CVE-2017-11449 ImageMagick: coders/mpc.c don’t validade blob sizes of stdin image input [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473797
[ 31 ] Bug #1473775 – CVE-2017-11450 ImageMagick: Too short JPEG data causes denial of service in coders/jpeg.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473775
[ 32 ] Bug #1473758 – CVE-2017-11141 ImageMagick: Memory exhaustion in ReadMATImage function in coders\mat.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473758
[ 33 ] Bug #1473719 – CVE-2017-10928 ImageMagick: heap-based buffer over-read in the GetNextToken function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473719
[ 34 ] Bug #1410515 – ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1410515
[ 35 ] Bug #1479313 – synfigstudio doesn’t start
https://bugzilla.redhat.com/show_bug.cgi?id=1479313
——————————————————————————–

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade converseen’ at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

——————————————————————————–
Fedora Update Notification
FEDORA-2017-8f27031c8f
2017-09-19 02:41:35.415951
——————————————————————————–

Name : dmtx-utils
Product : Fedora 26
Version : 0.7.4
Release : 4.fc26
URL : http://libdmtx.sourceforge.net/
Summary : Tools for working with Data Matrix 2D bar-codes
Description :
libdmtx is open source software for reading and writing Data Matrix 2D
bar-codes on Linux, Unix, OS X, Windows, and mobile devices. At its core
libdmtx is a shared library, allowing C/C++ programs to use its capabilities
without restrictions or overhead.

The included utility programs, dmtxread and dmtxwrite, provide the official
interface to libdmtx from the command line, and also serve as a good reference
for programmers who wish to write their own programs that interact with
libdmtx.

——————————————————————————–
Update Information:

Many security fixes, bug fixes, and other changes from the previous version
6.9.3.0. See the [6.9 branch ChangeLog](https://github.com/ImageMagick/ImageMagi
ck/blob/3fd358e2ac34977fda38a2cf4d88a1cb4dd2d7c7/ChangeLog). Dependent packages
are mostly straight rebuilds, a couple also include bugfix version updates.
——————————————————————————–
References:

[ 1 ] Bug #1471837 – CVE-2017-11352 ImageMagick: Improper EOF handling in coders/rle.c can trigger crash (Incomplete fix for CVE-2017-9144) [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1471837
[ 2 ] Bug #1471122 – CVE-2017-10995 ImageMagick: Out-of-bounds heap read in mng_get_long function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1471122
[ 3 ] Bug #1470670 – CVE-2017-11170 ImageMagick: Memory leak in ReadTGAImage function when processing TGA or VST file [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1470670
[ 4 ] Bug #1465064 – CVE-2017-7941 CVE-2017-7942 CVE-2017-7943 CVE-2017-8352 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1465064
[ 5 ] Bug #1455602 – CVE-2017-9141 CVE-2017-9142 CVE-2017-9143 CVE-2017-9144 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1455602
[ 6 ] Bug #1453125 – CVE-2017-9098 ImageMagick: use of uninitialized memory in RLE decoder [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1453125
[ 7 ] Bug #1413898 – CVE-2016-9556 CVE-2016-9559 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1413898
[ 8 ] Bug #1408404 – CVE-2016-8707 ImageMagick: OOB write in convert utility when deflating TIFF files [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1408404
[ 9 ] Bug #1483575 – CVE-2017-12587 ImageMagick: Resource exhaustion in ReadPWPImage function in coders\pwp.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1483575
[ 10 ] Bug #1299275 – ImageMagick-7.0.6-9 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1299275
[ 11 ] Bug #1483132 – CVE-2017-12433 CVE-2017-12434 CVE-2017-12435 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1483132
[ 12 ] Bug #1483117 – CVE-2017-12640 CVE-2017-12641 CVE-2017-12642 CVE-2017-12643 CVE-2017-12644 CVE-2017-12654 CVE-2017-12662 CVE-2017-12663 CVE-2017-12664 CVE-2017-12665 CVE-2017-12666 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1483117
[ 13 ] Bug #1482655 – CVE-2017-12427 CVE-2017-12428 CVE-2017-12429 CVE-2017-12430 CVE-2017-12432 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1482655
[ 14 ] Bug #1482626 – CVE-2017-12418 ImageMagick: Memory leaks in the parse8BIMW and format8BIM functions in coders/meta.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1482626
[ 15 ] Bug #1350462 – CVE-2016-5841 CVE-2016-5842 imagemagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1350462
[ 16 ] Bug #1361494 – CVE-2016-6491 ImageMagick: Out-of-bounds read in CopyMagickMemory [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1361494
[ 17 ] Bug #1378790 – CVE-2014-9907 CVE-2015-8957 CVE-2015-8958 CVE-2015-8959 CVE-2016-6823 CVE-2016-7101 CVE-2016-7513 CVE-2016-7514 CVE-2016-7515 CVE-2016-7516 CVE-2016-7517 CVE-2016-7518 CVE-2016-7519 CVE-2016-7520 CVE-2016-7521 … ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1378790
[ 18 ] Bug #1361578 – CVE-2016-5010 ImageMagick: Out-of-bounds read when processing crafted tiff file [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1361578
[ 19 ] Bug #1477566 – CVE-2017-12140 ImageMagick: integer signedness error in ReadDCMImage function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1477566
[ 20 ] Bug #1477070 – CVE-2017-11724 CVE-2017-11750 CVE-2017-11751 CVE-2017-11752 CVE-2017-11753 CVE-2017-11754 CVE-2017-11755 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1477070
[ 21 ] Bug #1475486 – CVE-2017-11644 ImageMagick: Memory-Leak in ReadMATImage() coders/mat.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1475486
[ 22 ] Bug #1475471 – CVE-2017-11639 ImageMagick: heap-based buffer over-read in the WriteCIPImage() function in coders/cip.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1475471
[ 23 ] Bug #1475464 – CVE-2017-11640 ImageMagick: NULL pointer dereference in WritePTIFImage() in coders/tiff.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1475464
[ 24 ] Bug #1474846 – CVE-2017-11523 ImageMagick: Endless loop in ReadTXTImage function in coders/txt.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1474846
[ 25 ] Bug #1474420 – CVE-2017-11446 CVE-2017-11478 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1474420
[ 26 ] Bug #1473848 – CVE-2017-11360 ImageMagick: Resource exhaustion in ReadRLEImage function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473848
[ 27 ] Bug #1473825 – CVE-2017-11188 ImageMagick: Resource exhaustion in ReadDPXImage function in coders\dpx.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473825
[ 28 ] Bug #1473802 – CVE-2017-11448 ImageMagick: Info leak from from uninitialized memory in ReadJPEGImage function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473802
[ 29 ] Bug #1473799 – CVE-2017-11447 ImageMagick: Memory leak in ReadSCREENSHOTImage function in coders/screenshot.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473799
[ 30 ] Bug #1473797 – CVE-2017-11449 ImageMagick: coders/mpc.c don’t validade blob sizes of stdin image input [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473797
[ 31 ] Bug #1473775 – CVE-2017-11450 ImageMagick: Too short JPEG data causes denial of service in coders/jpeg.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473775
[ 32 ] Bug #1473758 – CVE-2017-11141 ImageMagick: Memory exhaustion in ReadMATImage function in coders\mat.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473758
[ 33 ] Bug #1473719 – CVE-2017-10928 ImageMagick: heap-based buffer over-read in the GetNextToken function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473719
[ 34 ] Bug #1410515 – ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1410515
[ 35 ] Bug #1479313 – synfigstudio doesn’t start
https://bugzilla.redhat.com/show_bug.cgi?id=1479313
——————————————————————————–

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade dmtx-utils’ at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

——————————————————————————–
Fedora Update Notification
FEDORA-2017-8f27031c8f
2017-09-19 02:41:35.415951
——————————————————————————–

Name : drawtiming
Product : Fedora 26
Version : 0.7.1
Release : 22.fc26
URL : http://drawtiming.sourceforge.net
Summary : A command line tool for generating timing diagrams
Description :
A command line tool for generating timing diagrams from
ASCII input files. The input files use a structured language
to represent signal state transitions and interdependencies.
Raster image output support is provided by ImageMagick.

It can be used for VHDL or verilog presentations.

——————————————————————————–
Update Information:

Many security fixes, bug fixes, and other changes from the previous version
6.9.3.0. See the [6.9 branch ChangeLog](https://github.com/ImageMagick/ImageMagi
ck/blob/3fd358e2ac34977fda38a2cf4d88a1cb4dd2d7c7/ChangeLog). Dependent packages
are mostly straight rebuilds, a couple also include bugfix version updates.
——————————————————————————–
References:

