Debian Graphicsmagick vulnerabilities

CVE-2017-13648 [MEDIUM] CVE-2017-13648: graphicsmagick - In GraphicsMagick 1.3.26, a memory leak vulnerability was found in the function ... In GraphicsMagick 1.3.26, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c. Scope: local bookworm: resolved (fixed in 1.3.27-1) bullseye: resolved (fixed in 1.3.27-1) forky: resolved (fixed in 1.3.27-1) sid: resolved (fixed in 1.3.27-1) trixie: resolved (fixed in 1.3.27-1)

CVE-2017-11140 [MEDIUM] CVE-2017-11140: graphicsmagick - The ReadJPEGImage function in coders/jpeg.c in GraphicsMagick 1.3.26 creates a p... The ReadJPEGImage function in coders/jpeg.c in GraphicsMagick 1.3.26 creates a pixel cache before a successful read of a scanline, which allows remote attackers to cause a denial of service (resource consumption) via crafted JPEG files. Scope: local bookworm: resolved (fixed in 1.3.26-3) bullseye: resolved (fixed in 1.3.26-3) forky: resolved (fixed in 1.3.2

CVE-2017-13776 [MEDIUM] CVE-2017-13776: graphicsmagick - GraphicsMagick 1.3.26 has a denial of service issue in ReadXBMImage() in a coder... GraphicsMagick 1.3.26 has a denial of service issue in ReadXBMImage() in a coders/xbm.c "Read hex image data" version!=10 case that results in the reader not returning; it would cause large amounts of CPU and memory consumption although the crafted file itself does not request it. Scope: local bookworm: resolved (fixed in 1.3.26-8) bullseye: resolved (fixed

CVE-2017-13777 [MEDIUM] CVE-2017-13777: graphicsmagick - GraphicsMagick 1.3.26 has a denial of service issue in ReadXBMImage() in a coder... GraphicsMagick 1.3.26 has a denial of service issue in ReadXBMImage() in a coders/xbm.c "Read hex image data" version==10 case that results in the reader not returning; it would cause large amounts of CPU and memory consumption although the crafted file itself does not request it. Scope: local bookworm: resolved (fixed in 1.3.26-8) bullseye: resolved (fixed

CVE-2017-11139 [CRITICAL] CVE-2017-11139: graphicsmagick - GraphicsMagick 1.3.26 has double free vulnerabilities in the ReadOneJNGImage() f... GraphicsMagick 1.3.26 has double free vulnerabilities in the ReadOneJNGImage() function in coders/png.c. Scope: local bookworm: resolved (fixed in 1.3.26-2) bullseye: resolved (fixed in 1.3.26-2) forky: resolved (fixed in 1.3.26-2) sid: resolved (fixed in 1.3.26-2) trixie: resolved (fixed in 1.3.26-2)

CVE-2017-13066 [MEDIUM] CVE-2017-13066: graphicsmagick - GraphicsMagick 1.3.26 has a memory leak vulnerability in the function CloneImage... GraphicsMagick 1.3.26 has a memory leak vulnerability in the function CloneImage in magick/image.c. Scope: local bookworm: resolved (fixed in 1.3.27-1) bullseye: resolved (fixed in 1.3.27-1) forky: resolved (fixed in 1.3.27-1) sid: resolved (fixed in 1.3.27-1) trixie: resolved (fixed in 1.3.27-1)

CVE-2017-14042 [MEDIUM] CVE-2017-14042: graphicsmagick - A memory allocation failure was discovered in the ReadPNMImage function in coder... A memory allocation failure was discovered in the ReadPNMImage function in coders/pnm.c in GraphicsMagick 1.3.26. The vulnerability causes a big memory allocation, which may lead to remote denial of service in the MagickRealloc function in magick/memory.c. Scope: local bookworm: resolved (fixed in 1.3.26-9) bullseye: resolved (fixed in 1.3.26-9) forky: reso

CVE-2017-13775 [MEDIUM] CVE-2017-13775: graphicsmagick - GraphicsMagick 1.3.26 has a denial of service issue in ReadJNXImage() in coders/... GraphicsMagick 1.3.26 has a denial of service issue in ReadJNXImage() in coders/jnx.c whereby large amounts of CPU and memory resources may be consumed although the file itself does not support the requests. Scope: local bookworm: resolved (fixed in 1.3.26-8) bullseye: resolved (fixed in 1.3.26-8) forky: resolved (fixed in 1.3.26-8) sid: resolved (fixed in

CVE-2017-14649 [MEDIUM] CVE-2017-14649: graphicsmagick - ReadOneJNGImage in coders/png.c in GraphicsMagick version 1.3.26 does not proper... ReadOneJNGImage in coders/png.c in GraphicsMagick version 1.3.26 does not properly validate JNG data, leading to a denial of service (assertion failure in magick/pixel_cache.c, and application crash). Scope: local bookworm: resolved (fixed in 1.3.26-12) bullseye: resolved (fixed in 1.3.26-12) forky: resolved (fixed in 1.3.26-12) sid: resolved (fixed in 1.3.

