Several security issues were fixed in ImageMagick ...
This updates fixes many vulnerabilities in imagemagick: Various memory
handling problems and cases of missing or incomplete input sanitising
may result in denial of service or the execution of arbitrary code if
malformed TIFF, WPG, RLE, RAW, PSD, Sun, PICT, VIFF, HDR, Meta, Quantum,
PDB, DDS, DCM, EXIF, RGF or BMP files are processed
For the stabl ...
Integer overflow in MagickCore/profilec in ImageMagick before 702-1 allows remote attackers to cause a denial of service (segmentation fault) or possibly execute arbitrary code via vectors involving the offset variable (CVE-2016-5841)
In ImageMagick before 699-0 and 7x before 706-1, the ReadOneMNGImage function in coders/pngc has an out-o ...
Integer overflow in MagickCore/profilec in ImageMagick before 702-1 allows remote attackers to cause a denial of service (segmentation fault) or possibly execute arbitrary code via vectors involving the offset variable ...
Integer overflow in MagickCore/profilec in ImageMagick before 702-1 allows remote attackers to cause a denial of service (segmentation fault) or possibly execute arbitrary code via vectors involving the offset variable (CVE-2016-5841)
ImageMagick 707-12 Q16, a CPU exhaustion vulnerability was found in the function ReadDDSInfo in coders/ddsc, ...
Debian Bug report logs -
#834183
Double free
Package:
src:imagemagick;
Maintainer for src:imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>;
Reported by: Bastien ROUCARIES <roucariesbastien@gmailcom>
Date: Fri, 12 Aug 2016 20:45:02 UTC
Severity: grave
Tags: patch, security, ups ...
Debian Bug report logs -
#834501
Outofbound in exif (jpeg) reader
Package:
src:imagemagick;
Maintainer for src:imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>;
Reported by: Bastien ROUCARIES <roucariesbastien@gmailcom>
Date: Tue, 16 Aug 2016 11:51:02 UTC
Severity: grave
Tags: ...
Debian Bug report logs -
#827643
imagemagick: writing to rgf format aborts
Package:
imagemagick;
Maintainer for imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Source for imagemagick is src:imagemagick (PTS, buildd, popcon)
Reported by: David Lechner <david@lechnologycom>
Dat ...
Debian Bug report logs -
#832455
Fix a off-by-one error leading to segfault
Package:
imagemagick;
Maintainer for imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Source for imagemagick is src:imagemagick (PTS, buildd, popcon)
Reported by: Bastien ROUCARIES <roucariesbastien@gmailc ...
Debian Bug report logs -
#832464
SUN file handling
Package:
imagemagick;
Maintainer for imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Source for imagemagick is src:imagemagick (PTS, buildd, popcon)
Reported by: Bastien ROUCARIES <roucariesbastien@gmailcom>
Date: Mon, 25 Ju ...
Debian Bug report logs -
#832942
DDS file security fix
Package:
imagemagick;
Maintainer for imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Source for imagemagick is src:imagemagick (PTS, buildd, popcon)
Reported by: Bastien ROUCARIES <roucariesbastien@gmailcom>
Date: Fri, 2 ...
Debian Bug report logs -
#833735
Coder path transversal
Package:
src:imagemagick;
Maintainer for src:imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>;
Reported by: Bastien ROUCARIES <roucariesbastien@gmailcom>
Date: Mon, 8 Aug 2016 10:36:01 UTC
Severity: grave
Tags: patch, se ...
Debian Bug report logs -
#832506
Fix out of bound in quantum handling
Package:
imagemagick;
Maintainer for imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Source for imagemagick is src:imagemagick (PTS, buildd, popcon)
Reported by: Bastien ROUCARIES <roucariesbastien@gmailcom> ...
Debian Bug report logs -
#832785
Fix an out of bound in generic decoder
Package:
imagemagick;
Maintainer for imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Source for imagemagick is src:imagemagick (PTS, buildd, popcon)
Reported by: Bastien ROUCARIES <roucariesbastien@gmailcom&g ...