[ 1 ] Bug #1471837 – CVE-2017-11352 ImageMagick: Improper EOF handling in coders/rle.c can trigger crash (Incomplete fix for CVE-2017-9144) [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1471837
[ 2 ] Bug #1471122 – CVE-2017-10995 ImageMagick: Out-of-bounds heap read in mng_get_long function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1471122
[ 3 ] Bug #1470670 – CVE-2017-11170 ImageMagick: Memory leak in ReadTGAImage function when processing TGA or VST file [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1470670
[ 4 ] Bug #1465064 – CVE-2017-7941 CVE-2017-7942 CVE-2017-7943 CVE-2017-8352 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1465064
[ 5 ] Bug #1455602 – CVE-2017-9141 CVE-2017-9142 CVE-2017-9143 CVE-2017-9144 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1455602
[ 6 ] Bug #1453125 – CVE-2017-9098 ImageMagick: use of uninitialized memory in RLE decoder [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1453125
[ 7 ] Bug #1413898 – CVE-2016-9556 CVE-2016-9559 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1413898
[ 8 ] Bug #1408404 – CVE-2016-8707 ImageMagick: OOB write in convert utility when deflating TIFF files [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1408404
[ 9 ] Bug #1483575 – CVE-2017-12587 ImageMagick: Resource exhaustion in ReadPWPImage function in coders\pwp.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1483575
[ 10 ] Bug #1299275 – ImageMagick-7.0.6-9 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1299275
[ 11 ] Bug #1483132 – CVE-2017-12433 CVE-2017-12434 CVE-2017-12435 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1483132
[ 12 ] Bug #1483117 – CVE-2017-12640 CVE-2017-12641 CVE-2017-12642 CVE-2017-12643 CVE-2017-12644 CVE-2017-12654 CVE-2017-12662 CVE-2017-12663 CVE-2017-12664 CVE-2017-12665 CVE-2017-12666 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1483117
[ 13 ] Bug #1482655 – CVE-2017-12427 CVE-2017-12428 CVE-2017-12429 CVE-2017-12430 CVE-2017-12432 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1482655
[ 14 ] Bug #1482626 – CVE-2017-12418 ImageMagick: Memory leaks in the parse8BIMW and format8BIM functions in coders/meta.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1482626
[ 15 ] Bug #1350462 – CVE-2016-5841 CVE-2016-5842 imagemagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1350462
[ 16 ] Bug #1361494 – CVE-2016-6491 ImageMagick: Out-of-bounds read in CopyMagickMemory [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1361494
[ 17 ] Bug #1378790 – CVE-2014-9907 CVE-2015-8957 CVE-2015-8958 CVE-2015-8959 CVE-2016-6823 CVE-2016-7101 CVE-2016-7513 CVE-2016-7514 CVE-2016-7515 CVE-2016-7516 CVE-2016-7517 CVE-2016-7518 CVE-2016-7519 CVE-2016-7520 CVE-2016-7521 … ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1378790
[ 18 ] Bug #1361578 – CVE-2016-5010 ImageMagick: Out-of-bounds read when processing crafted tiff file [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1361578
[ 19 ] Bug #1477566 – CVE-2017-12140 ImageMagick: integer signedness error in ReadDCMImage function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1477566
[ 20 ] Bug #1477070 – CVE-2017-11724 CVE-2017-11750 CVE-2017-11751 CVE-2017-11752 CVE-2017-11753 CVE-2017-11754 CVE-2017-11755 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1477070
[ 21 ] Bug #1475486 – CVE-2017-11644 ImageMagick: Memory-Leak in ReadMATImage() coders/mat.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1475486
[ 22 ] Bug #1475471 – CVE-2017-11639 ImageMagick: heap-based buffer over-read in the WriteCIPImage() function in coders/cip.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1475471
[ 23 ] Bug #1475464 – CVE-2017-11640 ImageMagick: NULL pointer dereference in WritePTIFImage() in coders/tiff.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1475464
[ 24 ] Bug #1474846 – CVE-2017-11523 ImageMagick: Endless loop in ReadTXTImage function in coders/txt.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1474846
[ 25 ] Bug #1474420 – CVE-2017-11446 CVE-2017-11478 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1474420
[ 26 ] Bug #1473848 – CVE-2017-11360 ImageMagick: Resource exhaustion in ReadRLEImage function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473848
[ 27 ] Bug #1473825 – CVE-2017-11188 ImageMagick: Resource exhaustion in ReadDPXImage function in coders\dpx.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473825
[ 28 ] Bug #1473802 – CVE-2017-11448 ImageMagick: Info leak from from uninitialized memory in ReadJPEGImage function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473802
[ 29 ] Bug #1473799 – CVE-2017-11447 ImageMagick: Memory leak in ReadSCREENSHOTImage function in coders/screenshot.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473799
[ 30 ] Bug #1473797 – CVE-2017-11449 ImageMagick: coders/mpc.c don’t validade blob sizes of stdin image input [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473797
[ 31 ] Bug #1473775 – CVE-2017-11450 ImageMagick: Too short JPEG data causes denial of service in coders/jpeg.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473775
[ 32 ] Bug #1473758 – CVE-2017-11141 ImageMagick: Memory exhaustion in ReadMATImage function in coders\mat.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473758
[ 33 ] Bug #1473719 – CVE-2017-10928 ImageMagick: heap-based buffer over-read in the GetNextToken function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473719
[ 34 ] Bug #1410515 – ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1410515
[ 35 ] Bug #1479313 – synfigstudio doesn’t start
https://bugzilla.redhat.com/show_bug.cgi?id=1479313
——————————————————————————–

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade drawtiming’ at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

——————————————————————————–
Fedora Update Notification
FEDORA-2017-8f27031c8f
2017-09-19 02:41:35.415951
——————————————————————————–

Name : emacs
Product : Fedora 26
Version : 25.3
Release : 3.fc26
URL : http://www.gnu.org/software/emacs/
Summary : GNU Emacs text editor
Description :
Emacs is a powerful, customizable, self-documenting, modeless text
editor. Emacs contains special code editing features, a scripting
language (elisp), and the capability to read mail, news, and more
without leaving the editor.

This package provides an emacs binary with support for X windows.

——————————————————————————–
Update Information:

Many security fixes, bug fixes, and other changes from the previous version
6.9.3.0. See the [6.9 branch ChangeLog](https://github.com/ImageMagick/ImageMagi
ck/blob/3fd358e2ac34977fda38a2cf4d88a1cb4dd2d7c7/ChangeLog). Dependent packages
are mostly straight rebuilds, a couple also include bugfix version updates.
——————————————————————————–
References:

[ 1 ] Bug #1471837 – CVE-2017-11352 ImageMagick: Improper EOF handling in coders/rle.c can trigger crash (Incomplete fix for CVE-2017-9144) [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1471837
[ 2 ] Bug #1471122 – CVE-2017-10995 ImageMagick: Out-of-bounds heap read in mng_get_long function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1471122
[ 3 ] Bug #1470670 – CVE-2017-11170 ImageMagick: Memory leak in ReadTGAImage function when processing TGA or VST file [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1470670
[ 4 ] Bug #1465064 – CVE-2017-7941 CVE-2017-7942 CVE-2017-7943 CVE-2017-8352 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1465064
[ 5 ] Bug #1455602 – CVE-2017-9141 CVE-2017-9142 CVE-2017-9143 CVE-2017-9144 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1455602
[ 6 ] Bug #1453125 – CVE-2017-9098 ImageMagick: use of uninitialized memory in RLE decoder [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1453125
[ 7 ] Bug #1413898 – CVE-2016-9556 CVE-2016-9559 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1413898
[ 8 ] Bug #1408404 – CVE-2016-8707 ImageMagick: OOB write in convert utility when deflating TIFF files [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1408404
[ 9 ] Bug #1483575 – CVE-2017-12587 ImageMagick: Resource exhaustion in ReadPWPImage function in coders\pwp.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1483575
[ 10 ] Bug #1299275 – ImageMagick-7.0.6-9 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1299275
[ 11 ] Bug #1483132 – CVE-2017-12433 CVE-2017-12434 CVE-2017-12435 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1483132
[ 12 ] Bug #1483117 – CVE-2017-12640 CVE-2017-12641 CVE-2017-12642 CVE-2017-12643 CVE-2017-12644 CVE-2017-12654 CVE-2017-12662 CVE-2017-12663 CVE-2017-12664 CVE-2017-12665 CVE-2017-12666 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1483117
[ 13 ] Bug #1482655 – CVE-2017-12427 CVE-2017-12428 CVE-2017-12429 CVE-2017-12430 CVE-2017-12432 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1482655
[ 14 ] Bug #1482626 – CVE-2017-12418 ImageMagick: Memory leaks in the parse8BIMW and format8BIM functions in coders/meta.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1482626
[ 15 ] Bug #1350462 – CVE-2016-5841 CVE-2016-5842 imagemagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1350462
[ 16 ] Bug #1361494 – CVE-2016-6491 ImageMagick: Out-of-bounds read in CopyMagickMemory [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1361494
[ 17 ] Bug #1378790 – CVE-2014-9907 CVE-2015-8957 CVE-2015-8958 CVE-2015-8959 CVE-2016-6823 CVE-2016-7101 CVE-2016-7513 CVE-2016-7514 CVE-2016-7515 CVE-2016-7516 CVE-2016-7517 CVE-2016-7518 CVE-2016-7519 CVE-2016-7520 CVE-2016-7521 … ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1378790
[ 18 ] Bug #1361578 – CVE-2016-5010 ImageMagick: Out-of-bounds read when processing crafted tiff file [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1361578
[ 19 ] Bug #1477566 – CVE-2017-12140 ImageMagick: integer signedness error in ReadDCMImage function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1477566
[ 20 ] Bug #1477070 – CVE-2017-11724 CVE-2017-11750 CVE-2017-11751 CVE-2017-11752 CVE-2017-11753 CVE-2017-11754 CVE-2017-11755 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1477070
[ 21 ] Bug #1475486 – CVE-2017-11644 ImageMagick: Memory-Leak in ReadMATImage() coders/mat.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1475486
[ 22 ] Bug #1475471 – CVE-2017-11639 ImageMagick: heap-based buffer over-read in the WriteCIPImage() function in coders/cip.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1475471
[ 23 ] Bug #1475464 – CVE-2017-11640 ImageMagick: NULL pointer dereference in WritePTIFImage() in coders/tiff.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1475464
[ 24 ] Bug #1474846 – CVE-2017-11523 ImageMagick: Endless loop in ReadTXTImage function in coders/txt.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1474846
[ 25 ] Bug #1474420 – CVE-2017-11446 CVE-2017-11478 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1474420
[ 26 ] Bug #1473848 – CVE-2017-11360 ImageMagick: Resource exhaustion in ReadRLEImage function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473848
[ 27 ] Bug #1473825 – CVE-2017-11188 ImageMagick: Resource exhaustion in ReadDPXImage function in coders\dpx.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473825
[ 28 ] Bug #1473802 – CVE-2017-11448 ImageMagick: Info leak from from uninitialized memory in ReadJPEGImage function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473802
[ 29 ] Bug #1473799 – CVE-2017-11447 ImageMagick: Memory leak in ReadSCREENSHOTImage function in coders/screenshot.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473799
[ 30 ] Bug #1473797 – CVE-2017-11449 ImageMagick: coders/mpc.c don’t validade blob sizes of stdin image input [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473797
[ 31 ] Bug #1473775 – CVE-2017-11450 ImageMagick: Too short JPEG data causes denial of service in coders/jpeg.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473775
[ 32 ] Bug #1473758 – CVE-2017-11141 ImageMagick: Memory exhaustion in ReadMATImage function in coders\mat.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473758
[ 33 ] Bug #1473719 – CVE-2017-10928 ImageMagick: heap-based buffer over-read in the GetNextToken function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473719
[ 34 ] Bug #1410515 – ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1410515
[ 35 ] Bug #1479313 – synfigstudio doesn’t start
https://bugzilla.redhat.com/show_bug.cgi?id=1479313
——————————————————————————–