CVE-2017-13737 [MEDIUM] CVE-2017-13737: graphicsmagick - There is an invalid free in the MagickFree function in magick/memory.c in Graphi... There is an invalid free in the MagickFree function in magick/memory.c in GraphicsMagick 1.3.26 that will lead to a remote denial of service attack. Scope: local bookworm: resolved (fixed in 1.3.26-15) bullseye: resolved (fixed in 1.3.26-15) forky: resolved (fixed in 1.3.26-15) sid: resolved (fixed in 1.3.26-15) trixie: resolved (fixed in 1.3.26-15)

CVE-2017-13736 [MEDIUM] CVE-2017-13736: graphicsmagick - There are lots of memory leaks in the GMCommand function in magick/command.c in ... There are lots of memory leaks in the GMCommand function in magick/command.c in GraphicsMagick 1.3.26 that will lead to a remote denial of service attack. Scope: local bookworm: open bullseye: open forky: open sid: open trixie: open

CVE-2017-13147 [HIGH] CVE-2017-13147: graphicsmagick - In GraphicsMagick 1.3.26, an allocation failure vulnerability was found in the f... In GraphicsMagick 1.3.26, an allocation failure vulnerability was found in the function ReadMNGImage in coders/png.c when a small MNG file has a MEND chunk with a large length value. Scope: local bookworm: resolved (fixed in 1.3.27-1) bullseye: resolved (fixed in 1.3.27-1) forky: resolved (fixed in 1.3.27-1) sid: resolved (fixed in 1.3.27-1) trixie: resolved

CVE-2017-14165 [MEDIUM] CVE-2017-14165: graphicsmagick - The ReadSUNImage function in coders/sun.c in GraphicsMagick 1.3.26 has an issue ... The ReadSUNImage function in coders/sun.c in GraphicsMagick 1.3.26 has an issue where memory allocation is excessive because it depends only on a length field in a header. This may lead to remote denial of service in the MagickMalloc function in magick/memory.c. Scope: local bookworm: resolved (fixed in 1.3.26-9) bullseye: resolved (fixed in 1.3.26-9) forky

CVE-2016-7996 [CRITICAL] CVE-2016-7996: graphicsmagick - Heap-based buffer overflow in the WPG format reader in GraphicsMagick 1.3.25 and... Heap-based buffer overflow in the WPG format reader in GraphicsMagick 1.3.25 and earlier allows remote attackers to have unspecified impact via a colormap with a large number of entries. Scope: local bookworm: resolved (fixed in 1.3.21-2) bullseye: resolved (fixed in 1.3.21-2) forky: resolved (fixed in 1.3.21-2) sid: resolved (fixed in 1.3.21-2) trixie: res

CVE-2016-5118 [CRITICAL] CVE-2016-5118: graphicsmagick - The OpenBlob function in blob.c in GraphicsMagick before 1.3.24 and ImageMagick ... The OpenBlob function in blob.c in GraphicsMagick before 1.3.24 and ImageMagick allows remote attackers to execute arbitrary code via a | (pipe) character at the start of a filename. Scope: local bookworm: resolved (fixed in 1.3.24-1) bullseye: resolved (fixed in 1.3.24-1) forky: resolved (fixed in 1.3.24-1) sid: resolved (fixed in 1.3.24-1) trixie: resolve

CVE-2016-7447 [CRITICAL] CVE-2016-7447: graphicsmagick - Heap-based buffer overflow in the EscapeParenthesis function in GraphicsMagick b... Heap-based buffer overflow in the EscapeParenthesis function in GraphicsMagick before 1.3.25 allows remote attackers to have unspecified impact via unknown vectors. Scope: local bookworm: resolved (fixed in 1.3.25-1) bullseye: resolved (fixed in 1.3.25-1) forky: resolved (fixed in 1.3.25-1) sid: resolved (fixed in 1.3.25-1) trixie: resolved (fixed in 1.3.25

CVE-2016-5239 [CRITICAL] CVE-2016-5239: graphicsmagick - The gnuplot delegate functionality in ImageMagick before 6.9.4-0 and GraphicsMag... The gnuplot delegate functionality in ImageMagick before 6.9.4-0 and GraphicsMagick allows remote attackers to execute arbitrary commands via unspecified vectors. Scope: local bookworm: resolved (fixed in 1.3.24-1) bullseye: resolved (fixed in 1.3.24-1) forky: resolved (fixed in 1.3.24-1) sid: resolved (fixed in 1.3.24-1) trixie: resolved (fixed in 1.3.24-1

CVE-2016-3714 [HIGH] CVE-2016-3714: graphicsmagick - The (1) EPHEMERAL, (2) HTTPS, (3) MVG, (4) MSL, (5) TEXT, (6) SHOW, (7) WIN, and... The (1) EPHEMERAL, (2) HTTPS, (3) MVG, (4) MSL, (5) TEXT, (6) SHOW, (7) WIN, and (8) PLT coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to execute arbitrary code via shell metacharacters in a crafted image, aka "ImageTragick." Scope: local bookworm: resolved (fixed in 1.3.24-1) bullseye: resolved (fixed in 1.3.24-1) forky: r

CVE-2016-7449 [HIGH] CVE-2016-7449: graphicsmagick - The TIFFGetField function in coders/tiff.c in GraphicsMagick 1.3.24 allows remot... The TIFFGetField function in coders/tiff.c in GraphicsMagick 1.3.24 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a file containing an "unterminated" string. Scope: local bookworm: resolved (fixed in 1.3.25-1) bullseye: resolved (fixed in 1.3.25-1) forky: resolved (fixed in 1.3.25-1) sid: resolved (fixed in 1.3.25-1) trixie:

CVE-2016-7448 [HIGH] CVE-2016-7448: graphicsmagick - The Utah RLE reader in GraphicsMagick before 1.3.25 allows remote attackers to c... The Utah RLE reader in GraphicsMagick before 1.3.25 allows remote attackers to cause a denial of service (CPU consumption or large memory allocations) via vectors involving the header information and the file size. Scope: local bookworm: resolved (fixed in 1.3.25-1) bullseye: resolved (fixed in 1.3.25-1) forky: resolved (fixed in 1.3.25-1) sid: resolved (fixed