Debian Graphicsmagick vulnerabilities

CVE-2019-11010 [MEDIUM] CVE-2019-11010: graphicsmagick - In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a memory leak in the functi... In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a memory leak in the function ReadMPCImage of coders/mpc.c, which allows attackers to cause a denial of service via a crafted image file. Scope: local bookworm: resolved (fixed in 1.4~hg15968-1) bullseye: resolved (fixed in 1.4~hg15968-1) forky: resolved (fixed in 1.4~hg15968-1) sid: resolved (fixed in 1.

CVE-2019-16709 [MEDIUM] CVE-2019-16709: graphicsmagick - ImageMagick 7.0.8-35 has a memory leak in coders/dps.c, as demonstrated by XCrea... ImageMagick 7.0.8-35 has a memory leak in coders/dps.c, as demonstrated by XCreateImage. Scope: local bookworm: resolved (fixed in 1.4+really1.3.33+hg16117-1) bullseye: resolved (fixed in 1.4+really1.3.33+hg16117-1) forky: resolved (fixed in 1.4+really1.3.33+hg16117-1) sid: resolved (fixed in 1.4+really1.3.33+hg16117-1) trixie: resolved (fixed in 1.4+really

CVE-2019-7397 [HIGH] CVE-2019-7397: graphicsmagick - In ImageMagick before 7.0.8-25 and GraphicsMagick through 1.3.31, several memory... In ImageMagick before 7.0.8-25 and GraphicsMagick through 1.3.31, several memory leaks exist in WritePDFImage in coders/pdf.c. Scope: local bookworm: resolved (fixed in 1.4~hg15896-1) bullseye: resolved (fixed in 1.4~hg15896-1) forky: resolved (fixed in 1.4~hg15896-1) sid: resolved (fixed in 1.4~hg15896-1) trixie: resolved (fixed in 1.4~hg15896-1)

CVE-2018-6799 [HIGH] CVE-2018-6799: graphicsmagick - The AcquireCacheNexus function in magick/pixel_cache.c in GraphicsMagick before ... The AcquireCacheNexus function in magick/pixel_cache.c in GraphicsMagick before 1.3.28 allows remote attackers to cause a denial of service (heap overwrite) or possibly have unspecified other impact via a crafted image file, because a pixel staging area is not used. Scope: local bookworm: resolved (fixed in 1.3.28-1) bullseye: resolved (fixed in 1.3.28-1) forky

CVE-2018-5685 [MEDIUM] CVE-2018-5685: graphicsmagick - In GraphicsMagick 1.3.27, there is an infinite loop and application hang in the ... In GraphicsMagick 1.3.27, there is an infinite loop and application hang in the ReadBMPImage function (coders/bmp.c). Remote attackers could leverage this vulnerability to cause a denial of service via an image file with a crafted bit-field mask value. Scope: local bookworm: resolved (fixed in 1.3.27-4) bullseye: resolved (fixed in 1.3.27-4) forky: resolved (

CVE-2018-20184 [MEDIUM] CVE-2018-20184: graphicsmagick - In GraphicsMagick 1.4 snapshot-20181209 Q8, there is a heap-based buffer overflo... In GraphicsMagick 1.4 snapshot-20181209 Q8, there is a heap-based buffer overflow in the WriteTGAImage function of tga.c, which allows attackers to cause a denial of service via a crafted image file, because the number of rows or columns can exceed the pixel-dimension restrictions of the TGA specification. Scope: local bookworm: resolved (fixed in 1.4~hg158

CVE-2018-20185 [MEDIUM] CVE-2018-20185: graphicsmagick - In GraphicsMagick 1.4 snapshot-20181209 Q8 on 32-bit platforms, there is a heap-... In GraphicsMagick 1.4 snapshot-20181209 Q8 on 32-bit platforms, there is a heap-based buffer over-read in the ReadBMPImage function of bmp.c, which allows attackers to cause a denial of service via a crafted bmp image file. This only affects GraphicsMagick installations with customized BMP limits. Scope: local bookworm: resolved (fixed in 1.4~hg15880-1) bul

CVE-2018-9018 [MEDIUM] CVE-2018-9018: graphicsmagick - In GraphicsMagick 1.3.28, there is a divide-by-zero in the ReadMNGImage function... In GraphicsMagick 1.3.28, there is a divide-by-zero in the ReadMNGImage function of coders/png.c. Remote attackers could leverage this vulnerability to cause a crash and denial of service via a crafted mng file. Scope: local bookworm: resolved (fixed in 1.3.28-2) bullseye: resolved (fixed in 1.3.28-2) forky: resolved (fixed in 1.3.28-2) sid: resolved (fixed i

CVE-2018-20189 [MEDIUM] CVE-2018-20189: graphicsmagick - In GraphicsMagick 1.3.31, the ReadDIBImage function of coders/dib.c has a vulner... In GraphicsMagick 1.3.31, the ReadDIBImage function of coders/dib.c has a vulnerability allowing a crash and denial of service via a dib file that is crafted to appear with direct pixel values and also colormapping (which is not available beyond 8-bits/sample), and therefore lacks indexes initialization. Scope: local bookworm: resolved (fixed in 1.4~hg15873

CVE-2018-18544 [MEDIUM] CVE-2018-18544: graphicsmagick - There is a memory leak in the function WriteMSLImage of coders/msl.c in ImageMag... There is a memory leak in the function WriteMSLImage of coders/msl.c in ImageMagick 7.0.8-13 Q16, and the function ProcessMSLScript of coders/msl.c in GraphicsMagick before 1.3.31. Scope: local bookworm: resolved (fixed in 1.3.31-1) bullseye: resolved (fixed in 1.3.31-1) forky: resolved (fixed in 1.3.31-1) sid: resolved (fixed in 1.3.31-1) trixie: resolved

