Bug 52999 - imagemagick: Multiple issues (4.4)
imagemagick: Multiple issues (4.4)
Status: CLOSED FIXED
Product: UCS
Classification: Unclassified
Component: Security updates
UCS 4.4
All Linux
: P3 normal (vote)
: UCS 4.4-7-errata
Assigned To: Quality Assurance
Erik Damrose
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2021-03-29 09:29 CEST by Quality Assurance
Modified: 2021-03-31 18:36 CEST (History)
0 users

See Also:
What kind of report is it?: Security Issue
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score: 5.5 (CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Quality Assurance univentionstaff 2021-03-29 09:29:22 CEST
New Debian imagemagick 8:6.9.7.4+dfsg-11+deb9u12 fixes:
This update addresses the following issues:
* outside the range of representable values of type int and signed integer  overflow in MagickCore/histogram.c (CVE-2020-25666)
* outside the range of representable values of type 'long' and integer  overflow at MagickCore/transform.c and MagickCore/image.c (CVE-2020-25675)
* outside the range of representable values of type 'long' and integer  overflow at MagickCore/pixel.c and MagickCore/cache.c (CVE-2020-25676)
* outside the range of representable values of type 'long' and signed integer  overflow at MagickCore/quantize.c (CVE-2020-27754)
* outside the range of representable values of type 'unsigned long long' at  MagickCore/quantum-private.h (CVE-2020-27757)
* outside the range of representable values of type 'unsigned long long' at  coders/txt.c (CVE-2020-27758)
* outside the range of representable values of type 'int' at  MagickCore/quantize.c (CVE-2020-27759)
* outside the range of representable values of type 'unsigned long' at  coders/palm.c (CVE-2020-27761)
* outside the range of representable values of type 'unsigned char' at  coders/hdr.c (CVE-2020-27762)
* outside the range of representable values of type 'unsigned long' at  MagickCore/statistic.c (CVE-2020-27764)
* outside the range of representable values of type 'unsigned long' at  MagickCore/statistic.c (CVE-2020-27766)
* outside the range of representable values of type 'float' at  MagickCore/quantum.h (CVE-2020-27767)
* outside the range of representable values of type 'unsigned int' at  MagickCore/quantum-private.h (CVE-2020-27768)
* outside the range of representable values of type 'float' at  MagickCore/quantize.c (CVE-2020-27769)
* unsigned offset overflowed at MagickCore/string.c (CVE-2020-27770)
* outside the range of representable values of type 'unsigned char' at  coders/pdf.c (CVE-2020-27771)
* outside the range of representable values of type 'unsigned int' at  coders/bmp.c (CVE-2020-27772)
* integer overflow at MagickCore/statistic.c (CVE-2020-27774)
* outside the range of representable values of type 'unsigned char' at  MagickCore/quantum.h (CVE-2020-27775)
* processing crafted file leads to division by zero (CVE-2021-20176)
* Division by zero in WriteJP2Image() in coders/jp2.c (CVE-2021-20241)
* Division by zero in ImplodeImage in MagickCore/visual-effects.c  (CVE-2021-20244)
* Division by zero in ScaleResampleFilter in MagickCore/resample.c  (CVE-2021-20246)
Comment 1 Quality Assurance univentionstaff 2021-03-29 10:00:41 CEST
--- mirror/ftp/4.4/unmaintained/component/4.4-7-errata/source/imagemagick_6.9.7.4+dfsg-11+deb9u11.dsc
+++ apt/ucs_4.4-0-errata4.4-7/source/imagemagick_6.9.7.4+dfsg-11+deb9u12.dsc
@@ -1,3 +1,16 @@
+8:6.9.7.4+dfsg-11+deb9u12 [Tue, 23 Mar 2021 20:06:24 +0100] Markus Koschany <apo@debian.org>:
+
+  * Non-maintainer upload by the LTS team.
+  * Fix CVE-2020-25666, CVE-2020-25675, CVE-2020-25676, CVE-2020-27754,
+    CVE-2020-27757, CVE-2020-27758, CVE-2020-27761, CVE-2020-27762,
+    CVE-2020-27764, CVE-2020-27766, CVE-2020-27774, CVE-2020-27767,
+    CVE-2020-27768, CVE-2020-27769, CVE-2020-27770, CVE-2020-27771,
+    CVE-2020-27772, CVE-2020-27775, CVE-2021-20176, CVE-2021-20241,
+    CVE-2021-20244, CVE-2021-20246 and CVE-2020-27759.
+  * Multiple security vulnerabilities were fixed in Imagemagick. Missing or
+    incomplete input sanitising may lead to undefined behavior which can result
+    in denial of service (application crash) or other unspecified impact.
+
 8:6.9.7.4+dfsg-11+deb9u11 [Mon, 11 Jan 2021 16:13:15 +0100] Sylvain Beucler <beuc@debian.org>:
 
   * Non-maintainer upload by the LTS team.

<http://piuparts.knut.univention.de/4.4-7/#2881453931038115791>
Comment 2 Erik Damrose univentionstaff 2021-03-31 09:52:25 CEST
OK: yaml
OK: announce_errata
OK: patch
OK: piuparts

[4.4-7] c51cbcd6ec Bug #52999: imagemagick 8:6.9.7.4+dfsg-11+deb9u12
 doc/errata/staging/imagemagick.yaml | 75 +++++++++++++++++++++++++++++++++++++
 1 file changed, 75 insertions(+)