Synopsis
Moderate: ImageMagick security, bug fix, and enhancement update
Type/Severity
Security Advisory: Moderate
Topic
An update for ImageMagick, autotrace, emacs, and inkscape is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats.
The following packages have been upgraded to a later upstream version: ImageMagick (6.9.10.68). (BZ#1764595)
Security Fix(es):
- ImageMagick: multiple security vulnerabilities (CVE-2018-12599, CVE-2018-12600, CVE-2019-9956, CVE-2019-11597, CVE-2019-11598, CVE-2019-12974, CVE-2019-12978, CVE-2019-12979, CVE-2019-13135, CVE-2019-13295, CVE-2019-13297, CVE-2019-13300, CVE-2019-13301, CVE-2019-13304, CVE-2019-13305, CVE-2019-13306, CVE-2019-13307, CVE-2019-15139, CVE-2019-15140, CVE-2019-15141, CVE-2019-17540, CVE-2019-17541, CVE-2019-19948, CVE-2017-11166, CVE-2017-12805, CVE-2017-12806, CVE-2017-18251, CVE-2017-18252, CVE-2017-18254, CVE-2017-18271, CVE-2017-18273, CVE-2017-1000476, CVE-2018-8804, CVE-2018-9133, CVE-2018-10177, CVE-2018-10804, CVE-2018-10805, CVE-2018-11656, CVE-2018-13153, CVE-2018-14434, CVE-2018-14435, CVE-2018-14436, CVE-2018-14437, CVE-2018-15607, CVE-2018-16328, CVE-2018-16749, CVE-2018-16750, CVE-2018-18544, CVE-2018-20467, CVE-2019-7175, CVE-2019-7397, CVE-2019-7398, CVE-2019-10131, CVE-2019-10650, CVE-2019-11470, CVE-2019-11472, CVE-2019-12975, CVE-2019-12976, CVE-2019-13133, CVE-2019-13134, CVE-2019-13309, CVE-2019-13310, CVE-2019-13311, CVE-2019-13454, CVE-2019-14980, CVE-2019-14981, CVE-2019-16708, CVE-2019-16709, CVE-2019-16710, CVE-2019-16711, CVE-2019-16712, CVE-2019-16713, CVE-2019-19949)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.8 Release Notes linked from the References section.
Solution
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
Affected Products
-
Red Hat Enterprise Linux Server 7 x86_64
-
Red Hat Enterprise Linux Workstation 7 x86_64
-
Red Hat Enterprise Linux Desktop 7 x86_64
-
Red Hat Enterprise Linux for IBM z Systems 7 s390x
-
Red Hat Enterprise Linux for Power, big endian 7 ppc64
-
Red Hat Enterprise Linux for Scientific Computing 7 x86_64
-
Red Hat Enterprise Linux for Power, little endian 7 ppc64le
Fixes
- BZ - 1532845 - CVE-2017-1000476 ImageMagick: CPU exhaustion vulnerability in function ReadDDSInfo in coders/dds.c
- BZ - 1559892 - CVE-2018-8804 ImageMagick: double free in WriteEPTImage function in coders/ept.c
- BZ - 1561741 - CVE-2017-18251 ImageMagick: memory leak in ReadPCDImage function in coders/pcd.c
- BZ - 1561742 - CVE-2017-18252 ImageMagick: assertion failure in MogrifyImageList function in MagickWand/mogrify.c
- BZ - 1561744 - CVE-2017-18254 ImageMagick: memory leak in WriteGIFImage function in coders/gif.c
- BZ - 1563875 - CVE-2018-9133 ImageMagick: excessive iteration in the DecodeLabImage and EncodeLabImage functions in coders/tiff.c
- BZ - 1572044 - CVE-2018-10177 ImageMagick: Infinite loop in coders/png.c:ReadOneMNGImage() allows attackers to cause a denial of service via crafted MNG file
- BZ - 1577398 - CVE-2018-10805 ImageMagick: Memory leak in ReadYCBCRImage
- BZ - 1577399 - CVE-2018-10804 ImageMagick: Memory leak in WriteTIFFImage
- BZ - 1581486 - CVE-2017-18271 ImageMagick: infinite loop in ReadMIFFImage function in coders/miff.c
- BZ - 1581489 - CVE-2017-18273 ImageMagick: infinite loop ReadTXTImage in function in coders/txt.c
- BZ - 1588170 - CVE-2018-11656 ImageMagick: memory leak in ReadDCMImage function in coders/dcm.c