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade emacs’ at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

——————————————————————————–
Fedora Update Notification
FEDORA-2017-8f27031c8f
2017-09-19 02:41:35.415951
——————————————————————————–

Name : gtatool
Product : Fedora 26
Version : 2.2.0
Release : 6.fc26
URL : http://gta.nongnu.org/gtatool.html
Summary : Commandline tool to manipulate GTAs
Description :
Gtatool is a command line tool to manipulate GTAs.

It provides a set of commands that manipulate GTAs on various levels:
array element components, array dimensions, whole arrays, and streams of arrays.
For example, you can add components to array elements, merge separate arrays
into combined arrays in different ways, apply global transformations to array
data, reorder the array data, and much more.

Additionally, gtatool can import from and export to many other file formats, see
the sub-packages!

——————————————————————————–
Update Information:

Many security fixes, bug fixes, and other changes from the previous version
6.9.3.0. See the [6.9 branch ChangeLog](https://github.com/ImageMagick/ImageMagi
ck/blob/3fd358e2ac34977fda38a2cf4d88a1cb4dd2d7c7/ChangeLog). Dependent packages
are mostly straight rebuilds, a couple also include bugfix version updates.
——————————————————————————–
References:

[ 1 ] Bug #1471837 – CVE-2017-11352 ImageMagick: Improper EOF handling in coders/rle.c can trigger crash (Incomplete fix for CVE-2017-9144) [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1471837
[ 2 ] Bug #1471122 – CVE-2017-10995 ImageMagick: Out-of-bounds heap read in mng_get_long function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1471122
[ 3 ] Bug #1470670 – CVE-2017-11170 ImageMagick: Memory leak in ReadTGAImage function when processing TGA or VST file [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1470670
[ 4 ] Bug #1465064 – CVE-2017-7941 CVE-2017-7942 CVE-2017-7943 CVE-2017-8352 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1465064
[ 5 ] Bug #1455602 – CVE-2017-9141 CVE-2017-9142 CVE-2017-9143 CVE-2017-9144 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1455602
[ 6 ] Bug #1453125 – CVE-2017-9098 ImageMagick: use of uninitialized memory in RLE decoder [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1453125
[ 7 ] Bug #1413898 – CVE-2016-9556 CVE-2016-9559 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1413898
[ 8 ] Bug #1408404 – CVE-2016-8707 ImageMagick: OOB write in convert utility when deflating TIFF files [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1408404
[ 9 ] Bug #1483575 – CVE-2017-12587 ImageMagick: Resource exhaustion in ReadPWPImage function in coders\pwp.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1483575
[ 10 ] Bug #1299275 – ImageMagick-7.0.6-9 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1299275
[ 11 ] Bug #1483132 – CVE-2017-12433 CVE-2017-12434 CVE-2017-12435 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1483132
[ 12 ] Bug #1483117 – CVE-2017-12640 CVE-2017-12641 CVE-2017-12642 CVE-2017-12643 CVE-2017-12644 CVE-2017-12654 CVE-2017-12662 CVE-2017-12663 CVE-2017-12664 CVE-2017-12665 CVE-2017-12666 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1483117
[ 13 ] Bug #1482655 – CVE-2017-12427 CVE-2017-12428 CVE-2017-12429 CVE-2017-12430 CVE-2017-12432 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1482655
[ 14 ] Bug #1482626 – CVE-2017-12418 ImageMagick: Memory leaks in the parse8BIMW and format8BIM functions in coders/meta.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1482626
[ 15 ] Bug #1350462 – CVE-2016-5841 CVE-2016-5842 imagemagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1350462
[ 16 ] Bug #1361494 – CVE-2016-6491 ImageMagick: Out-of-bounds read in CopyMagickMemory [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1361494
[ 17 ] Bug #1378790 – CVE-2014-9907 CVE-2015-8957 CVE-2015-8958 CVE-2015-8959 CVE-2016-6823 CVE-2016-7101 CVE-2016-7513 CVE-2016-7514 CVE-2016-7515 CVE-2016-7516 CVE-2016-7517 CVE-2016-7518 CVE-2016-7519 CVE-2016-7520 CVE-2016-7521 … ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1378790
[ 18 ] Bug #1361578 – CVE-2016-5010 ImageMagick: Out-of-bounds read when processing crafted tiff file [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1361578
[ 19 ] Bug #1477566 – CVE-2017-12140 ImageMagick: integer signedness error in ReadDCMImage function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1477566
[ 20 ] Bug #1477070 – CVE-2017-11724 CVE-2017-11750 CVE-2017-11751 CVE-2017-11752 CVE-2017-11753 CVE-2017-11754 CVE-2017-11755 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1477070
[ 21 ] Bug #1475486 – CVE-2017-11644 ImageMagick: Memory-Leak in ReadMATImage() coders/mat.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1475486
[ 22 ] Bug #1475471 – CVE-2017-11639 ImageMagick: heap-based buffer over-read in the WriteCIPImage() function in coders/cip.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1475471
[ 23 ] Bug #1475464 – CVE-2017-11640 ImageMagick: NULL pointer dereference in WritePTIFImage() in coders/tiff.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1475464
[ 24 ] Bug #1474846 – CVE-2017-11523 ImageMagick: Endless loop in ReadTXTImage function in coders/txt.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1474846
[ 25 ] Bug #1474420 – CVE-2017-11446 CVE-2017-11478 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1474420
[ 26 ] Bug #1473848 – CVE-2017-11360 ImageMagick: Resource exhaustion in ReadRLEImage function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473848
[ 27 ] Bug #1473825 – CVE-2017-11188 ImageMagick: Resource exhaustion in ReadDPXImage function in coders\dpx.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473825
[ 28 ] Bug #1473802 – CVE-2017-11448 ImageMagick: Info leak from from uninitialized memory in ReadJPEGImage function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473802
[ 29 ] Bug #1473799 – CVE-2017-11447 ImageMagick: Memory leak in ReadSCREENSHOTImage function in coders/screenshot.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473799
[ 30 ] Bug #1473797 – CVE-2017-11449 ImageMagick: coders/mpc.c don’t validade blob sizes of stdin image input [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473797
[ 31 ] Bug #1473775 – CVE-2017-11450 ImageMagick: Too short JPEG data causes denial of service in coders/jpeg.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473775
[ 32 ] Bug #1473758 – CVE-2017-11141 ImageMagick: Memory exhaustion in ReadMATImage function in coders\mat.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473758
[ 33 ] Bug #1473719 – CVE-2017-10928 ImageMagick: heap-based buffer over-read in the GetNextToken function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473719
[ 34 ] Bug #1410515 – ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1410515
[ 35 ] Bug #1479313 – synfigstudio doesn’t start
https://bugzilla.redhat.com/show_bug.cgi?id=1479313
——————————————————————————–

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade gtatool’ at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

——————————————————————————–
Fedora Update Notification
FEDORA-2017-8f27031c8f
2017-09-19 02:41:35.415951
——————————————————————————–

Name : ImageMagick
Product : Fedora 26
Version : 6.9.9.13
Release : 1.fc26
URL : http://www.imagemagick.org/
Summary : An X application for displaying and manipulating images
Description :
ImageMagick is an image display and manipulation tool for the X
Window System. ImageMagick can read and write JPEG, TIFF, PNM, GIF,
and Photo CD image formats. It can resize, rotate, sharpen, color
reduce, or add special effects to an image, and when finished you can
either save the completed work in the original format or a different
one. ImageMagick also includes command line programs for creating
animated or transparent .gifs, creating composite images, creating
thumbnail images, and more.

ImageMagick is one of your choices if you need a program to manipulate
and display images. If you want to develop your own applications
which use ImageMagick code or APIs, you need to install
ImageMagick-devel as well.

