Changes between Initial Version and Version 3 of Ticket #7911


Ignore:
Timestamp:
06/04/2016 10:47:31 PM (9 years ago)
Author:
Douglas R. Reno
Comment:

Legend:

Unmodified
Added
Removed
Modified

  • Ticket #7911

    • Property Owner changed from blfs-book@… to Douglas R. Reno
    • Property Status newassigned

  • TabularUnified Ticket #7911 – Description

    initial v3  
    11Major security fixes.
     2
     3Security Issues:
     4
     5{{{
     6CVE-2015-8894 (tgs processing issue: Double free in coders/tga.c)
     7CVE-2015-8895
     8CVE-2015-8896 (integer truncation issue)
     9CVE-2016-5239 (ImageMagick, GraphicsMagick: Gnuplot delegate vulnerability allowing command injection).
     10CVE-2015-8897 (Out of bounds error in SpliceImage.)
     11CVE-2015-8898 (Prevent null pointer access in magick/constitute.c)
     12CVE-2014-9804 (Avoid a DoS in vision.c due to an infinite loop.)
     13CVE-2014-9805 (Avoid a SEGV due to a corrupted pnm file.)
     14CVE-2014-9806 (Do not leak fd due to corrupted file.)
     15CVE-2014-9807 (Fix a double free in pdb coder.)
     16CVE-2014-9808 (Fix a SEGV due to corrupted dpc images.)
     17CVE-2014-9809 (Fix a SEGV due to a corrupted xwd image.)
     18CVE-2014-9810 (Fix a SEGV in dpx file handler.)
     19CVE-2014-9811 (Fix a SEGV in malformed xwd file handler.)
     20CVE-2014-9812 (Avoid a NULL pointer dereference in ps file handling.)
     21CVE-2014-9813 (Fix a crash with corrupted viff file.)
     22CVE-2014-9814 (Fix a NULL pointer dererference in wpg file handling.)
     23CVE-2014-9815 (Do not continue on corrupted wpg file.)
     24CVE-2014-9816 (Avoid an out-of-bounds access in viff image.)
     25CVE-2014-9817 (Avoid a heap buffer overflow in pdb file handling.)
     26CVE-2014-9818 (Avoid an out of bounds access on malformed sun file.)
     27CVE-2014-9819 (Avoid heap overflow in palm files.)
     28CVE-2014-9820 (Avoid heap overflow in pnm files.)
     29CVE-2014-9821 (Avoid heap overflow in xpm files.)
     30CVE-2014-9822 (Fix heap overflow in quantum files.)
     31CVE-2014-9823 (Fix heap overflow in palm files.)
     32CVE-2014-9824 (Fix heap overflow in psd files.)
     33CVE-2014-9825 (Fix handling of corrupted psd file.)
     34CVE-2014-9826 (Fix handling of corrupted sun file.)
     35CVE-2014-9827 (Fix handling of corrupted xpm file.)
     36CVE-2014-9828 (Fix handling of corrupted (too many colors) psd file.)
     37CVE-2014-9829 (FIx out-of-bounds access in sun file.)
     38CVE-2014-9830 (Fix handling of corrupted sun file.)
     39CVE-2014-9831 (Fix handling of corrupted wpg file.)
     40CVE-2014-9832 (Fix heap overflow in pcx file.)
     41CVE-2014-9833 (Fix heap overflow in psd file.)
     42CVE-2014-9834 (Fix heap overflow in pict file.)
     43CVE-2014-9835 (Fix heap overflow in wpf file.)
     44CVE-2014-9836 (Fix heap overflow in xpm file.)
     45CVE-2014-9837 (Add additional PNM sanity checks.)
     46CVE-2014-9838 (Avoid a crash to out of memory in magick/cache.c)
     47CVE-2014-9839 (Fix a theoretical out-of-bounds access in magick/colormap-private.h)
     48CVE-2014-9840 (Fix an out-of-bounds access in palm file.)
     49CVE-2014-9841 (Fixed throwing of exceptions in psd handling.)
     50CVE-2014-9842 (Memory leak.)
     51CVE-2014-9843 (Fixed boundary checks in DecodePSDPixels.)
     52CVE-2014-9844 (Fixed another out-of-bound problem in rle file.)
     53CVE-2014-9845 (Fix crash due to corrupted dib file.)
     54CVE-2014-9846 (Added checks to prevent overflow in rle file.)
     55CVE-2014-9847 (Don't try to handle a "previous" image in the JNG decoder.)
     56CVE-2014-9848 (Avoid a memory leak in quantum management.)
     57CVE-2014-9849 (Avoid a crash in png coder.)
     58CVE-2014-9850
     59CVE-2014-9851 (In psd file handling fixed parsing resource block and avoid a crash.)
     60CVE-2014-9852 (In cache fix usage of object after it has been destroyed.)
     61CVE-2014-9853 (Avoid a memory leak in rle file handling.)
     62CVE-2014-9854
     63}}}