Bug 47486 - imagemagick: Multiple issues (4.3)
imagemagick: Multiple issues (4.3)
Status: CLOSED FIXED
Product: UCS
Classification: Unclassified
Component: Security updates
UCS 4.3
All Linux
: P3 normal (vote)
: UCS 4.3-1-errata
Assigned To: Quality Assurance
Philipp Hahn
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2018-08-08 07:41 CEST by Quality Assurance
Modified: 2018-08-15 13:14 CEST (History)
0 users

See Also:
What kind of report is it?: Security Issue
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score: 5.3 (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L)


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Quality Assurance univentionstaff 2018-08-08 07:41:37 CEST
New Debian imagemagick 8:6.9.7.4+dfsg-11+deb9u5 fixes:
This update addresses the following issue(s):
* 
CVE_2005-0406 is open
CVE_2008-3134 is open
CVE_2016-8678 is open
CVE_2017-6502 is open
CVE_2017-7275 is open
CVE_2017-11531 is open
CVE_2017-11532 is open
CVE_2017-11534 is open
CVE_2017-11536 is open
CVE_2017-11539 is open
CVE_2017-11644 is open
CVE_2017-11724 is open
CVE_2017-11751 is open
CVE_2017-11752 is open
CVE_2017-11754 is open
CVE_2017-11755 is open
CVE_2017-12140 is open
CVE_2017-12418 is open
CVE_2017-12427 is open
CVE_2017-12429 is open
CVE_2017-12430 is open
CVE_2017-12433 is open
CVE_2017-12435 is open
CVE_2017-12563 is open
CVE_2017-12564 is open
CVE_2017-12565 is open
CVE_2017-12566 is open
CVE_2017-12641 is open
CVE_2017-12642 is open
CVE_2017-12643 is open
CVE_2017-12644 is open
CVE_2017-12654 is open
CVE_2017-12662 is open
CVE_2017-12663 is open
CVE_2017-12664 is open
CVE_2017-12665 is open
CVE_2017-12666 is open
CVE_2017-12667 is open
CVE_2017-12668 is open
CVE_2017-12669 is open
CVE_2017-12670 is open
CVE_2017-12672 is open
CVE_2017-12673 is open
CVE_2017-12674 is open
CVE_2017-12675 is open
CVE_2017-12676 is open
CVE_2017-12691 is open
CVE_2017-12692 is open
CVE_2017-12693 is open
CVE_2017-12875 is open
CVE_2017-13058 is open
CVE_2017-13059 is open
CVE_2017-13060 is open
CVE_2017-13061 is open
CVE_2017-13062 is open
CVE_2017-13131 is open
CVE_2017-13133 is open
CVE_2017-13146 is open
CVE_2017-13658 is open
CVE_2017-13768 is open
CVE_2017-14060 is open
CVE_2017-14137 is open
CVE_2017-14138 is open
CVE_2017-14139 is open
CVE_2017-14172 is open
CVE_2017-14173 is open
CVE_2017-14174 is open
CVE_2017-14175 is open
CVE_2017-14249 is open
CVE_2017-14324 is open
CVE_2017-14325 is open
CVE_2017-14326 is open
CVE_2017-14341 is open
CVE_2017-14342 is open
CVE_2017-14343 is open
CVE_2017-14400 is open
CVE_2017-14505 is open
CVE_2017-14528 is open
CVE_2017-14531 is open
CVE_2017-14532 is open
CVE_2017-14533 is open
CVE_2017-14624 is open
CVE_2017-14625 is open
CVE_2017-14626 is open
CVE_2017-14684 is open
CVE_2017-14739 is open
CVE_2017-14741 is open
CVE_2017-15015 is open
CVE_2017-15016 is open
CVE_2017-15017 is open
CVE_2017-15032 is open
CVE_2017-15033 is open
CVE_2017-15217 is open
CVE_2017-15218 is open
CVE_2017-15281 is open
CVE_2017-17680 is open
CVE_2017-17681 is open
CVE_2017-17682 is open
CVE_2017-17880 is open
CVE_2017-17881 is open
CVE_2017-17882 is open
CVE_2017-17883 is open
CVE_2017-17884 is open
CVE_2017-17885 is open
CVE_2017-17886 is open
CVE_2017-17887 is open
CVE_2017-17914 is open
CVE_2017-17934 is open
CVE_2017-18008 is open
CVE_2017-18022 is open
CVE_2017-18027 is open
CVE_2017-18028 is open
CVE_2017-18029 is open
CVE_2017-18209 is open
CVE_2017-18211 is open
CVE_2017-18251 is open
CVE_2017-18252 is open
CVE_2017-18254 is open
CVE_2017-18271 is open
CVE_2017-18273 is open
CVE_2017-1000445 is open
CVE_2017-1000476 is open
CVE_2018-5246 is open
CVE_2018-5247 is open
* In ImageMagick 7.0.7-17 Q16, there is a heap-based buffer over-read in coders/sixel.c in the ReadSIXELImage function, related to the sixel_decode function. (CVE-2018-5248)
CVE_2018-5357 is open
CVE_2018-5358 is open
CVE_2018-6405 is open
CVE_2018-7443 is open
CVE_2018-7470 is open
CVE_2018-8804 is open
CVE_2018-8960 is open
CVE_2018-9133 is open
CVE_2018-9135 is open
CVE_2018-10177 is open
CVE_2018-10804 is open
CVE_2018-10805 is open
* In ImageMagick 7.0.7-23 Q16 x86_64 2018-01-24, there is a heap-based buffer over-read in ReadSUNImage in coders/sun.c, which allows attackers to cause a denial of service (application crash in SetGrayscaleImage in MagickCore/quantize.c) via a crafted SUN image file. (CVE-2018-11251)
CVE_2018-11655 is open
CVE_2018-11656 is open
* In ImageMagick 7.0.8-3 Q16, ReadBMPImage and WriteBMPImage in coders/bmp.c allow attackers to cause an out of bounds write via a crafted file. (CVE-2018-12599)
* In ImageMagick 7.0.8-3 Q16, ReadDIBImage and WriteDIBImage in coders/dib.c allow attackers to cause an out of bounds write via a crafted file. (CVE-2018-12600)
CVE_2018-13153 is open
CVE_2018-14434 is open
CVE_2018-14435 is open
CVE_2018-14436 is open
CVE_2018-14437 is open
CVE_2018-14551 is open
TEMP-0869722-31618B is open