- BZ - 1594338 - CVE-2018-12599 ImageMagick: out of bounds write in ReadBMPImage and WriteBMPImage in coders/bmp.c
- BZ - 1594339 - CVE-2018-12600 ImageMagick: out of bounds write ReadDIBImage and WriteDIBImage in coders/dib.c
- BZ - 1598471 - CVE-2018-13153 ImageMagick: memory leak in the XMagickCommand function in MagickCore/animate.c
- BZ - 1609933 - CVE-2018-14434 ImageMagick: memory leak for a colormap in WriteMPCImage in coders/mpc.c
- BZ - 1609936 - CVE-2018-14435 ImageMagick: memory leak in DecodeImage in coders/pcd.c
- BZ - 1609939 - CVE-2018-14436 ImageMagick: memory leak in ReadMIFFImage in coders/miff.c
- BZ - 1609942 - CVE-2018-14437 ImageMagick: memory leak in parse8BIM in coders/meta.c
- BZ - 1622738 - CVE-2018-15607 ImageMagick: CPU Exhaustion via crafted input file
- BZ - 1624955 - CVE-2018-16328 ImageMagick: NULL pointer dereference in CheckEventLogging function in MagickCore/log.c
- BZ - 1627916 - CVE-2018-16749 ImageMagick: reachable assertion in ReadOneJNGImage in coders/png.c
- BZ - 1627917 - CVE-2018-16750 ImageMagick: Memory leak in the formatIPTCfromBuffer function in coders/meta.c
- BZ - 1642614 - CVE-2018-18544 ImageMagick: memory leak in WriteMSLImage of coders/msl.c
- BZ - 1664845 - CVE-2018-20467 ImageMagick: infinite loop in coders/bmp.c
- BZ - 1672560 - CVE-2019-7398 ImageMagick: Memory leak in the WriteDIBImage function in coders/dib.c
- BZ - 1672564 - CVE-2019-7397 ImageMagick: Memory leak in the WritePDFImage function in coders/pdf.c
- BZ - 1687436 - CVE-2019-7175 imagemagick: memory leak in function DecodeImage in coders/pcd.c
- BZ - 1692300 - CVE-2019-9956 imagemagick: stack-based buffer overflow in function PopHexPixel in coders/ps.c
- BZ - 1700755 - CVE-2019-10650 ImageMagick: heap-based buffer over-read in WriteTIFFImage of coders/tiff.c leads to denial of service or information disclosure via crafted image file
- BZ - 1704762 - CVE-2019-10131 ImageMagick: off-by-one read in formatIPTCfromBuffer function in coders/meta.c
- BZ - 1705406 - CVE-2019-11597 ImageMagick: heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c leading to DoS or information disclosure
- BZ - 1705414 - CVE-2019-11598 ImageMagick: heap-based buffer over-read in the function WritePNMImage of coders/pnm.c leading to DoS or information disclosure
- BZ - 1707768 - CVE-2019-11472 ImageMagick: denial of service in ReadXWDImage in coders/xwd.c in the XWD image parsing component
- BZ - 1707770 - CVE-2019-11470 ImageMagick: denial of service in cineon parsing component
- BZ - 1708517 - CVE-2017-12806 ImageMagick: memory exhaustion in function format8BIM causing denial of service
- BZ - 1708521 - CVE-2017-12805 ImageMagick: memory exhaustion in function ReadTIFFImage causing denial of service
- BZ - 1726078 - CVE-2019-13133 ImageMagick: a memory leak vulnerability in the function ReadBMPImage in coders/bmp.c
- BZ - 1726081 - CVE-2019-13134 ImageMagick: a memory leak vulnerability in the function ReadVIFFImage in coders/viff.c
- BZ - 1726104 - CVE-2019-13135 ImageMagick: a "use of uninitialized value" vulnerability in the function ReadCUTImage leading to a crash and DoS
- BZ - 1728474 - CVE-2019-13454 ImageMagick: division by zero in RemoveDuplicateLayers in MagickCore/layer.c
- BZ - 1730329 - CVE-2019-13311 ImageMagick: memory leaks at AcquireMagickMemory because of a wand/mogrify.c error
- BZ - 1730333 - CVE-2019-13310 ImageMagick: memory leaks at AcquireMagickMemory because of an error in MagickWand/mogrify.c
