oss-sec mailing list archives
CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)
From: Salvatore Bonaccorso <carnil () debian org>
Date: Sun, 7 Aug 2016 17:12:15 +0200
Hi Bastien Roucaries (who is as well one of the Debian maintainers for imagemagick), reported recently bugs (of which part are split up from the original https://bugs.debian.org/823750) into single ones for trackability. I tried to keep the format, in first referenging the bug in the Debian bugtracker, and then giving additional references which were provided by Bastien in the corresponding bug. Could you assing CVEs for those item, to identify the issues across distributions as well? off-by-one error leading to segfault: Debian Bug: https://bugs.debian.org/832455 Additional references: ---------------------- https://github.com/ImageMagick/ImageMagick/commit/a54fe0e8600eaf3dc6fe717d3c0398001507f723 out-of-bounds read in coders/psd.c: Debian Bug: https://bugs.debian.org/832457 Additional references: ---------------------- https://bugs.launchpad.net/bugs/1533442 https://github.com/ImageMagick/ImageMagick/issues/83 https://github.com/ImageMagick/ImageMagick/commit/198fffab4daf8aea88badd9c629350e5b26ec32f https://github.com/ImageMagick/ImageMagick/commit/6f1879d498bcc5cce12fe0c5decb8dbc0f608e5d https://github.com/ImageMagick/ImageMagick/commit/e14fd0a2801f73bdc123baf4fbab97dec55919eb https://github.com/ImageMagick/ImageMagick/commit/280215b9936d145dd5ee91403738ccce1333cab1 rle file handling for corrupted file: Debian Bug: https://bugs.debian.org/832461 Additional references: ---------------------- https://bugs.launchpad.net/bugs/1533445 https://github.com/ImageMagick/ImageMagick/issues/82 https://github.com/ImageMagick/ImageMagick/commit/2ad6d33493750a28a5a655d319a8e0b16c392de1 buffer overflow in sun file handling: Debian Bug: https://bugs.debian.org/832464 Additional references: ---------------------- http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26838 https://github.com/ImageMagick/ImageMagick/commit/78f82d9d1c2944725a279acd573a22168dc6e22a https://github.com/ImageMagick/ImageMagick/commit/bd96074b254c6607a0f7731e59f923ad19d5a46d https://github.com/ImageMagick/ImageMagick/commit/450bd716ed3b9186dd10f9e60f630a3d9eeea2a4 potential DOS in sun file handling due to malformed files: Debian Bug: https://bugs.debian.org/832465 Additional references: ---------------------- http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26857 https://github.com/ImageMagick/ImageMagick/commit/b8f17d08b7418204bf8a05a5c24e87b2fc395b75 https://github.com/ImageMagick/ImageMagick/commit/1aa0c6dab6dcef4d9bc3571866ae1c1ddbec7d8f https://github.com/ImageMagick/ImageMagick/commit/6b4aff0f117b978502ee5bcd6e753c17aec5a961 https://github.com/ImageMagick/ImageMagick/commit/8ea44b48a182dd46d018f4b4f09a5e2ee9638105 out of bunds problem in rle, pict, viff and sun files: Debian Bug: https://bugs.debian.org/832467 Additional references: ---------------------- https://bugs.launchpad.net/bugs/1533452 https://github.com/ImageMagick/ImageMagick/issues/77 https://bugs.launchpad.net/bugs/1533449 https://github.com/ImageMagick/ImageMagick/issues/80 https://bugs.launchpad.net/bugs/1533447 https://github.com/ImageMagick/ImageMagick/issues/81 https://bugs.launchpad.net/bugs/1533445 https://github.com/ImageMagick/ImageMagick/issues/82 heap overflow in hdr file handling: Debian Bug: https://bugs.debian.org/832469 Additional references: ---------------------- https://bugs.launchpad.net/bugs/1537213 https://github.com/ImageMagick/ImageMagick/issues/90 