Download
| Alert*
oval:org.secpod.oval:def:53438
This update fixes several vulnerabilities in Imagemagick, a graphical software suite. Various memory handling problems or incomplete input sanitising have been found in the coders for BMP, DIB, PICT, DCM, CUT and PSD. oval:org.secpod.oval:def:57449 imagemagick: Image manipulation programs and library Several security issues were fixed in ImageMagick. oval:org.secpod.oval:def:1504542 autotrace [0.31.1-38] - Resolves: #1765205 rebuild against new IM emacs [1:24.3-23] - Resolves: #1765208 rebuild against new IM ImageMagick [6.9.10.68-3] - Fixing freeze when svg file contains class="" [6.9.10.68-2] - Fixed ghostscript fonts, fixed multilib conflicts [6.9.10.68-1] - Rebase to 6.9.10 ... oval:org.secpod.oval:def:2000184 In ImageMagick 7.0.8-11 Q16, a tiny input file 0x50 0x36 0x36 0x36 0x36 0x4c 0x36 0x38 0x36 0x36 0x36 0x36 0x36 0x36 0x1f 0x35 0x50 0x00 can result in a hang of several minutes during which CPU and memory resources are consumed until ultimately an attempted large memory allocation fails. Remote atta ... |