Debian Bug report logs -
#831034
imagemagick: CVE-2016-5841 CVE-2016-5842
Package:
src:imagemagick;
Maintainer for src:imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Wed, 13 Jul 2016 19:57:02 UTC
Severity: grave
Tags ...
Debian Bug report logs -
#833743
Segfault in ReadRLEImage
Package:
src:imagemagick;
Maintainer for src:imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>;
Reported by: Bastien ROUCARIES <roucariesbastien@gmailcom>
Date: Mon, 8 Aug 2016 11:54:01 UTC
Severity: grave
Tags: patch, ...
Debian Bug report logs -
#833044
CVE-2016-5691 DCM file bug lack of validation of pixelred, pixelgreen, and pixelblue
Package:
src:imagemagick;
Maintainer for src:imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>;
Reported by: Bastien ROUCARIES <roucariesbastien@gmailcom>
Dat ...
Debian Bug report logs -
#831034
imagemagick: CVE-2016-5841 CVE-2016-5842
Package:
src:imagemagick;
Maintainer for src:imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Wed, 13 Jul 2016 19:57:02 UTC
Severity: grave
Tags ...
Debian Bug report logs -
#832482
WPG file security bug
Package:
imagemagick;
Maintainer for imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Source for imagemagick is src:imagemagick (PTS, buildd, popcon)
Reported by: Bastien ROUCARIES <roucariesbastien@gmailcom>
Date: Mon, 2 ...
Debian Bug report logs -
#832475
Fix a outofbound access for psd file
Package:
imagemagick;
Maintainer for imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Source for imagemagick is src:imagemagick (PTS, buildd, popcon)
Reported by: Bastien ROUCARIES <roucariesbastien@gmailcom> ...
Debian Bug report logs -
#833043
CVE-2016-5690
Package:
src:imagemagick;
Maintainer for src:imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>;
Reported by: Bastien ROUCARIES <roucariesbastien@gmailcom>
Date: Sun, 31 Jul 2016 09:21:02 UTC
Severity: grave
Tags: patch, security
F ...
Debian Bug report logs -
#832885
CVE-2016-4562
Package:
imagemagick;
Maintainer for imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Source for imagemagick is src:imagemagick (PTS, buildd, popcon)
Reported by: Bastien ROUCARIES <roucariesbastien@gmailcom>
Date: Fri, 29 Jul 20 ...
Debian Bug report logs -
#832787
Fix an out of bound in psd file
Package:
imagemagick;
Maintainer for imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Source for imagemagick is src:imagemagick (PTS, buildd, popcon)
Reported by: Bastien ROUCARIES <roucariesbastien@gmailcom>
Da ...
Debian Bug report logs -
#833101
DOS by not releasing memory
Package:
src:imagemagick;
Maintainer for src:imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>;
Reported by: Bastien ROUCARIES <roucariesbastien@gmailcom>
Date: Sun, 31 Jul 2016 20:42:02 UTC
Severity: grave
Tags: fixe ...
Debian Bug report logs -
#832793
Fix a SIGABRT in pdb file handling
Package:
imagemagick;
Maintainer for imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Source for imagemagick is src:imagemagick (PTS, buildd, popcon)
Reported by: Bastien ROUCARIES <roucariesbastien@gmailcom>
...
Debian Bug report logs -
#832465
SUN file ABRT signal
Package:
imagemagick;
Maintainer for imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Source for imagemagick is src:imagemagick (PTS, buildd, popcon)
Reported by: Bastien ROUCARIES <roucariesbastien@gmailcom>
Date: Mon, 25 ...
Debian Bug report logs -
#833003
CVE-2016-5688 WPG file issue
Package:
src:imagemagick;
Maintainer for src:imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>;
Reported by: Bastien ROUCARIES <roucariesbastien@gmailcom>
Date: Sat, 30 Jul 2016 18:27:02 UTC
Severity: grave
Tags: pat ...
Debian Bug report logs -
#836171
TIFF divide by zero
Package:
src:imagemagick;
Maintainer for src:imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>;
Reported by: Bastien ROUCARIES <roucariesbastien@gmailcom>
Date: Wed, 31 Aug 2016 08:18:02 UTC
Severity: grave
Tags: patch, secur ...