——————————————————————————–
Update Information:

Many security fixes, bug fixes, and other changes from the previous version
6.9.3.0. See the [6.9 branch ChangeLog](https://github.com/ImageMagick/ImageMagi
ck/blob/3fd358e2ac34977fda38a2cf4d88a1cb4dd2d7c7/ChangeLog). Dependent packages
are mostly straight rebuilds, a couple also include bugfix version updates.
——————————————————————————–
References:

[ 1 ] Bug #1471837 – CVE-2017-11352 ImageMagick: Improper EOF handling in coders/rle.c can trigger crash (Incomplete fix for CVE-2017-9144) [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1471837
[ 2 ] Bug #1471122 – CVE-2017-10995 ImageMagick: Out-of-bounds heap read in mng_get_long function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1471122
[ 3 ] Bug #1470670 – CVE-2017-11170 ImageMagick: Memory leak in ReadTGAImage function when processing TGA or VST file [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1470670
[ 4 ] Bug #1465064 – CVE-2017-7941 CVE-2017-7942 CVE-2017-7943 CVE-2017-8352 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1465064
[ 5 ] Bug #1455602 – CVE-2017-9141 CVE-2017-9142 CVE-2017-9143 CVE-2017-9144 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1455602
[ 6 ] Bug #1453125 – CVE-2017-9098 ImageMagick: use of uninitialized memory in RLE decoder [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1453125
[ 7 ] Bug #1413898 – CVE-2016-9556 CVE-2016-9559 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1413898
[ 8 ] Bug #1408404 – CVE-2016-8707 ImageMagick: OOB write in convert utility when deflating TIFF files [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1408404
[ 9 ] Bug #1483575 – CVE-2017-12587 ImageMagick: Resource exhaustion in ReadPWPImage function in coders\pwp.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1483575
[ 10 ] Bug #1299275 – ImageMagick-7.0.6-9 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1299275
[ 11 ] Bug #1483132 – CVE-2017-12433 CVE-2017-12434 CVE-2017-12435 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1483132
[ 12 ] Bug #1483117 – CVE-2017-12640 CVE-2017-12641 CVE-2017-12642 CVE-2017-12643 CVE-2017-12644 CVE-2017-12654 CVE-2017-12662 CVE-2017-12663 CVE-2017-12664 CVE-2017-12665 CVE-2017-12666 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1483117
[ 13 ] Bug #1482655 – CVE-2017-12427 CVE-2017-12428 CVE-2017-12429 CVE-2017-12430 CVE-2017-12432 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1482655
[ 14 ] Bug #1482626 – CVE-2017-12418 ImageMagick: Memory leaks in the parse8BIMW and format8BIM functions in coders/meta.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1482626
[ 15 ] Bug #1350462 – CVE-2016-5841 CVE-2016-5842 imagemagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1350462
[ 16 ] Bug #1361494 – CVE-2016-6491 ImageMagick: Out-of-bounds read in CopyMagickMemory [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1361494
[ 17 ] Bug #1378790 – CVE-2014-9907 CVE-2015-8957 CVE-2015-8958 CVE-2015-8959 CVE-2016-6823 CVE-2016-7101 CVE-2016-7513 CVE-2016-7514 CVE-2016-7515 CVE-2016-7516 CVE-2016-7517 CVE-2016-7518 CVE-2016-7519 CVE-2016-7520 CVE-2016-7521 … ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1378790
[ 18 ] Bug #1361578 – CVE-2016-5010 ImageMagick: Out-of-bounds read when processing crafted tiff file [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1361578
[ 19 ] Bug #1477566 – CVE-2017-12140 ImageMagick: integer signedness error in ReadDCMImage function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1477566
[ 20 ] Bug #1477070 – CVE-2017-11724 CVE-2017-11750 CVE-2017-11751 CVE-2017-11752 CVE-2017-11753 CVE-2017-11754 CVE-2017-11755 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1477070
[ 21 ] Bug #1475486 – CVE-2017-11644 ImageMagick: Memory-Leak in ReadMATImage() coders/mat.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1475486
[ 22 ] Bug #1475471 – CVE-2017-11639 ImageMagick: heap-based buffer over-read in the WriteCIPImage() function in coders/cip.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1475471
[ 23 ] Bug #1475464 – CVE-2017-11640 ImageMagick: NULL pointer dereference in WritePTIFImage() in coders/tiff.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1475464
[ 24 ] Bug #1474846 – CVE-2017-11523 ImageMagick: Endless loop in ReadTXTImage function in coders/txt.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1474846
[ 25 ] Bug #1474420 – CVE-2017-11446 CVE-2017-11478 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1474420
[ 26 ] Bug #1473848 – CVE-2017-11360 ImageMagick: Resource exhaustion in ReadRLEImage function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473848
[ 27 ] Bug #1473825 – CVE-2017-11188 ImageMagick: Resource exhaustion in ReadDPXImage function in coders\dpx.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473825
[ 28 ] Bug #1473802 – CVE-2017-11448 ImageMagick: Info leak from from uninitialized memory in ReadJPEGImage function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473802
[ 29 ] Bug #1473799 – CVE-2017-11447 ImageMagick: Memory leak in ReadSCREENSHOTImage function in coders/screenshot.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473799
[ 30 ] Bug #1473797 – CVE-2017-11449 ImageMagick: coders/mpc.c don’t validade blob sizes of stdin image input [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473797
[ 31 ] Bug #1473775 – CVE-2017-11450 ImageMagick: Too short JPEG data causes denial of service in coders/jpeg.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473775
[ 32 ] Bug #1473758 – CVE-2017-11141 ImageMagick: Memory exhaustion in ReadMATImage function in coders\mat.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473758
[ 33 ] Bug #1473719 – CVE-2017-10928 ImageMagick: heap-based buffer over-read in the GetNextToken function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473719
[ 34 ] Bug #1410515 – ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1410515
[ 35 ] Bug #1479313 – synfigstudio doesn’t start
https://bugzilla.redhat.com/show_bug.cgi?id=1479313
——————————————————————————–

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade ImageMagick’ at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

——————————————————————————–
Fedora Update Notification
FEDORA-2017-8f27031c8f
2017-09-19 02:41:35.415951
——————————————————————————–

Name : imageinfo
Product : Fedora 26
Version : 0.05
Release : 27.fc26
URL : http://www.wohlberg.net/public/software/photo/imageinfo/
Summary : Extract attributes of digital images
Description :
ImageInfo computes and displays selected image attributes. It is
similar in function to the ImageMagick “identify” utility, but
provides a few additional attributes (such as details of embedded ICC
profiles), and allows command line selection of the attributes to be
computed, avoiding unnecessary computation and and allowing easier
parsing of results when this utility is called from a script.

——————————————————————————–
Update Information:

Many security fixes, bug fixes, and other changes from the previous version
6.9.3.0. See the [6.9 branch ChangeLog](https://github.com/ImageMagick/ImageMagi
ck/blob/3fd358e2ac34977fda38a2cf4d88a1cb4dd2d7c7/ChangeLog). Dependent packages
are mostly straight rebuilds, a couple also include bugfix version updates.
——————————————————————————–
References:

[ 1 ] Bug #1471837 – CVE-2017-11352 ImageMagick: Improper EOF handling in coders/rle.c can trigger crash (Incomplete fix for CVE-2017-9144) [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1471837
[ 2 ] Bug #1471122 – CVE-2017-10995 ImageMagick: Out-of-bounds heap read in mng_get_long function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1471122
[ 3 ] Bug #1470670 – CVE-2017-11170 ImageMagick: Memory leak in ReadTGAImage function when processing TGA or VST file [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1470670
[ 4 ] Bug #1465064 – CVE-2017-7941 CVE-2017-7942 CVE-2017-7943 CVE-2017-8352 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1465064
[ 5 ] Bug #1455602 – CVE-2017-9141 CVE-2017-9142 CVE-2017-9143 CVE-2017-9144 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1455602
[ 6 ] Bug #1453125 – CVE-2017-9098 ImageMagick: use of uninitialized memory in RLE decoder [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1453125
[ 7 ] Bug #1413898 – CVE-2016-9556 CVE-2016-9559 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1413898
[ 8 ] Bug #1408404 – CVE-2016-8707 ImageMagick: OOB write in convert utility when deflating TIFF files [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1408404
[ 9 ] Bug #1483575 – CVE-2017-12587 ImageMagick: Resource exhaustion in ReadPWPImage function in coders\pwp.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1483575
[ 10 ] Bug #1299275 – ImageMagick-7.0.6-9 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1299275
[ 11 ] Bug #1483132 – CVE-2017-12433 CVE-2017-12434 CVE-2017-12435 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1483132
[ 12 ] Bug #1483117 – CVE-2017-12640 CVE-2017-12641 CVE-2017-12642 CVE-2017-12643 CVE-2017-12644 CVE-2017-12654 CVE-2017-12662 CVE-2017-12663 CVE-2017-12664 CVE-2017-12665 CVE-2017-12666 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1483117
[ 13 ] Bug #1482655 – CVE-2017-12427 CVE-2017-12428 CVE-2017-12429 CVE-2017-12430 CVE-2017-12432 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1482655
[ 14 ] Bug #1482626 – CVE-2017-12418 ImageMagick: Memory leaks in the parse8BIMW and format8BIM functions in coders/meta.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1482626
[ 15 ] Bug #1350462 – CVE-2016-5841 CVE-2016-5842 imagemagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1350462
[ 16 ] Bug #1361494 – CVE-2016-6491 ImageMagick: Out-of-bounds read in CopyMagickMemory [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1361494
[ 17 ] Bug #1378790 – CVE-2014-9907 CVE-2015-8957 CVE-2015-8958 CVE-2015-8959 CVE-2016-6823 CVE-2016-7101 CVE-2016-7513 CVE-2016-7514 CVE-2016-7515 CVE-2016-7516 CVE-2016-7517 CVE-2016-7518 CVE-2016-7519 CVE-2016-7520 CVE-2016-7521 … ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1378790
[ 18 ] Bug #1361578 – CVE-2016-5010 ImageMagick: Out-of-bounds read when processing crafted tiff file [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1361578
[ 19 ] Bug #1477566 – CVE-2017-12140 ImageMagick: integer signedness error in ReadDCMImage function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1477566
[ 20 ] Bug #1477070 – CVE-2017-11724 CVE-2017-11750 CVE-2017-11751 CVE-2017-11752 CVE-2017-11753 CVE-2017-11754 CVE-2017-11755 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1477070
[ 21 ] Bug #1475486 – CVE-2017-11644 ImageMagick: Memory-Leak in ReadMATImage() coders/mat.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1475486
[ 22 ] Bug #1475471 – CVE-2017-11639 ImageMagick: heap-based buffer over-read in the WriteCIPImage() function in coders/cip.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1475471
[ 23 ] Bug #1475464 – CVE-2017-11640 ImageMagick: NULL pointer dereference in WritePTIFImage() in coders/tiff.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1475464
[ 24 ] Bug #1474846 – CVE-2017-11523 ImageMagick: Endless loop in ReadTXTImage function in coders/txt.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1474846
[ 25 ] Bug #1474420 – CVE-2017-11446 CVE-2017-11478 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1474420
[ 26 ] Bug #1473848 – CVE-2017-11360 ImageMagick: Resource exhaustion in ReadRLEImage function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473848
[ 27 ] Bug #1473825 – CVE-2017-11188 ImageMagick: Resource exhaustion in ReadDPXImage function in coders\dpx.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473825
[ 28 ] Bug #1473802 – CVE-2017-11448 ImageMagick: Info leak from from uninitialized memory in ReadJPEGImage function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473802
[ 29 ] Bug #1473799 – CVE-2017-11447 ImageMagick: Memory leak in ReadSCREENSHOTImage function in coders/screenshot.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473799
[ 30 ] Bug #1473797 – CVE-2017-11449 ImageMagick: coders/mpc.c don’t validade blob sizes of stdin image input [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473797
[ 31 ] Bug #1473775 – CVE-2017-11450 ImageMagick: Too short JPEG data causes denial of service in coders/jpeg.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473775
[ 32 ] Bug #1473758 – CVE-2017-11141 ImageMagick: Memory exhaustion in ReadMATImage function in coders\mat.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473758
[ 33 ] Bug #1473719 – CVE-2017-10928 ImageMagick: heap-based buffer over-read in the GetNextToken function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473719
[ 34 ] Bug #1410515 – ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1410515
[ 35 ] Bug #1479313 – synfigstudio doesn’t start
https://bugzilla.redhat.com/show_bug.cgi?id=1479313
——————————————————————————–