- BZ - 1730337 - CVE-2019-13309 ImageMagick: memory leaks at AcquireMagickMemory due to mishandling the NoSuchImage error in CLIListOperatorImages
- BZ - 1730351 - CVE-2019-13307 ImageMagick: heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling rows
- BZ - 1730357 - CVE-2019-13306 ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of off-by-one errors
- BZ - 1730361 - CVE-2019-13305 ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced strncpy and an off-by-one error
- BZ - 1730364 - CVE-2019-13304 ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced assignment
- BZ - 1730575 - CVE-2019-13301 ImageMagick: memory leaks in AcquireMagickMemory
- BZ - 1730580 - CVE-2019-13300 ImageMagick: heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling columns
- BZ - 1730596 - CVE-2019-13297 ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is mishandled
- BZ - 1730604 - CVE-2019-13295 ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled
- BZ - 1732278 - CVE-2019-12974 imagemagick: null-pointer dereference in function ReadPANGOImage in coders/pango.c and ReadVIDImage in coders/vid.c causing denial of service
- BZ - 1732282 - CVE-2019-12975 imagemagick: memory leak vulnerability in function WriteDPXImage in coders/dpx.c
- BZ - 1732284 - CVE-2019-12976 imagemagick: memory leak vulnerability in function ReadPCLImage in coders/pcl.c
- BZ - 1732292 - CVE-2019-12978 imagemagick: use of uninitialized value in function ReadPANGOImage in coders/pango.c
- BZ - 1732294 - CVE-2019-12979 imagemagick: use of uninitialized value in functionSyncImageSettings in MagickCore/image.c
- BZ - 1743658 - [config/type-ghostscript.xml.in] using outdated hardcoded paths for (URW)++ fonts
- BZ - 1757779 - CVE-2019-14980 ImageMagick: use-after-free in magick/blob.c resulting in a denial of service
- BZ - 1757911 - CVE-2019-14981 ImageMagick: division by zero in MeanShiftImage in MagickCore/feature.c
- BZ - 1764595 - Rebase to ImageMagick 6.9
- BZ - 1765205 - Rebuild autotrace due to ImageMagick rebase
- BZ - 1765208 - Rebuild emacs due to ImageMagick rebase
- BZ - 1765211 - Rebuild inkscape due to ImageMagick rebase
- BZ - 1765330 - CVE-2019-17540 ImageMagick: heap-based buffer overflow in ReadPSInfo in coders/ps.c
- BZ - 1767087 - CVE-2019-17541 ImageMagick: Use after free in ReadICCProfile function in coders/jpeg.c
- BZ - 1767802 - CVE-2019-15141 ImageMagick: heap-based buffer overflow in WriteTIFFImage in coders/tiff.c
- BZ - 1767812 - CVE-2019-15139 ImageMagick: out-of-bounds read in ReadXWDImage in coders/xwd.c
- BZ - 1767828 - CVE-2019-15140 ImageMagick: Use after free in ReadMATImage in coders/mat.c
- BZ - 1772643 - CVE-2017-11166 ImageMagick: memory leak vulnerability in ReadXWDImage function in coders/xwd.c
- BZ - 1792480 - CVE-2019-19949 ImageMagick: heap-based buffer over-read in WritePNGImage in coders/png.c
- BZ - 1793177 - CVE-2019-19948 ImageMagick: heap-based buffer overflow in WriteSGIImage in coders/sgi.c
- BZ - 1801661 - CVE-2019-16709 ImageMagick: memory leak in coders/dps.c
- BZ - 1801665 - CVE-2019-16708 ImageMagick: memory leak in magick/xwindow.c
- BZ - 1801667 - CVE-2019-16710 ImageMagick: memory leak in coders/dot.c
- BZ - 1801673 - CVE-2019-16711 ImageMagick: memory leak in Huffman2DEncodeImage in coders/ps2.c
- BZ - 1801674 - CVE-2019-16712 ImageMagick: memory leak in Huffman2DEncodeImage in coders/ps3.c
- BZ - 1801681 - CVE-2019-16713 ImageMagick: memory leak in coders/dot.c
CVEs
References
Vulmon