Release date:
2022-03-24 17:15:09 UTC
Description:
* SECURITY UPDATE: Crash if image dimensions are too large
- debian/patches/CVE-2017-13144-*.patch: Fix memory leak in MPC image
format
- CVE-2017-13144
* SECURITY UPDATE: Stack-based buffer overflow
- debian/patches/CVE-2020-19667.patch: Zero-out memory before use
- CVE-2020-19667
* SECURITY UPDATE: Heap-based buffer overflow
- debian/patches/CVE-2020-25664.patch: Expand virtual memory allocation
by 256 bytes
- CVE-2020-25664
* SECURITY UPDATE: Heap-based buffer overflow
- debian/patches/CVE-2020-25665.patch: Expand virtual memory allocation
by 256 bytes
- CVE-2020-25665
* SECURITY UPDATE: Heap-based buffer overflow
- debian/patches/CVE-2020-25674.patch: Properly calculate upper limit
for color loop
- CVE-2020-25674
* SECURITY UPDATE: Signed integer overflows
- debian/patches/CVE-2020-25676.patch: Constrain pixel offsets
in magick/pixel.c
- CVE-2020-25676
* SECURITY UPDATE: Division by zero
- debian/patches/CVE-2020-27750.patch: Replace division by multiplication
in magick/colorspace-private.h
- CVE-2020-27750
* SECURITY UPDATE: Memory leaks
- debian/patches/CVE-2020-27753.patch: Fix memory handling
in coders/miff.c
- CVE-2020-27753
* SECURITY UPDATE: Division by zero
- debian/patches/CVE-2020-27760.patch: Fix division by zeros
in magick/enhance.c
- CVE-2020-27760
* SECURITY UPDATE: Outside the range of representable values
- debian/patches/CVE-2020-27762.patch: Adds consistency checks
in coders/hdr.c
- CVE-2020-27762
* SECURITY UPDATE: Unsigned int overflow
- debian/patches/CVE-2020-27770.patch: Guard against underflow when
decrement value in magick/string.c
- CVE-2020-27770
Updated packages:
-
imagemagick_6.8.9.9-7ubuntu5.17+tuxcare.els2_amd64.deb
sha:6f6506f00864fe57341900bdbcea0802039605e1
-
imagemagick-6.q16_6.8.9.9-7ubuntu5.17+tuxcare.els2_amd64.deb
sha:188445b562fb794919093fa3408f7576ac95c749
-
imagemagick-common_6.8.9.9-7ubuntu5.17+tuxcare.els2_all.deb
sha:47a1cc1f02c38467c052bf09a51deccd63cfb761
-
imagemagick-doc_6.8.9.9-7ubuntu5.17+tuxcare.els2_all.deb
sha:6777baac1a11405af6bcd10a8efd807d1c49f9ac
-
libimage-magick-perl_6.8.9.9-7ubuntu5.17+tuxcare.els2_all.deb
sha:23c24dc35fe268e3c73b4a6fb2cfc031092e7a71
-
libimage-magick-q16-perl_6.8.9.9-7ubuntu5.17+tuxcare.els2_amd64.deb
sha:6f31c040f168a67003e0c0d6d393e5d7b8b7874b
-
libmagick++-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els2_all.deb
sha:e8733b8a52b4e5476a8d5dc97d241f2f40c2f524
-
libmagick++-6.q16-5v5_6.8.9.9-7ubuntu5.17+tuxcare.els2_amd64.deb
sha:7335a538b55f98fa0c5cd119ca471be22d94504b
-
libmagick++-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els2_amd64.deb
sha:e4f86790e23ee44c4bc1f98752753a843e2e6b4e
-
libmagick++-dev_6.8.9.9-7ubuntu5.17+tuxcare.els2_all.deb
sha:c15c3cf6b21e98b63d3c536246c34f3be2210d28
-
libmagickcore-6-arch-config_6.8.9.9-7ubuntu5.17+tuxcare.els2_amd64.deb
sha:2c76f7e6edd7b994d168b094d850f574979c5123
-
libmagickcore-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els2_all.deb
sha:11d955d860c946753d1ede8f9c039b229bc9b04c
-
libmagickcore-6.q16-2_6.8.9.9-7ubuntu5.17+tuxcare.els2_amd64.deb
sha:82173437aad7e472196d185350e70324c307a2e8
-
libmagickcore-6.q16-2-extra_6.8.9.9-7ubuntu5.17+tuxcare.els2_amd64.deb
sha:255a2247255f6d9006ec46cb0ec70be0021c33e8
-
libmagickcore-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els2_amd64.deb
sha:65f57ff544a428bf45e310a28f4dbb81b744ed93
-
libmagickcore-dev_6.8.9.9-7ubuntu5.17+tuxcare.els2_all.deb
sha:17c8036d1ac7ceb0b9f00edeb01da132eccddbc4
-
libmagickwand-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els2_all.deb
sha:498f99ed864b926240f79d3e11eecf0475eb17e4
-
libmagickwand-6.q16-2_6.8.9.9-7ubuntu5.17+tuxcare.els2_amd64.deb
sha:0ca2a7533d1a6d7159631a4c88b84cce4fde143c
-
libmagickwand-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els2_amd64.deb
sha:019d1a7dcd0c77b72edd88676e445e694fd68923
-
libmagickwand-dev_6.8.9.9-7ubuntu5.17+tuxcare.els2_all.deb
sha:33403f199aec61c5da62a61046248150e969908b
-
perlmagick_6.8.9.9-7ubuntu5.17+tuxcare.els2_all.deb
sha:c56c885de9d0cf0633de16e9cc21085c61afceb4
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.