https://github.com/ImageMagick/ImageMagick/commit/14e606db148d6ebcaae20f1e1d6d71903ca4a556 heap buffer overflow in psd file handling: Debian Bug: https://bugs.debian.org/832474 Additional references: ---------------------- https://bugs.launchpad.net/bugs/1537418 https://github.com/ImageMagick/ImageMagick/issues/92 https://github.com/ImageMagick/ImageMagick/commit/30eec879c8b446b0ea9a3bb0da1a441cc8482bc4 out of bound access for malformed psd file: Debian Bug: https://bugs.debian.org/832475 Additional references: ---------------------- https://bugs.launchpad.net/bugs/1537419 https://github.com/ImageMagick/ImageMagick/issues/93 https://github.com/ImageMagick/ImageMagick/commit/4b1b9c0522628887195bad3a6723f7000b0c9a58 meta file out of bound access: Debian Bug: https://bugs.debian.org/832478 Additional references: ---------------------- https://bugs.launchpad.net/bugs/1537420 https://github.com/ImageMagick/ImageMagick/issues/96 https://github.com/ImageMagick/ImageMagick/commit/f8c318d462270b03e77f082e2a3a32867cacd3c6 https://github.com/ImageMagick/ImageMagick/commit/5a34d7ac889bd6645f6cfd164636e3efb56dbb2f heap buffer overflow in psd file coder: Debian Bug: https://bugs.debian.org/832480 Additional references: ---------------------- https://bugs.launchpad.net/bugs/1537424 https://github.com/ImageMagick/ImageMagick/issues/98 https://github.com/ImageMagick/ImageMagick/commit/5f16640725b1225e6337c62526e6577f0f88edb8 out of bound access in wpg file coder: Debian Bug: https://bugs.debian.org/832482 Additional references: ---------------------- https://bugs.launchpad.net/bugs/1539050 https://bugs.launchpad.net/bugs/1542115 https://github.com/ImageMagick/ImageMagick/issues/102 https://github.com/ImageMagick/ImageMagick/issues/122 https://github.com/ImageMagick/ImageMagick/commit/b6ae2f9e0ab13343c0281732d479757a8e8979c7 https://github.com/ImageMagick/ImageMagick/commit/d9b2209a69ee90d8df81fb124eb66f593eb9f599 https://github.com/ImageMagick/ImageMagick/commit/a251039393f423c7858e63cab6aa98d17b8b7a41 out of bound access for viff file coder: Debian Bug: https://bugs.debian.org/832483 Additional references: ---------------------- https://bugs.launchpad.net/bugs/1537425 https://github.com/ImageMagick/ImageMagick/issues/99 https://github.com/ImageMagick/ImageMagick/commit/ca0c886abd6d3ef335eb74150cd23b89ebd17135 out of bound access in xcf file coder: Debian Bug: https://bugs.debian.org/832504 Additional references: ---------------------- https://bugs.launchpad.net/bugs/1539051 https://bugs.launchpad.net/bugs/1539052 https://github.com/ImageMagick/ImageMagick/issues/104 https://github.com/ImageMagick/ImageMagick/issues/103 https://github.com/ImageMagick/ImageMagick/commit/a2e1064f288a353bc5fef7f79ccb7683759e775c out of bound in quantum handling: Debian Bug: https://bugs.debian.org/832506 Additional references: ---------------------- https://bugs.launchpad.net/bugs/1539067 https://bugs.launchpad.net/bugs/1539053 https://github.com/ImageMagick/ImageMagick/issues/105 https://github.com/ImageMagick/ImageMagick/commit/63346f34f9d19179599b5b256e5e8d3dda46435c https://github.com/ImageMagick/ImageMagick/commit/c4e63ad30bc42da691f2b5f82a24516dd6b4dc70 https://github.com/ImageMagick/ImageMagick/issues/110 https://github.com/ImageMagick/ImageMagick/commit/b5ed738f8060266bf4ae521f7e3ed145aa4498a3 pbd file out of bound access: Debian Bug: https://bugs.debian.org/832633 Additional references: ---------------------- https://bugs.launchpad.net/bugs/1539061 https://bugs.launchpad.net/bugs/1542112 