Debian Bug report logs -
#836172
Prevent buffer overflow in SIXEL, PDB, MAP, and CALS coders (bug report from Donghai Zhu)
Package:
src:imagemagick;
Maintainer for src:imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>;
Reported by: Bastien ROUCARIES <roucariesbastien@gmailcom>
D ...
Debian Bug report logs -
#832469
HDR file overflow
Package:
imagemagick;
Maintainer for imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Source for imagemagick is src:imagemagick (PTS, buildd, popcon)
Reported by: Bastien ROUCARIES <roucariesbastien@gmailcom>
Date: Mon, 25 Ju ...
Debian Bug report logs -
#832480
Fix head buffer overflow in psd file
Package:
imagemagick;
Maintainer for imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Source for imagemagick is src:imagemagick (PTS, buildd, popcon)
Reported by: Bastien ROUCARIES <roucariesbastien@gmailcom> ...
Debian Bug report logs -
#836776
imagemagick: CVE-2016-7101
Package:
src:imagemagick;
Maintainer for src:imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>;
Reported by: Bastien ROUCARIES <roucariesbastien@gmailcom>
Date: Mon, 5 Sep 2016 15:45:02 UTC
Severity: grave
Tags: patch ...
Debian Bug report logs -
#832944
Avoid a DOS for DDS file
Package:
imagemagick;
Maintainer for imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Source for imagemagick is src:imagemagick (PTS, buildd, popcon)
Reported by: Bastien ROUCARIES <roucariesbastien@gmailcom>
Date: Fri ...
Debian Bug report logs -
#832461
Fixed check for the number of pixels that will be allocated
Package:
imagemagick;
Maintainer for imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Source for imagemagick is src:imagemagick (PTS, buildd, popcon)
Reported by: Bastien ROUCARIES <roucari ...
Debian Bug report logs -
#833042
CVE-2016-5689 lack of required NULL pointer checks in the DCM parser
Package:
src:imagemagick;
Maintainer for src:imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>;
Reported by: Bastien ROUCARIES <roucariesbastien@gmailcom>
Date: Sun, 31 Jul 2016 ...
Debian Bug report logs -
#832888
CVE-2016-4564
Package:
imagemagick;
Maintainer for imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Source for imagemagick is src:imagemagick (PTS, buildd, popcon)
Reported by: Bastien ROUCARIES <roucariesbastien@gmailcom>
Date: Fri, 29 Jul 20 ...
Debian Bug report logs -
#832890
CVE-2016-5687
Package:
src:imagemagick;
Maintainer for src:imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>;
Reported by: Bastien ROUCARIES <roucariesbastien@gmailcom>
Date: Fri, 29 Jul 2016 10:24:02 UTC
Severity: grave
Tags: patch, security
F ...
Debian Bug report logs -
#832483
Fix out of bound for viff file
Package:
imagemagick;
Maintainer for imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Source for imagemagick is src:imagemagick (PTS, buildd, popcon)
Reported by: Bastien ROUCARIES <roucariesbastien@gmailcom>
Dat ...
Debian Bug report logs -
#833744
RLE check for pixel offset less than 0
Package:
src:imagemagick;
Maintainer for src:imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>;
Reported by: Bastien ROUCARIES <roucariesbastien@gmailcom>
Date: Mon, 8 Aug 2016 12:03:01 UTC
Severity: grave ...
Debian Bug report logs -
#834504
imagemagick: CVE-2016-6823: Buffer overflow in bmp file reader
Package:
src:imagemagick;
Maintainer for src:imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>;
Reported by: Bastien ROUCARIES <roucariesbastien@gmailcom>
Date: Tue, 16 Aug 2016 12:03 ...
Debian Bug report logs -
#832780
Fix a wpg file out of bound
Package:
imagemagick;
Maintainer for imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Source for imagemagick is src:imagemagick (PTS, buildd, popcon)
Reported by: Bastien ROUCARIES <roucariesbastien@gmailcom>
Date: ...
