imagemagick (8:6.9.7.4+dfsg-16ubuntu6.12) bionic-security; urgency=medium
* SECURITY UPDATE: Multiple divide by zero issues in imagemagick allow a
remote attacker to cause a denial of service via a crafted image file
- debian/patches/CVE-2021-20244.patch: Avoid division by zero in
magick/fx.c
- debian/patches/CVE-2021-20309.patch: Avoid division by zero in
magick/fx.c
- debian/patches/CVE-2021-20246.patch: Avoid division by zero in
magick/resample.c
- CVE-2021-20244, CVE-2021-20309, CVE-2021-20246
* SECURITY UPDATE: Integer overflow, divide by zero and memory leak in
imagemagick allow a remote attacker to cause a denial of service or
possible leak of cryptographic information via a crafted image file
- debian/patches/CVE-2021-20312.patch: Avoid integer overflow in
coders/thumbnail.c, division by zero in magick/colorspace.c and
a potential cipher leak in magick/memory.c
- CVE-2021-20312, CVE-2021-20313
-- Ray Veldkamp <email address hidden> Thu, 18 Nov 2021 20:39:34 +1100