GraphicsMagick 1.3.25 has been announced with some security fixes: http://www.openwall.com/lists/oss-security/2016/09/07/4 I believe the first issue is the upstream patch2 added in the previous update, but the other issues are new fixes (looks like all DoS issues). Freeze push requested for Cauldron, updated checked into Mageia 5 SVN.
(In reply to David Walser from comment #0) > > Freeze push requested for Cauldron, updated checked into Mageia 5 SVN. Assigning to you, then ;-)
CC: (none) => marja11Assignee: bugsquad => luigiwalser
Updated packages uploaded for Mageia 5 and Cauldron. Advisory: ======================== Updated graphicsmagick packages fix security vulnerabilities: A possible heap overflow of the EscapeParenthesis() function. The Utah RLE reader did not validate that header information was reasonable given the file size and so it could cause huge memory allocations and/or consume huge amounts of CPU. The TIFF reader had a bug pertaining to use of TIFFGetField() when a 'count' value is returned. The bug caused a heap read overflow (due to using strlcpy() to copy a possibly unterminated string) which could allow an untrusted file to crash the software. References: http://www.openwall.com/lists/oss-security/2016/09/07/4 ======================== Updated packages in core/updates_testing: ======================== graphicsmagick-1.3.25-1.mga5 libgraphicsmagick3-1.3.25-1.mga5 libgraphicsmagick++12-1.3.25-1.mga5 libgraphicsmagickwand2-1.3.25-1.mga5 libgraphicsmagick-devel-1.3.25-1.mga5 perl-Graphics-Magick-1.3.25-1.mga5 graphicsmagick-doc-1.3.25-1.mga5 from graphicsmagick-1.3.25-1.mga5.src.rpm
Assignee: luigiwalser => qa-bugs
MGA5-32 on Acer D620 Xfce No installation issues. Used CLI gm display <some jpeg> gm convert xxxx.jpg xxxx.png all with success
CC: (none) => herman.viaene
Whiteboard: (none) => MGA5-32-OK
URL: (none) => http://lwn.net/Vulnerabilities/700838/
CVEs assigned: http://openwall.com/lists/oss-security/2016/09/18/8 Advisory: ======================== Updated graphicsmagick packages fix security vulnerabilities: A possible heap overflow of the EscapeParenthesis() function (CVE-2016-7447). The Utah RLE reader did not validate that header information was reasonable given the file size and so it could cause huge memory allocations and/or consume huge amounts of CPU (CVE-2016-7448). The TIFF reader had a bug pertaining to use of TIFFGetField() when a 'count' value is returned. The bug caused a heap read overflow (due to using strlcpy() to copy a possibly unterminated string) which could allow an untrusted file to crash the software (CVE-2016-7449). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7447 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7448 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7449 http://openwall.com/lists/oss-security/2016/09/18/8
Summary: graphicsmagick new security issues fixed upstream in 1.3.25 => graphicsmagick new security issues fixed upstream in 1.3.25 (CVE-2016-744[7-9])
Keywords: (none) => validated_updateWhiteboard: MGA5-32-OK => MGA5-32-OK advisoryCC: (none) => davidwhodgins, sysadmin-bugs
An update for this issue has been pushed to the Mageia Updates repository. http://advisories.mageia.org/MGASA-2016-0325.html
Status: NEW => RESOLVEDResolution: (none) => FIXED