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade imageinfo’ at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

——————————————————————————–
Fedora Update Notification
FEDORA-2017-8f27031c8f
2017-09-19 02:41:35.415951
——————————————————————————–

Name : inkscape
Product : Fedora 26
Version : 0.92.1
Release : 4.20170510bzr15686.fc26.1
URL : http://inkscape.sourceforge.net/
Summary : Vector-based drawing program using SVG
Description :
Inkscape is a vector graphics editor, with capabilities similar to
Illustrator, CorelDraw, or Xara X, using the W3C standard Scalable Vector
Graphics (SVG) file format. It is therefore a very useful tool for web
designers and as an interchange format for desktop publishing.

Inkscape supports many advanced SVG features (markers, clones, alpha
blending, etc.) and great care is taken in designing a streamlined
interface. It is very easy to edit nodes, perform complex path operations,
trace bitmaps and much more.

——————————————————————————–
Update Information:

Many security fixes, bug fixes, and other changes from the previous version
6.9.3.0. See the [6.9 branch ChangeLog](https://github.com/ImageMagick/ImageMagi
ck/blob/3fd358e2ac34977fda38a2cf4d88a1cb4dd2d7c7/ChangeLog). Dependent packages
are mostly straight rebuilds, a couple also include bugfix version updates.
——————————————————————————–
References:

[ 1 ] Bug #1471837 – CVE-2017-11352 ImageMagick: Improper EOF handling in coders/rle.c can trigger crash (Incomplete fix for CVE-2017-9144) [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1471837
[ 2 ] Bug #1471122 – CVE-2017-10995 ImageMagick: Out-of-bounds heap read in mng_get_long function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1471122
[ 3 ] Bug #1470670 – CVE-2017-11170 ImageMagick: Memory leak in ReadTGAImage function when processing TGA or VST file [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1470670
[ 4 ] Bug #1465064 – CVE-2017-7941 CVE-2017-7942 CVE-2017-7943 CVE-2017-8352 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1465064
[ 5 ] Bug #1455602 – CVE-2017-9141 CVE-2017-9142 CVE-2017-9143 CVE-2017-9144 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1455602
[ 6 ] Bug #1453125 – CVE-2017-9098 ImageMagick: use of uninitialized memory in RLE decoder [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1453125
[ 7 ] Bug #1413898 – CVE-2016-9556 CVE-2016-9559 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1413898
[ 8 ] Bug #1408404 – CVE-2016-8707 ImageMagick: OOB write in convert utility when deflating TIFF files [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1408404
[ 9 ] Bug #1483575 – CVE-2017-12587 ImageMagick: Resource exhaustion in ReadPWPImage function in coders\pwp.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1483575
[ 10 ] Bug #1299275 – ImageMagick-7.0.6-9 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1299275
[ 11 ] Bug #1483132 – CVE-2017-12433 CVE-2017-12434 CVE-2017-12435 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1483132
[ 12 ] Bug #1483117 – CVE-2017-12640 CVE-2017-12641 CVE-2017-12642 CVE-2017-12643 CVE-2017-12644 CVE-2017-12654 CVE-2017-12662 CVE-2017-12663 CVE-2017-12664 CVE-2017-12665 CVE-2017-12666 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1483117
[ 13 ] Bug #1482655 – CVE-2017-12427 CVE-2017-12428 CVE-2017-12429 CVE-2017-12430 CVE-2017-12432 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1482655
[ 14 ] Bug #1482626 – CVE-2017-12418 ImageMagick: Memory leaks in the parse8BIMW and format8BIM functions in coders/meta.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1482626
[ 15 ] Bug #1350462 – CVE-2016-5841 CVE-2016-5842 imagemagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1350462
[ 16 ] Bug #1361494 – CVE-2016-6491 ImageMagick: Out-of-bounds read in CopyMagickMemory [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1361494
[ 17 ] Bug #1378790 – CVE-2014-9907 CVE-2015-8957 CVE-2015-8958 CVE-2015-8959 CVE-2016-6823 CVE-2016-7101 CVE-2016-7513 CVE-2016-7514 CVE-2016-7515 CVE-2016-7516 CVE-2016-7517 CVE-2016-7518 CVE-2016-7519 CVE-2016-7520 CVE-2016-7521 … ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1378790
[ 18 ] Bug #1361578 – CVE-2016-5010 ImageMagick: Out-of-bounds read when processing crafted tiff file [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1361578
[ 19 ] Bug #1477566 – CVE-2017-12140 ImageMagick: integer signedness error in ReadDCMImage function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1477566
[ 20 ] Bug #1477070 – CVE-2017-11724 CVE-2017-11750 CVE-2017-11751 CVE-2017-11752 CVE-2017-11753 CVE-2017-11754 CVE-2017-11755 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1477070
[ 21 ] Bug #1475486 – CVE-2017-11644 ImageMagick: Memory-Leak in ReadMATImage() coders/mat.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1475486
[ 22 ] Bug #1475471 – CVE-2017-11639 ImageMagick: heap-based buffer over-read in the WriteCIPImage() function in coders/cip.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1475471
[ 23 ] Bug #1475464 – CVE-2017-11640 ImageMagick: NULL pointer dereference in WritePTIFImage() in coders/tiff.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1475464
[ 24 ] Bug #1474846 – CVE-2017-11523 ImageMagick: Endless loop in ReadTXTImage function in coders/txt.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1474846
[ 25 ] Bug #1474420 – CVE-2017-11446 CVE-2017-11478 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1474420
[ 26 ] Bug #1473848 – CVE-2017-11360 ImageMagick: Resource exhaustion in ReadRLEImage function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473848
[ 27 ] Bug #1473825 – CVE-2017-11188 ImageMagick: Resource exhaustion in ReadDPXImage function in coders\dpx.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473825
[ 28 ] Bug #1473802 – CVE-2017-11448 ImageMagick: Info leak from from uninitialized memory in ReadJPEGImage function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473802
[ 29 ] Bug #1473799 – CVE-2017-11447 ImageMagick: Memory leak in ReadSCREENSHOTImage function in coders/screenshot.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473799
[ 30 ] Bug #1473797 – CVE-2017-11449 ImageMagick: coders/mpc.c don’t validade blob sizes of stdin image input [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473797
[ 31 ] Bug #1473775 – CVE-2017-11450 ImageMagick: Too short JPEG data causes denial of service in coders/jpeg.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473775
[ 32 ] Bug #1473758 – CVE-2017-11141 ImageMagick: Memory exhaustion in ReadMATImage function in coders\mat.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473758
[ 33 ] Bug #1473719 – CVE-2017-10928 ImageMagick: heap-based buffer over-read in the GetNextToken function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473719
[ 34 ] Bug #1410515 – ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1410515
[ 35 ] Bug #1479313 – synfigstudio doesn’t start
https://bugzilla.redhat.com/show_bug.cgi?id=1479313
——————————————————————————–

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade inkscape’ at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

——————————————————————————–
Fedora Update Notification
FEDORA-2017-8f27031c8f
2017-09-19 02:41:35.415951
——————————————————————————–

Name : k3d
Product : Fedora 26
Version : 0.8.0.6
Release : 8.fc26
URL : http://www.k-3d.org/
Summary : A 3D Modeling, Animation and Rendering System
Description :
K-3D is a complete 3D modeling, animation and rendering system. K-3D
features a robust, object oriented plugin architecture, designed to
scale to the needs of professional artists. It is designed from the
ground up to generate motion picture quality animation using RenderMan
compliant render engines.