Debian Bug report logs -
#833730
Buffer overflow in drawc
Package:
src:imagemagick;
Maintainer for src:imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>;
Reported by: Bastien ROUCARIES <roucariesbastien@gmailcom>
Date: Mon, 8 Aug 2016 10:18:02 UTC
Severity: grave
Tags: patch, ...
Debian Bug report logs -
#832457
Fix psd file handling
Package:
imagemagick;
Maintainer for imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Source for imagemagick is src:imagemagick (PTS, buildd, popcon)
Reported by: Bastien ROUCARIES <roucariesbastien@gmailcom>
Date: Mon, 2 ...
Debian Bug report logs -
#832504
Fix an out of bound in xcf file handling
Package:
imagemagick;
Maintainer for imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Source for imagemagick is src:imagemagick (PTS, buildd, popcon)
Reported by: Bastien ROUCARIES <roucariesbastien@gmailcom ...
Debian Bug report logs -
#833099
CVE-2016-6491 buffer overflow
Package:
src:imagemagick;
Maintainer for src:imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>;
Reported by: Bastien ROUCARIES <roucariesbastien@gmailcom>
Date: Sun, 31 Jul 2016 20:30:02 UTC
Severity: grave
Tags: pa ...
Debian Bug report logs -
#832968
CVE-2016-5010: tiff file Out-of-bounds read
Package:
src:imagemagick;
Maintainer for src:imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>;
Reported by: Bastien ROUCARIES <roucariesbastien@gmailcom>
Date: Sat, 30 Jul 2016 09:21:03 UTC
Severity: ...
Debian Bug report logs -
#832789
Fix SEGV reported in profile handling
Package:
imagemagick;
Maintainer for imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Source for imagemagick is src:imagemagick (PTS, buildd, popcon)
Reported by: Bastien ROUCARIES <roucariesbastien@gmailcom> ...
Debian Bug report logs -
#833732
memory leak
Package:
src:imagemagick;
Maintainer for src:imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>;
Reported by: Bastien ROUCARIES <roucariesbastien@gmailcom>
Date: Mon, 8 Aug 2016 10:27:04 UTC
Severity: grave
Tags: patch, security
Fou ...
Debian Bug report logs -
#832474
Fix a heap buffer overflow in psd file handling
Package:
imagemagick;
Maintainer for imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Source for imagemagick is src:imagemagick (PTS, buildd, popcon)
Reported by: Bastien ROUCARIES <roucariesbastien@gm ...
Debian Bug report logs -
#832633
Fix a pbd file out of bound access
Package:
imagemagick;
Maintainer for imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Source for imagemagick is src:imagemagick (PTS, buildd, popcon)
Reported by: Bastien ROUCARIES <roucariesbastien@gmailcom>
...
Debian Bug report logs -
#832887
CVE-2016-4563 The TraceStrokePolygon function in MagickCore/drawc
Package:
imagemagick;
Maintainer for imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Source for imagemagick is src:imagemagick (PTS, buildd, popcon)
Reported by: Bastien ROUCARIES <r ...
Debian Bug report logs -
#832478
Fix meta file outofbound access
Package:
imagemagick;
Maintainer for imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Source for imagemagick is src:imagemagick (PTS, buildd, popcon)
Reported by: Bastien ROUCARIES <roucariesbastien@gmailcom>
Da ...
Debian Bug report logs -
#832776
Fix handling of psd file
Package:
imagemagick;
Maintainer for imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Source for imagemagick is src:imagemagick (PTS, buildd, popcon)
Reported by: Bastien ROUCARIES <roucariesbastien@gmailcom>
Date: Thu ...
Debian Bug report logs -
#832467
Fix multiple out of bound problem
Package:
imagemagick;
Maintainer for imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Source for imagemagick is src:imagemagick (PTS, buildd, popcon)
Reported by: Bastien ROUCARIES <roucariesbastien@gmailcom>
...
Debian Bug report logs -
#832791
Fix an out of bound access in pdb file handling
Package:
imagemagick;
Maintainer for imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Source for imagemagick is src:imagemagick (PTS, buildd, popcon)
Reported by: Bastien ROUCARIES <roucariesbastien@gm ...