You are here
Home > Preporuke > Sigurnosni nedostaci programskog paketa GraphicsMagick

Sigurnosni nedostaci programskog paketa GraphicsMagick

  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LFE

——————————————————————————–
Fedora Update Notification
FEDORA-2019-da4c20882c
2019-06-30 00:55:02.576495
——————————————————————————–

Name : GraphicsMagick
Product : Fedora 30
Version : 1.3.32
Release : 1.fc30
URL : http://www.graphicsmagick.org/
Summary : An ImageMagick fork, offering faster image generation and better quality
Description :
GraphicsMagick is a comprehensive image processing package which is initially
based on ImageMagick 5.5.2, but which has undergone significant re-work by
the GraphicsMagick Group to significantly improve the quality and performance
of the software.

——————————————————————————–
Update Information:

New bug and security fix release, see
http://www.graphicsmagick.org/NEWS.html#june-15-2019
——————————————————————————–
ChangeLog:

* Mon Jun 17 2019 Rex Dieter <rdieter@fedoraproject.org> – 1.3.32-1
– 1.3.32
* Thu May 30 2019 Jitka Plesnikova <jplesnik@redhat.com> – 1.3.31-6
– Perl 5.30 rebuild
——————————————————————————–
References:

[ 1 ] Bug #1554189 – CVE-2017-18219 CVE-2017-18220 GraphicsMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1554189
[ 2 ] Bug #1543274 – CVE-2018-6799 GraphicsMagick: Heap overwrite in magick/pixel_cache.c:AcquireCacheNexus() can lead to denial of service [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1543274
[ 3 ] Bug #1494552 – CVE-2017-14504 CVE-2017-14649 CVE-2017-14733 CVE-2017-14994 CVE-2017-14997 CVE-2017-15238 CVE-2017-15930 CVE-2017-16545 CVE-2017-16547 CVE-2017-17498 CVE-2017-17500 CVE-2017-17501 CVE-2017-17502 CVE-2017-17503 GraphicsMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1494552
[ 4 ] Bug #1475495 – CVE-2017-11638 CVE-2017-11642 CVE-2017-11722 CVE-2017-12935 CVE-2017-12936 CVE-2017-12937 CVE-2017-13063 CVE-2017-13064 CVE-2017-13065 CVE-2017-13648 CVE-2017-13736 CVE-2017-13737 CVE-2017-13775 … GraphicsMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1475495
[ 5 ] Bug #1708526 – CVE-2017-12805 CVE-2017-12806 GraphicsMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1708526
[ 6 ] Bug #1707774 – CVE-2019-11470 CVE-2019-11472 GraphicsMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1707774
[ 7 ] Bug #1707754 – CVE-2019-11474 GraphicsMagick: floating point exception in coders/xwd.c causing denial of service [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1707754
[ 8 ] Bug #1707716 – CVE-2019-11473 GraphicsMagick: out of bounds in coders/xwd.c causing denial of service by crafting an XWD image file [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1707716
——————————————————————————–

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade –advisory FEDORA-2019-da4c20882c’ at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org

AutorToni Vugdelija
Cert idNCERT-REF-2019-07-0001-ADV
CveCERT-CVE-DUMMY
ID izvornikaCERT-ORIGID-DUMMY
ProizvodCERT-DUMMY-PRODUCT
IzvorAdobe
Top
More in Preporuke
Sigurnosni nedostaci programskog paketa tomcat

Otkriveni su sigurnosni nedostaci u programskom paketu tomcat za operacijski sustav openSUSE. Otkriveni nedostaci potencijalnim napadačima omogućuju izazivanje DoS stanja...

Close