——————————————————————————–
Update Information:

Many security fixes, bug fixes, and other changes from the previous version
6.9.3.0. See the [6.9 branch ChangeLog](https://github.com/ImageMagick/ImageMagi
ck/blob/3fd358e2ac34977fda38a2cf4d88a1cb4dd2d7c7/ChangeLog). Dependent packages
are mostly straight rebuilds, a couple also include bugfix version updates.
——————————————————————————–
References:

[ 1 ] Bug #1471837 – CVE-2017-11352 ImageMagick: Improper EOF handling in coders/rle.c can trigger crash (Incomplete fix for CVE-2017-9144) [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1471837
[ 2 ] Bug #1471122 – CVE-2017-10995 ImageMagick: Out-of-bounds heap read in mng_get_long function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1471122
[ 3 ] Bug #1470670 – CVE-2017-11170 ImageMagick: Memory leak in ReadTGAImage function when processing TGA or VST file [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1470670
[ 4 ] Bug #1465064 – CVE-2017-7941 CVE-2017-7942 CVE-2017-7943 CVE-2017-8352 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1465064
[ 5 ] Bug #1455602 – CVE-2017-9141 CVE-2017-9142 CVE-2017-9143 CVE-2017-9144 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1455602
[ 6 ] Bug #1453125 – CVE-2017-9098 ImageMagick: use of uninitialized memory in RLE decoder [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1453125
[ 7 ] Bug #1413898 – CVE-2016-9556 CVE-2016-9559 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1413898
[ 8 ] Bug #1408404 – CVE-2016-8707 ImageMagick: OOB write in convert utility when deflating TIFF files [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1408404
[ 9 ] Bug #1483575 – CVE-2017-12587 ImageMagick: Resource exhaustion in ReadPWPImage function in coders\pwp.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1483575
[ 10 ] Bug #1299275 – ImageMagick-7.0.6-9 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1299275
[ 11 ] Bug #1483132 – CVE-2017-12433 CVE-2017-12434 CVE-2017-12435 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1483132
[ 12 ] Bug #1483117 – CVE-2017-12640 CVE-2017-12641 CVE-2017-12642 CVE-2017-12643 CVE-2017-12644 CVE-2017-12654 CVE-2017-12662 CVE-2017-12663 CVE-2017-12664 CVE-2017-12665 CVE-2017-12666 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1483117
[ 13 ] Bug #1482655 – CVE-2017-12427 CVE-2017-12428 CVE-2017-12429 CVE-2017-12430 CVE-2017-12432 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1482655
[ 14 ] Bug #1482626 – CVE-2017-12418 ImageMagick: Memory leaks in the parse8BIMW and format8BIM functions in coders/meta.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1482626
[ 15 ] Bug #1350462 – CVE-2016-5841 CVE-2016-5842 imagemagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1350462
[ 16 ] Bug #1361494 – CVE-2016-6491 ImageMagick: Out-of-bounds read in CopyMagickMemory [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1361494
[ 17 ] Bug #1378790 – CVE-2014-9907 CVE-2015-8957 CVE-2015-8958 CVE-2015-8959 CVE-2016-6823 CVE-2016-7101 CVE-2016-7513 CVE-2016-7514 CVE-2016-7515 CVE-2016-7516 CVE-2016-7517 CVE-2016-7518 CVE-2016-7519 CVE-2016-7520 CVE-2016-7521 … ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1378790
[ 18 ] Bug #1361578 – CVE-2016-5010 ImageMagick: Out-of-bounds read when processing crafted tiff file [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1361578
[ 19 ] Bug #1477566 – CVE-2017-12140 ImageMagick: integer signedness error in ReadDCMImage function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1477566
[ 20 ] Bug #1477070 – CVE-2017-11724 CVE-2017-11750 CVE-2017-11751 CVE-2017-11752 CVE-2017-11753 CVE-2017-11754 CVE-2017-11755 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1477070
[ 21 ] Bug #1475486 – CVE-2017-11644 ImageMagick: Memory-Leak in ReadMATImage() coders/mat.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1475486
[ 22 ] Bug #1475471 – CVE-2017-11639 ImageMagick: heap-based buffer over-read in the WriteCIPImage() function in coders/cip.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1475471
[ 23 ] Bug #1475464 – CVE-2017-11640 ImageMagick: NULL pointer dereference in WritePTIFImage() in coders/tiff.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1475464
[ 24 ] Bug #1474846 – CVE-2017-11523 ImageMagick: Endless loop in ReadTXTImage function in coders/txt.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1474846
[ 25 ] Bug #1474420 – CVE-2017-11446 CVE-2017-11478 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1474420
[ 26 ] Bug #1473848 – CVE-2017-11360 ImageMagick: Resource exhaustion in ReadRLEImage function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473848
[ 27 ] Bug #1473825 – CVE-2017-11188 ImageMagick: Resource exhaustion in ReadDPXImage function in coders\dpx.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473825
[ 28 ] Bug #1473802 – CVE-2017-11448 ImageMagick: Info leak from from uninitialized memory in ReadJPEGImage function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473802
[ 29 ] Bug #1473799 – CVE-2017-11447 ImageMagick: Memory leak in ReadSCREENSHOTImage function in coders/screenshot.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473799
[ 30 ] Bug #1473797 – CVE-2017-11449 ImageMagick: coders/mpc.c don’t validade blob sizes of stdin image input [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473797
[ 31 ] Bug #1473775 – CVE-2017-11450 ImageMagick: Too short JPEG data causes denial of service in coders/jpeg.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473775
[ 32 ] Bug #1473758 – CVE-2017-11141 ImageMagick: Memory exhaustion in ReadMATImage function in coders\mat.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473758
[ 33 ] Bug #1473719 – CVE-2017-10928 ImageMagick: heap-based buffer over-read in the GetNextToken function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473719
[ 34 ] Bug #1410515 – ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1410515
[ 35 ] Bug #1479313 – synfigstudio doesn’t start
https://bugzilla.redhat.com/show_bug.cgi?id=1479313
——————————————————————————–

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade k3d’ at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

——————————————————————————–
Fedora Update Notification
FEDORA-2017-8f27031c8f
2017-09-19 02:41:35.415951
——————————————————————————–

Name : perl-Image-SubImageFind
Product : Fedora 26
Version : 0.03
Release : 13.fc26
URL : http://search.cpan.org/dist/Image-SubImageFind/
Summary : Perl extension for locating a sub-image within an image
Description :
Perl module to aide in locating a sub-image within an image.

——————————————————————————–
Update Information:

Many security fixes, bug fixes, and other changes from the previous version
6.9.3.0. See the [6.9 branch ChangeLog](https://github.com/ImageMagick/ImageMagi
ck/blob/3fd358e2ac34977fda38a2cf4d88a1cb4dd2d7c7/ChangeLog). Dependent packages
are mostly straight rebuilds, a couple also include bugfix version updates.
——————————————————————————–
References:

