Univention Bugzilla – Bug 49366
imagemagick: Multiple issues (4.3)
Last modified: 2019-05-02 12:35:03 CEST
New Debian imagemagick 8:6.9.7.4+dfsg-11+deb9u7 fixes: This update addresses the following issues: * stack-based buffer overflow in function PopHexPixel in coders/ps.c (CVE-2019-9956) * heap-based buffer over-read in WriteTIFFImage of coders/tiff.c leads to denial of service or information disclosure via crafted image file (CVE-2019-10650)
--- mirror/ftp/4.3/unmaintained/4.3-3/source/imagemagick_6.9.7.4+dfsg-11+deb9u6.dsc +++ apt/ucs_4.3-0-errata4.3-4/source/imagemagick_6.9.7.4+dfsg-11+deb9u7.dsc @@ -1,3 +1,8 @@ +8:6.9.7.4+dfsg-11+deb9u7 [Thu, 25 Apr 2019 21:05:09 +0200] Moritz Mühlenhoff <jmm@debian.org>: + + * CVE-2019-10650 (Closes: #926091) + * CVE-2019-9956 (Closes: #925395) + 8:6.9.7.4+dfsg-11+deb9u6 [Thu, 11 Oct 2018 00:09:33 +0200] Moritz Mühlenhoff <jmm@debian.org>: * CVE-2018-16412 <http://10.200.17.11/4.3-4/#2927392920419539346>
OK: yaml OK: announce_errata OK: patch OK: piuparts [4.3-4] 0a35fd47c8 Bug #49366: imagemagick 8:6.9.7.4+dfsg-11+deb9u7 doc/errata/staging/imagemagick.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) [4.3-4] 6b2f52f1d2 Bug #49366: imagemagick 8:6.9.7.4+dfsg-11+deb9u7 doc/errata/staging/imagemagick.yaml | 17 +++++++++++++++++ 1 file changed, 17 insertions(+)
<http://errata.software-univention.de/ucs/4.3/485.html>