https://github.com/ImageMagick/ImageMagick/issues/107 Fix handling of corrupted psd file: Debian Bug: https://bugs.debian.org/832776 Additional references: ---------------------- https://bugs.launchpad.net/bugs/1539066 https://github.com/ImageMagick/ImageMagick/issues/109 wpg file out of bound for corrupted file: Debian Bug: https://bugs.debian.org/832780 Additional references: ---------------------- https://bugs.launchpad.net/bugs/1542114 https://github.com/ImageMagick/ImageMagick/issues/120 https://github.com/ImageMagick/ImageMagick/commit/bef1e4f637d8f665bc133a9c6d30df08d983bc3a out of bound access in generic decoder: Debian Bug: https://bugs.debian.org/832785 Additional references: ---------------------- https://bugs.launchpad.net/bugs/1542785 https://github.com/ImageMagick/ImageMagick/issues/126 https://github.com/ImageMagick/ImageMagick/commit/430403b0029b37decf216d57f810899cab2317dd out of bound access for corrupted psd file: Debian Bug: https://bugs.debian.org/832787 Additional references: ---------------------- https://bugs.launchpad.net/bugs/1545180 https://github.com/ImageMagick/ImageMagick/issues/128 SEGV reported in corrupted profile handling: Debian Bug: https://bugs.debian.org/832789 Additional references: ---------------------- https://bugs.launchpad.net/bugs/1545367 https://github.com/ImageMagick/ImageMagick/issues/130 https://github.com/ImageMagick/ImageMagick/commit/478cce544fdf1de882d78381768458f397964453 out of bound access for corrupted pdb file: Debian Bug: https://bugs.debian.org/832791 Additional references: ---------------------- https://bugs.launchpad.net/bugs/1553366 https://github.com/ImageMagick/ImageMagick/issues/143 https://github.com/ImageMagick/ImageMagick/commit/424d40ebfcde48bb872eba75179d3d73704fdf1f SIGABRT for corrupted pdb file: Debian Bug: https://bugs.debian.org/832793 Additional references: ---------------------- https://bugs.launchpad.net/bugs/1556273 https://github.com/ImageMagick/ImageMagick/issues/148 https://github.com/ImageMagick/ImageMagick/commit/53c1dcd34bed85181b901bfce1a2322f85a59472 DOS due to corrupted DDS files: Debian Bug: https://bugs.debian.org/832944 Additional references: ---------------------- http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26861 https://github.com/ImageMagick/ImageMagick/commit/93ab016764c7f787829d9065440d86f5609765110 https://github.com/ImageMagick/ImageMagick/commit/9b428b7af688fe319320aed15f2b94281d1e37b4 DOS due to corrupted DDS files: Debian Bug: https://bugs.debian.org/832942 Additional references: ---------------------- https://github.com/ImageMagick/ImageMagick/commit/21eae25a8db5fdcd112dbcfcd9e5c37e32d32e2f https://github.com/ImageMagick/ImageMagick/commit/d7325bac173492b358417a0ad49fabad44447d52 https://github.com/ImageMagick/ImageMagick/commit/504ada82b6fa38a30c846c1c29116af7290decb2 potential DOS by not releasing memory: Debian Bug: https://bugs.debian.org/833101 Additional references: ---------------------- Fixed by: https://github.com/ImageMagick/ImageMagick/commit/4e81ce8b07219c69a9aeccb0f7f7b927ca6db74c http://www.imagemagick.org/discourse-server/viewtopic.php?f=2&t=28946 writing to rgf format aborts: Debian Bug: https://bugs.debian.org/827643 Additional references: ---------------------- https://bugs.launchpad.net/bugs/1594060 https://github.com/ImageMagick/ImageMagick/pull/223 Regards, Salvatore
Current thread:
- CVE Requests: Various ImageMagick issues (as reported in the Debian BTS) Salvatore Bonaccorso (Aug 07)
- Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS) cve-assign (Sep 21)