[ 1 ] Bug #1471837 – CVE-2017-11352 ImageMagick: Improper EOF handling in coders/rle.c can trigger crash (Incomplete fix for CVE-2017-9144) [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1471837
[ 2 ] Bug #1471122 – CVE-2017-10995 ImageMagick: Out-of-bounds heap read in mng_get_long function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1471122
[ 3 ] Bug #1470670 – CVE-2017-11170 ImageMagick: Memory leak in ReadTGAImage function when processing TGA or VST file [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1470670
[ 4 ] Bug #1465064 – CVE-2017-7941 CVE-2017-7942 CVE-2017-7943 CVE-2017-8352 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1465064
[ 5 ] Bug #1455602 – CVE-2017-9141 CVE-2017-9142 CVE-2017-9143 CVE-2017-9144 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1455602
[ 6 ] Bug #1453125 – CVE-2017-9098 ImageMagick: use of uninitialized memory in RLE decoder [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1453125
[ 7 ] Bug #1413898 – CVE-2016-9556 CVE-2016-9559 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1413898
[ 8 ] Bug #1408404 – CVE-2016-8707 ImageMagick: OOB write in convert utility when deflating TIFF files [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1408404
[ 9 ] Bug #1483575 – CVE-2017-12587 ImageMagick: Resource exhaustion in ReadPWPImage function in coders\pwp.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1483575
[ 10 ] Bug #1299275 – ImageMagick-7.0.6-9 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1299275
[ 11 ] Bug #1483132 – CVE-2017-12433 CVE-2017-12434 CVE-2017-12435 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1483132
[ 12 ] Bug #1483117 – CVE-2017-12640 CVE-2017-12641 CVE-2017-12642 CVE-2017-12643 CVE-2017-12644 CVE-2017-12654 CVE-2017-12662 CVE-2017-12663 CVE-2017-12664 CVE-2017-12665 CVE-2017-12666 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1483117
[ 13 ] Bug #1482655 – CVE-2017-12427 CVE-2017-12428 CVE-2017-12429 CVE-2017-12430 CVE-2017-12432 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1482655
[ 14 ] Bug #1482626 – CVE-2017-12418 ImageMagick: Memory leaks in the parse8BIMW and format8BIM functions in coders/meta.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1482626
[ 15 ] Bug #1350462 – CVE-2016-5841 CVE-2016-5842 imagemagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1350462
[ 16 ] Bug #1361494 – CVE-2016-6491 ImageMagick: Out-of-bounds read in CopyMagickMemory [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1361494
[ 17 ] Bug #1378790 – CVE-2014-9907 CVE-2015-8957 CVE-2015-8958 CVE-2015-8959 CVE-2016-6823 CVE-2016-7101 CVE-2016-7513 CVE-2016-7514 CVE-2016-7515 CVE-2016-7516 CVE-2016-7517 CVE-2016-7518 CVE-2016-7519 CVE-2016-7520 CVE-2016-7521 … ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1378790
[ 18 ] Bug #1361578 – CVE-2016-5010 ImageMagick: Out-of-bounds read when processing crafted tiff file [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1361578
[ 19 ] Bug #1477566 – CVE-2017-12140 ImageMagick: integer signedness error in ReadDCMImage function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1477566
[ 20 ] Bug #1477070 – CVE-2017-11724 CVE-2017-11750 CVE-2017-11751 CVE-2017-11752 CVE-2017-11753 CVE-2017-11754 CVE-2017-11755 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1477070
[ 21 ] Bug #1475486 – CVE-2017-11644 ImageMagick: Memory-Leak in ReadMATImage() coders/mat.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1475486
[ 22 ] Bug #1475471 – CVE-2017-11639 ImageMagick: heap-based buffer over-read in the WriteCIPImage() function in coders/cip.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1475471
[ 23 ] Bug #1475464 – CVE-2017-11640 ImageMagick: NULL pointer dereference in WritePTIFImage() in coders/tiff.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1475464
[ 24 ] Bug #1474846 – CVE-2017-11523 ImageMagick: Endless loop in ReadTXTImage function in coders/txt.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1474846
[ 25 ] Bug #1474420 – CVE-2017-11446 CVE-2017-11478 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1474420
[ 26 ] Bug #1473848 – CVE-2017-11360 ImageMagick: Resource exhaustion in ReadRLEImage function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473848
[ 27 ] Bug #1473825 – CVE-2017-11188 ImageMagick: Resource exhaustion in ReadDPXImage function in coders\dpx.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473825
[ 28 ] Bug #1473802 – CVE-2017-11448 ImageMagick: Info leak from from uninitialized memory in ReadJPEGImage function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473802
[ 29 ] Bug #1473799 – CVE-2017-11447 ImageMagick: Memory leak in ReadSCREENSHOTImage function in coders/screenshot.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473799
[ 30 ] Bug #1473797 – CVE-2017-11449 ImageMagick: coders/mpc.c don’t validade blob sizes of stdin image input [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473797
[ 31 ] Bug #1473775 – CVE-2017-11450 ImageMagick: Too short JPEG data causes denial of service in coders/jpeg.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473775
[ 32 ] Bug #1473758 – CVE-2017-11141 ImageMagick: Memory exhaustion in ReadMATImage function in coders\mat.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473758
[ 33 ] Bug #1473719 – CVE-2017-10928 ImageMagick: heap-based buffer over-read in the GetNextToken function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473719
[ 34 ] Bug #1410515 – ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1410515
[ 35 ] Bug #1479313 – synfigstudio doesn’t start
https://bugzilla.redhat.com/show_bug.cgi?id=1479313
——————————————————————————–

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade perl-Image-SubImageFind’ at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

——————————————————————————–
Fedora Update Notification
FEDORA-2017-8f27031c8f
2017-09-19 02:41:35.415951
——————————————————————————–

Name : pfstools
Product : Fedora 26
Version : 2.0.6
Release : 3.fc26
URL : http://pfstools.sourceforge.net/
Summary : Programs for handling high-dynamic range images
Description :
pfstools is a set of command line programs for reading,
writing, manipulating and viewing high-dynamic range (HDR) images and
video frames. All programs in the package exchange data using unix
pipes and a simple generic HDR image format (pfs). The concept of the
pfstools is similar to netpbm package for low-dynamic range images.

——————————————————————————–
Update Information:

Many security fixes, bug fixes, and other changes from the previous version
6.9.3.0. See the [6.9 branch ChangeLog](https://github.com/ImageMagick/ImageMagi
ck/blob/3fd358e2ac34977fda38a2cf4d88a1cb4dd2d7c7/ChangeLog). Dependent packages
are mostly straight rebuilds, a couple also include bugfix version updates.
——————————————————————————–
References:

[ 1 ] Bug #1471837 – CVE-2017-11352 ImageMagick: Improper EOF handling in coders/rle.c can trigger crash (Incomplete fix for CVE-2017-9144) [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1471837
[ 2 ] Bug #1471122 – CVE-2017-10995 ImageMagick: Out-of-bounds heap read in mng_get_long function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1471122
[ 3 ] Bug #1470670 – CVE-2017-11170 ImageMagick: Memory leak in ReadTGAImage function when processing TGA or VST file [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1470670
[ 4 ] Bug #1465064 – CVE-2017-7941 CVE-2017-7942 CVE-2017-7943 CVE-2017-8352 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1465064
[ 5 ] Bug #1455602 – CVE-2017-9141 CVE-2017-9142 CVE-2017-9143 CVE-2017-9144 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1455602
[ 6 ] Bug #1453125 – CVE-2017-9098 ImageMagick: use of uninitialized memory in RLE decoder [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1453125
[ 7 ] Bug #1413898 – CVE-2016-9556 CVE-2016-9559 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1413898
[ 8 ] Bug #1408404 – CVE-2016-8707 ImageMagick: OOB write in convert utility when deflating TIFF files [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1408404
[ 9 ] Bug #1483575 – CVE-2017-12587 ImageMagick: Resource exhaustion in ReadPWPImage function in coders\pwp.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1483575
[ 10 ] Bug #1299275 – ImageMagick-7.0.6-9 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1299275
[ 11 ] Bug #1483132 – CVE-2017-12433 CVE-2017-12434 CVE-2017-12435 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1483132
[ 12 ] Bug #1483117 – CVE-2017-12640 CVE-2017-12641 CVE-2017-12642 CVE-2017-12643 CVE-2017-12644 CVE-2017-12654 CVE-2017-12662 CVE-2017-12663 CVE-2017-12664 CVE-2017-12665 CVE-2017-12666 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1483117
[ 13 ] Bug #1482655 – CVE-2017-12427 CVE-2017-12428 CVE-2017-12429 CVE-2017-12430 CVE-2017-12432 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1482655
[ 14 ] Bug #1482626 – CVE-2017-12418 ImageMagick: Memory leaks in the parse8BIMW and format8BIM functions in coders/meta.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1482626
[ 15 ] Bug #1350462 – CVE-2016-5841 CVE-2016-5842 imagemagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1350462
[ 16 ] Bug #1361494 – CVE-2016-6491 ImageMagick: Out-of-bounds read in CopyMagickMemory [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1361494
[ 17 ] Bug #1378790 – CVE-2014-9907 CVE-2015-8957 CVE-2015-8958 CVE-2015-8959 CVE-2016-6823 CVE-2016-7101 CVE-2016-7513 CVE-2016-7514 CVE-2016-7515 CVE-2016-7516 CVE-2016-7517 CVE-2016-7518 CVE-2016-7519 CVE-2016-7520 CVE-2016-7521 … ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1378790
[ 18 ] Bug #1361578 – CVE-2016-5010 ImageMagick: Out-of-bounds read when processing crafted tiff file [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1361578
[ 19 ] Bug #1477566 – CVE-2017-12140 ImageMagick: integer signedness error in ReadDCMImage function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1477566
[ 20 ] Bug #1477070 – CVE-2017-11724 CVE-2017-11750 CVE-2017-11751 CVE-2017-11752 CVE-2017-11753 CVE-2017-11754 CVE-2017-11755 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1477070
[ 21 ] Bug #1475486 – CVE-2017-11644 ImageMagick: Memory-Leak in ReadMATImage() coders/mat.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1475486
[ 22 ] Bug #1475471 – CVE-2017-11639 ImageMagick: heap-based buffer over-read in the WriteCIPImage() function in coders/cip.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1475471
[ 23 ] Bug #1475464 – CVE-2017-11640 ImageMagick: NULL pointer dereference in WritePTIFImage() in coders/tiff.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1475464
[ 24 ] Bug #1474846 – CVE-2017-11523 ImageMagick: Endless loop in ReadTXTImage function in coders/txt.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1474846
[ 25 ] Bug #1474420 – CVE-2017-11446 CVE-2017-11478 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1474420
[ 26 ] Bug #1473848 – CVE-2017-11360 ImageMagick: Resource exhaustion in ReadRLEImage function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473848
[ 27 ] Bug #1473825 – CVE-2017-11188 ImageMagick: Resource exhaustion in ReadDPXImage function in coders\dpx.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473825
[ 28 ] Bug #1473802 – CVE-2017-11448 ImageMagick: Info leak from from uninitialized memory in ReadJPEGImage function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473802
[ 29 ] Bug #1473799 – CVE-2017-11447 ImageMagick: Memory leak in ReadSCREENSHOTImage function in coders/screenshot.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473799
[ 30 ] Bug #1473797 – CVE-2017-11449 ImageMagick: coders/mpc.c don’t validade blob sizes of stdin image input [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473797
[ 31 ] Bug #1473775 – CVE-2017-11450 ImageMagick: Too short JPEG data causes denial of service in coders/jpeg.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473775
[ 32 ] Bug #1473758 – CVE-2017-11141 ImageMagick: Memory exhaustion in ReadMATImage function in coders\mat.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473758
[ 33 ] Bug #1473719 – CVE-2017-10928 ImageMagick: heap-based buffer over-read in the GetNextToken function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473719
[ 34 ] Bug #1410515 – ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1410515
[ 35 ] Bug #1479313 – synfigstudio doesn’t start
https://bugzilla.redhat.com/show_bug.cgi?id=1479313
——————————————————————————–

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade pfstools’ at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

——————————————————————————–
Fedora Update Notification
FEDORA-2017-8f27031c8f
2017-09-19 02:41:35.415951
——————————————————————————–

