Publishing details

Changelog

graphicsmagick (1.3.28-2ubuntu0.1) bionic-security; urgency=medium

  * SECURITY UPDATE: Heap-based buffer overflow in the WriteTGAImage function.
    - debian/patches/CVE-2018-20184.patch: reject image rows/columns larger than
      65535.
    - CVE-2018-20184
  * SECURITY UPDATE: Heap based buffer over-read in the ReadBMPImage function.
    - debian/patches/CVE-2018-20185-1.patch: Only compute unsigned_maxvalue if
      sample_bits <= 32.
    - debian/patches/CVE-2018-20185-2.patch: Fix heap overflow in 32-bit due
      to arithmetic overflow.
    - debian/patches/CVE-2018-20185-3.patch: Improve buffer size calculations
      to guard against arithmetic overflow.
    - CVE-2018-20185
  * SECURITY UPDATE:  DoS (crash) in ReadDIBImage.
    - debian/patches/CVE-2018-20189.patch: DIB images claiming more than 8-bits
      per pixel are not colormapped.
    - CVE-2018-20189
  * SECURITY UPDATE: Stack-based buffer overflow in the function
    SVGStartElement.
    - debian/patches/CVE-2019-11005.patch: Fix stack buffer overflow while
      parsing quoted font family value.
    - CVE-2019-11005
  * SECURITY UPDATE: Heap-based buffer over-read in the function ReadMIFFImage.
    - debian/patches/CVE-2019-11006.patch: Detect end of file while reading
      RLE packets.
    - CVE-2019-11006
  * SECURITY UPDATE: Heap-based buffer over-read in the function ReadMNGImage.
    - debian/patches/CVE-2019-11007-1.patch: New function to reallocate an
      image colormap.
    - debian/patches/CVE-2019-11007-2.patch: Fix small buffer overflow (one
      PixelPacket) of image colormap.
    - CVE-2019-11007
  * SECURITY UPDATE: Heap-based buffer overflow in the function WriteXWDImage.
    - debian/patches/CVE-2019-11008.patch: Perform more header validations, a
      file size validation, and fix arithmetic overflows leading to heap
      overwrite.
    - CVE-2019-11008
  * SECURITY UPDATE: Heap-based buffer over-read in the function ReadXWDImage.
    - debian/patches/CVE-2019-11009.patch: Fix heap buffer overflow while
      reading DirectClass XWD file.
    - CVE-2019-11009
  * SECURITY UPDATE: Memory leak in the function ReadMPCImage.
    - debian/patches/CVE-2019-11010.patch: Deal with a profile length of zero,
      or an irrationally large profile length.
    - CVE-2019-11010
  * SECURITY UPDATE: DoS (out-of-bounds read, floating-point exception and
    crash) by crafting an XWD image file.
    - debian/patches/CVE-2019-11473_11474-1.patch: Add more validation logic to
      avoid crashes due to FPE and invalid reads.
    - debian/patches/CVE-2019-11473_11474-2.patch: Address header-directed
      arbitrary memory allocation.
    - debian/patches/CVE-2019-11473_11474-3.patch: Address segmentation
      violation and invalid memory read with more validations.
    - CVE-2019-11473
    - CVE-2019-11474
  * SECURITY UPDATE: Heap-based buffer overflow in the function WritePDBImage.
    - debian/patches/CVE-2019-11505.patch: Use correct bits/sample rather than
      image->depth. Avoids potential buffer overflow.
    - CVE-2019-11505
  * SECURITY UPDATE: Heap-based buffer overflow in the function
    WriteMATLABImage.
    - debian/patches/CVE-2019-11506.patch: Add completely missing error
      handling.
    - CVE-2019-11506

 -- Eduardo Barretto <email address hidden>  Thu, 28 Nov 2019 11:12:37 -0300

Available diffs

Builds

Built packages

Package files