/[advisories]/24614.adv
ViewVC logotype

Contents of /24614.adv

Parent Directory Parent Directory | Revision Log Revision Log


Revision 8462 - (show annotations) (download)
Wed Apr 10 20:41:17 2019 UTC (4 months, 1 week ago) by tmb
File size: 778 byte(s)
MGASA-2019-0142: imagemagick-6.9.10.36-1.mga6
1 type: security
2 subject: Updated imagemagick packages fix security vulnerability
3 CVE:
4 - CVE-2019-10649
5 - CVE-2019-10650
6 src:
7 6:
8 core:
9 - imagemagick-6.9.10.36-1.mga6
10 description: |
11 In ImageMagick 7.0.8-36 Q16, there is a memory leak in the function
12 SVGKeyValuePairs of coders/svg.c, which allows an attacker to cause a
13 denial of service via a crafted image file. (CVE-2019-10649)
14
15 In ImageMagick 7.0.8-36 Q16, there is a heap-based buffer over-read in the
16 function WriteTIFFImage of coders/tiff.c, which allows an attacker to
17 cause a denial of service or information disclosure via a crafted image
18 file. (CVE-2019-10650)
19 references:
20 - https://bugs.mageia.org/show_bug.cgi?id=24614
21 - https://www.imagemagick.org/script/changelog.php
22 ID: MGASA-2019-0142

  ViewVC Help
Powered by ViewVC 1.1.26