Name : psiconv
Product : Fedora 26
Version : 0.9.8
Release : 22.fc26
URL : http://software.frodo.looijaard.name/psiconv/
Summary : A conversion utility for Psion files
Description :
A conversion utility for the Psion files

——————————————————————————–
Update Information:

Many security fixes, bug fixes, and other changes from the previous version
6.9.3.0. See the [6.9 branch ChangeLog](https://github.com/ImageMagick/ImageMagi
ck/blob/3fd358e2ac34977fda38a2cf4d88a1cb4dd2d7c7/ChangeLog). Dependent packages
are mostly straight rebuilds, a couple also include bugfix version updates.
——————————————————————————–
References:

[ 1 ] Bug #1471837 – CVE-2017-11352 ImageMagick: Improper EOF handling in coders/rle.c can trigger crash (Incomplete fix for CVE-2017-9144) [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1471837
[ 2 ] Bug #1471122 – CVE-2017-10995 ImageMagick: Out-of-bounds heap read in mng_get_long function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1471122
[ 3 ] Bug #1470670 – CVE-2017-11170 ImageMagick: Memory leak in ReadTGAImage function when processing TGA or VST file [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1470670
[ 4 ] Bug #1465064 – CVE-2017-7941 CVE-2017-7942 CVE-2017-7943 CVE-2017-8352 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1465064
[ 5 ] Bug #1455602 – CVE-2017-9141 CVE-2017-9142 CVE-2017-9143 CVE-2017-9144 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1455602
[ 6 ] Bug #1453125 – CVE-2017-9098 ImageMagick: use of uninitialized memory in RLE decoder [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1453125
[ 7 ] Bug #1413898 – CVE-2016-9556 CVE-2016-9559 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1413898
[ 8 ] Bug #1408404 – CVE-2016-8707 ImageMagick: OOB write in convert utility when deflating TIFF files [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1408404
[ 9 ] Bug #1483575 – CVE-2017-12587 ImageMagick: Resource exhaustion in ReadPWPImage function in coders\pwp.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1483575
[ 10 ] Bug #1299275 – ImageMagick-7.0.6-9 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1299275
[ 11 ] Bug #1483132 – CVE-2017-12433 CVE-2017-12434 CVE-2017-12435 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1483132
[ 12 ] Bug #1483117 – CVE-2017-12640 CVE-2017-12641 CVE-2017-12642 CVE-2017-12643 CVE-2017-12644 CVE-2017-12654 CVE-2017-12662 CVE-2017-12663 CVE-2017-12664 CVE-2017-12665 CVE-2017-12666 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1483117
[ 13 ] Bug #1482655 – CVE-2017-12427 CVE-2017-12428 CVE-2017-12429 CVE-2017-12430 CVE-2017-12432 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1482655
[ 14 ] Bug #1482626 – CVE-2017-12418 ImageMagick: Memory leaks in the parse8BIMW and format8BIM functions in coders/meta.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1482626
[ 15 ] Bug #1350462 – CVE-2016-5841 CVE-2016-5842 imagemagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1350462
[ 16 ] Bug #1361494 – CVE-2016-6491 ImageMagick: Out-of-bounds read in CopyMagickMemory [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1361494
[ 17 ] Bug #1378790 – CVE-2014-9907 CVE-2015-8957 CVE-2015-8958 CVE-2015-8959 CVE-2016-6823 CVE-2016-7101 CVE-2016-7513 CVE-2016-7514 CVE-2016-7515 CVE-2016-7516 CVE-2016-7517 CVE-2016-7518 CVE-2016-7519 CVE-2016-7520 CVE-2016-7521 … ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1378790
[ 18 ] Bug #1361578 – CVE-2016-5010 ImageMagick: Out-of-bounds read when processing crafted tiff file [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1361578
[ 19 ] Bug #1477566 – CVE-2017-12140 ImageMagick: integer signedness error in ReadDCMImage function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1477566
[ 20 ] Bug #1477070 – CVE-2017-11724 CVE-2017-11750 CVE-2017-11751 CVE-2017-11752 CVE-2017-11753 CVE-2017-11754 CVE-2017-11755 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1477070
[ 21 ] Bug #1475486 – CVE-2017-11644 ImageMagick: Memory-Leak in ReadMATImage() coders/mat.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1475486
[ 22 ] Bug #1475471 – CVE-2017-11639 ImageMagick: heap-based buffer over-read in the WriteCIPImage() function in coders/cip.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1475471
[ 23 ] Bug #1475464 – CVE-2017-11640 ImageMagick: NULL pointer dereference in WritePTIFImage() in coders/tiff.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1475464
[ 24 ] Bug #1474846 – CVE-2017-11523 ImageMagick: Endless loop in ReadTXTImage function in coders/txt.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1474846
[ 25 ] Bug #1474420 – CVE-2017-11446 CVE-2017-11478 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1474420
[ 26 ] Bug #1473848 – CVE-2017-11360 ImageMagick: Resource exhaustion in ReadRLEImage function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473848
[ 27 ] Bug #1473825 – CVE-2017-11188 ImageMagick: Resource exhaustion in ReadDPXImage function in coders\dpx.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473825
[ 28 ] Bug #1473802 – CVE-2017-11448 ImageMagick: Info leak from from uninitialized memory in ReadJPEGImage function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473802
[ 29 ] Bug #1473799 – CVE-2017-11447 ImageMagick: Memory leak in ReadSCREENSHOTImage function in coders/screenshot.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473799
[ 30 ] Bug #1473797 – CVE-2017-11449 ImageMagick: coders/mpc.c don’t validade blob sizes of stdin image input [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473797
[ 31 ] Bug #1473775 – CVE-2017-11450 ImageMagick: Too short JPEG data causes denial of service in coders/jpeg.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473775
[ 32 ] Bug #1473758 – CVE-2017-11141 ImageMagick: Memory exhaustion in ReadMATImage function in coders\mat.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473758
[ 33 ] Bug #1473719 – CVE-2017-10928 ImageMagick: heap-based buffer over-read in the GetNextToken function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473719
[ 34 ] Bug #1410515 – ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1410515
[ 35 ] Bug #1479313 – synfigstudio doesn’t start
https://bugzilla.redhat.com/show_bug.cgi?id=1479313
——————————————————————————–

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade psiconv’ at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

——————————————————————————–
Fedora Update Notification
FEDORA-2017-8f27031c8f
2017-09-19 02:41:35.415951
——————————————————————————–

Name : php-pecl-imagick
Product : Fedora 26
Version : 3.4.3
Release : 2.fc26
URL : http://pecl.php.net/package/imagick
Summary : Provides a wrapper to the ImageMagick library
Description :
imagick is a native php extension to create and modify images using the
ImageMagick API.

——————————————————————————–
Update Information:

Many security fixes, bug fixes, and other changes from the previous version
6.9.3.0. See the [6.9 branch ChangeLog](https://github.com/ImageMagick/ImageMagi
ck/blob/3fd358e2ac34977fda38a2cf4d88a1cb4dd2d7c7/ChangeLog). Dependent packages
are mostly straight rebuilds, a couple also include bugfix version updates.
——————————————————————————–
References:

[ 1 ] Bug #1471837 – CVE-2017-11352 ImageMagick: Improper EOF handling in coders/rle.c can trigger crash (Incomplete fix for CVE-2017-9144) [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1471837
[ 2 ] Bug #1471122 – CVE-2017-10995 ImageMagick: Out-of-bounds heap read in mng_get_long function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1471122
[ 3 ] Bug #1470670 – CVE-2017-11170 ImageMagick: Memory leak in ReadTGAImage function when processing TGA or VST file [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1470670
[ 4 ] Bug #1465064 – CVE-2017-7941 CVE-2017-7942 CVE-2017-7943 CVE-2017-8352 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1465064
[ 5 ] Bug #1455602 – CVE-2017-9141 CVE-2017-9142 CVE-2017-9143 CVE-2017-9144 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1455602
[ 6 ] Bug #1453125 – CVE-2017-9098 ImageMagick: use of uninitialized memory in RLE decoder [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1453125
[ 7 ] Bug #1413898 – CVE-2016-9556 CVE-2016-9559 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1413898
[ 8 ] Bug #1408404 – CVE-2016-8707 ImageMagick: OOB write in convert utility when deflating TIFF files [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1408404
[ 9 ] Bug #1483575 – CVE-2017-12587 ImageMagick: Resource exhaustion in ReadPWPImage function in coders\pwp.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1483575
[ 10 ] Bug #1299275 – ImageMagick-7.0.6-9 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1299275
[ 11 ] Bug #1483132 – CVE-2017-12433 CVE-2017-12434 CVE-2017-12435 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1483132
[ 12 ] Bug #1483117 – CVE-2017-12640 CVE-2017-12641 CVE-2017-12642 CVE-2017-12643 CVE-2017-12644 CVE-2017-12654 CVE-2017-12662 CVE-2017-12663 CVE-2017-12664 CVE-2017-12665 CVE-2017-12666 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1483117
[ 13 ] Bug #1482655 – CVE-2017-12427 CVE-2017-12428 CVE-2017-12429 CVE-2017-12430 CVE-2017-12432 ImageMagick: various flaws [f

Autor	Vlatka Misic
Cert id	NCERT-REF-2017-09-0024-ADV
Cve	CERT-CVE-DUMMY
ID izvornika	CERT-ORIGID-DUMMY
Proizvod	CERT-DUMMY-PRODUCT
Izvor	http://www.adobe.com/

ncert

Top

More in Preporuke

Sigurnosni nedostatak programskog paketa pyjwt

Otkriven je sigurnosni nedostatak u programskom paketu pyjwt za operacijski sustav Debian. Otkriveni nedostatak potencijalnim napadačima omogućuje izvođenje napada uskraćivanjem...