| Errata ID | 455 |
|---|---|
| Date | 2018-08-15 |
| Source package | imagemagick |
| Fixed in version | 8:6.8.9.9-5+deb8u13 |
| Description | This update addresses the following issues: * Out-of-bounds heap read in mng_get_long function (CVE-2017-10995) * Heap-buffer over-read in the WriteUILImage() function (CVE-2017-11533) * Heap-based buffer over-read in the WritePSImage() function (CVE-2017-11535) * heap-based buffer over-read in the WriteCIPImage() function in coders/cip.c (CVE-2017-11639) * Initialized data use in ReadMATImage function in coders/mat.c (CVE-2017-13143) * Heap-based buffer overflow in Magick_png_read_raw_profile (CVE-2017-17504) * Heap-based buffer over-read in ReadOneMNGImage function in coders/png.c (CVE-2017-17879) * Heap-based buffer over-read in the ReadSIXELImage function in coders/sixel.c (CVE-2018-5248) * heap-based buffer over-read in ReadSUNImage in coders/sun.c (CVE-2018-11251) * out of bounds write in ReadBMPImage and WriteBMPImage in coders/bmp.c (CVE-2018-12599) * out of bounds write ReadDIBImage and WriteDIBImage in coders/dib.c (CVE-2018-12600) |
| Additional notes | |
| CVE ID | CVE-2017-10995 CVE-2017-11533 CVE-2017-11535 CVE-2017-11639 CVE-2017-13143 CVE-2017-17504 CVE-2017-17879 CVE-2018-5248 CVE-2018-11251 CVE-2018-12599 CVE-2018-12600 |
| UCS Bug number | #47537 |