CVE-2017-11637 [CRITICAL] CVE-2017-11637: graphicsmagick - GraphicsMagick 1.3.26 has a NULL pointer dereference in the WritePCLImage() func... GraphicsMagick 1.3.26 has a NULL pointer dereference in the WritePCLImage() function in coders/pcl.c during writes of monochrome images. Scope: local bookworm: resolved (fixed in 1.3.26-4) bullseye: resolved (fixed in 1.3.26-4) forky: resolved (fixed in 1.3.26-4) sid: resolved (fixed in 1.3.26-4) trixie: resolved (fixed in 1.3.26-4)

CVE-2017-11643 [CRITICAL] CVE-2017-11643: graphicsmagick - GraphicsMagick 1.3.26 has a heap overflow in the WriteCMYKImage() function in co... GraphicsMagick 1.3.26 has a heap overflow in the WriteCMYKImage() function in coders/cmyk.c when processing multiple frames that have non-identical widths. Scope: local bookworm: resolved (fixed in 1.3.26-4) bullseye: resolved (fixed in 1.3.26-4) forky: resolved (fixed in 1.3.26-4) sid: resolved (fixed in 1.3.26-4) trixie: resolved (fixed in 1.3.26-4)

CVE-2017-11641 [CRITICAL] CVE-2017-11641: graphicsmagick - GraphicsMagick 1.3.26 has a Memory Leak in the PersistCache function in magick/p... GraphicsMagick 1.3.26 has a Memory Leak in the PersistCache function in magick/pixel_cache.c during writing of Magick Persistent Cache (MPC) files. Scope: local bookworm: resolved (fixed in 1.3.26-4) bullseye: resolved (fixed in 1.3.26-4) forky: resolved (fixed in 1.3.26-4) sid: resolved (fixed in 1.3.26-4) trixie: resolved (fixed in 1.3.26-4)

CVE-2017-11636 [CRITICAL] CVE-2017-11636: graphicsmagick - GraphicsMagick 1.3.26 has a heap overflow in the WriteRGBImage() function in cod... GraphicsMagick 1.3.26 has a heap overflow in the WriteRGBImage() function in coders/rgb.c when processing multiple frames that have non-identical widths. Scope: local bookworm: resolved (fixed in 1.3.26-4) bullseye: resolved (fixed in 1.3.26-4) forky: resolved (fixed in 1.3.26-4) sid: resolved (fixed in 1.3.26-4) trixie: resolved (fixed in 1.3.26-4)

CVE-2017-16545 [HIGH] CVE-2017-16545: graphicsmagick - The ReadWPGImage function in coders/wpg.c in GraphicsMagick 1.3.26 does not prop... The ReadWPGImage function in coders/wpg.c in GraphicsMagick 1.3.26 does not properly validate colormapped images, which allows remote attackers to cause a denial of service (ImportIndexQuantumType invalid write and application crash) or possibly have unspecified other impact via a malformed WPG image. Scope: local bookworm: resolved (fixed in 1.3.26-18) bulls

CVE-2017-12935 [HIGH] CVE-2017-12935: graphicsmagick - The ReadMNGImage function in coders/png.c in GraphicsMagick 1.3.26 mishandles la... The ReadMNGImage function in coders/png.c in GraphicsMagick 1.3.26 mishandles large MNG images, leading to an invalid memory read in the SetImageColorCallBack function in magick/image.c. Scope: local bookworm: resolved (fixed in 1.3.26-6) bullseye: resolved (fixed in 1.3.26-6) forky: resolved (fixed in 1.3.26-6) sid: resolved (fixed in 1.3.26-6) trixie: resol

CVE-2017-11102 [HIGH] CVE-2017-11102: graphicsmagick - The ReadOneJNGImage function in coders/png.c in GraphicsMagick 1.3.26 allows rem... The ReadOneJNGImage function in coders/png.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (application crash) during JNG reading via a zero-length color_image data structure. Scope: local bookworm: resolved (fixed in 1.3.26-2) bullseye: resolved (fixed in 1.3.26-2) forky: resolved (fixed in 1.3.26-2) sid: resolved (fixed in 1.

CVE-2017-12936 [HIGH] CVE-2017-12936: graphicsmagick - The ReadWMFImage function in coders/wmf.c in GraphicsMagick 1.3.26 has a use-aft... The ReadWMFImage function in coders/wmf.c in GraphicsMagick 1.3.26 has a use-after-free issue for data associated with exception reporting. Scope: local bookworm: resolved (fixed in 1.3.26-6) bullseye: resolved (fixed in 1.3.26-6) forky: resolved (fixed in 1.3.26-6) sid: resolved (fixed in 1.3.26-6) trixie: resolved (fixed in 1.3.26-6)

CVE-2017-16669 [HIGH] CVE-2017-16669: graphicsmagick - coders/wpg.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial ... coders/wpg.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted file, related to the AcquireCacheNexus function in magick/pixel_cache.c. Scope: local bookworm: resolved (fixed in 1.3.26-19) bullseye: resolved (fixed in 1.3.26-1

CVE-2017-17782 [HIGH] CVE-2017-17782: graphicsmagick - In GraphicsMagick 1.3.27a, there is a heap-based buffer over-read in ReadOneJNGI... In GraphicsMagick 1.3.27a, there is a heap-based buffer over-read in ReadOneJNGImage in coders/png.c, related to oFFs chunk allocation. Scope: local bookworm: resolved (fixed in 1.3.27-2) bullseye: resolved (fixed in 1.3.27-2) forky: resolved (fixed in 1.3.27-2) sid: resolved (fixed in 1.3.27-2) trixie: resolved (fixed in 1.3.27-2)