8:6.9.7.4+dfsg-11+deb9u5 (Fri, 13 Jul 2018 00:04:11 +0200) * 0113-CVE-2018-12599 * 0114-CVE-2018-11251 * 0115-CVE-2018-12600 * 0116-CVE-2018-5248
* CVE-2018-5248 ImageMagick: Heap-based buffer over-read in the ReadSIXELImage function in coders/sixel.c (CVE-2018-5248)
* CVE-2018-11251 ImageMagick: heap-based buffer over-read in ReadSUNImage in coders/sun.c (CVE-2018-11251)
* CVE-2018-12599 ImageMagick: out of bounds write in ReadBMPImage and WriteBMPImage in coders/bmp.c (CVE-2018-12599)
* CVE-2018-12600 ImageMagick: out of bounds write ReadDIBImage and WriteDIBImage in coders/dib.c (CVE-2018-12600)
Comment 1 Quality Assurance univentionstaff 2018-08-08 19:08:29 CEST
--- mirror/ftp/4.3/unmaintained/4.3-0/source/imagemagick_6.9.7.4+dfsg-11+deb9u4.dsc
+++ apt/ucs_4.3-0-errata4.3-1/source/imagemagick_6.9.7.4+dfsg-11+deb9u5.dsc
@@ -1,3 +1,10 @@
+8:6.9.7.4+dfsg-11+deb9u5 [Fri, 13 Jul 2018 00:04:11 +0200] Moritz Mühlenhoff <jmm@debian.org>:
+
+  * 0113-CVE-2018-12599 (Closes: #902727)
+  * 0114-CVE-2018-11251 
+  * 0115-CVE-2018-12600 (Closes: #902728)
+  * 0116-CVE-2018-5248 (Closes: #886588)
+
 8:6.9.7.4+dfsg-11+deb9u4 [Tue, 26 Dec 2017 12:24:39 +0000] Moritz Muehlenhoff <jmm@debian.org>:
 
   * CVE-2017-12877 (Closes: #872373)

<http://10.200.17.11/4.3-1/#2927392920417374296>
Comment 2 Philipp Hahn univentionstaff 2018-08-09 09:50:54 CEST
OK: patches
REDO: piuparts
OK: yaml
OK: errata-announce imagemagick.yaml

[4.3-1] fc1fec8ceb Bug #47486: imagemagick 8:6.9.7.4+dfsg-11+deb9u5
 doc/errata/staging/imagemagick.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

[4.3-1] 6aa9426dae Bug #47486: imagemagick 8:6.9.7.4+dfsg-11+deb9u5
 doc/errata/staging/imagemagick.yaml | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)
Comment 3 Quality Assurance univentionstaff 2018-08-09 10:48:41 CEST
--- mirror/ftp/4.3/unmaintained/4.3-0/source/imagemagick_6.9.7.4+dfsg-11+deb9u4.dsc
+++ apt/ucs_4.3-0-errata4.3-1/source/imagemagick_6.9.7.4+dfsg-11+deb9u5.dsc
@@ -1,3 +1,10 @@
+8:6.9.7.4+dfsg-11+deb9u5 [Fri, 13 Jul 2018 00:04:11 +0200] Moritz Mühlenhoff <jmm@debian.org>:
+
+  * 0113-CVE-2018-12599 (Closes: #902727)
+  * 0114-CVE-2018-11251 
+  * 0115-CVE-2018-12600 (Closes: #902728)
+  * 0116-CVE-2018-5248 (Closes: #886588)
+
 8:6.9.7.4+dfsg-11+deb9u4 [Tue, 26 Dec 2017 12:24:39 +0000] Moritz Muehlenhoff <jmm@debian.org>:
 
   * CVE-2017-12877 (Closes: #872373)

<http://10.200.17.11/4.3-1/#2927392920417374296>
Comment 4 Philipp Hahn univentionstaff 2018-08-09 10:49:09 CEST
OK: piuparts
Comment 5 Arvid Requate univentionstaff 2018-08-15 13:14:40 CEST
<http://errata.software-univention.de/ucs/4.3/182.html>