[oss-security] 20160728 CVE-Request Buffer overflow ImageMagick

[oss-security] 20160728 Re: CVE-Request Buffer overflow ImageMagick

http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html

92186

1036501

https://github.com/ImageMagick/ImageMagick/blob/6.9.5-4/ChangeLog

https://github.com/ImageMagick/ImageMagick/commit/dd84447b63a71fa8c3f47071b09454efc667767b

GLSA-201611-21

Many security fixes, bug fixes, and other changes from the previous version 6.9.3.0. See the [6.9 branch ChangeLog](https://github.com/ImageMagick/ImageMagick/blob/3fd358e2ac3 4977fda38a2cf4d88a1cb4dd2d7c7/ChangeLog).

Dependent packages are mostly straight rebuilds, a couple also include bugfix version updates.

----

rhbz#1490649 - emacs-25.3 is available

rhbz#1490410 - unsafe enriched mode translations (security)

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.
Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Many security fixes, bug fixes, and other changes from the previous version 6.9.3.0. See the [6.9 branch ChangeLog](https://github.com/ImageMagick/ImageMagick/blob/3fd358e2ac3 4977fda38a2cf4d88a1cb4dd2d7c7/ChangeLog).

Dependent packages are mostly straight rebuilds, a couple also include bugfix version updates.

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.
Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

The remote host is affected by the vulnerability described in GLSA-201611-21 (ImageMagick: Multiple vulnerabilities)

    Multiple vulnerabilities have been discovered in ImageMagick.  Please       review the CVE identifiers referenced below for details.
  Impact :

    A remote attacker could possibly execute arbitrary code with the       privileges of the process or cause a Denial of Service condition.
  Workaround :

    There is no known workaround at this time.

It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or possibly execute code with the privileges of the user invoking the program.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

This update for ImageMagick fixes the following issues :

  - security update :

  - CVE-2016-6520: buffer overflow [bsc#991872]

  - CVE-2016-5010: Out-of-bounds read in CopyMagickMemory     [bsc#991444]

  - CVE-2016-6491: Out-of-bounds read when processing     crafted tiff files [bsc#991445]

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

This update for ImageMagick fixes the following issues :

  - security update :

  - CVE-2016-6520: buffer overflow [bsc#991872]

  - CVE-2016-6491: Out-of-bounds read in CopyMagickMemory     [bsc#991445]

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

This updates fixes many vulnerabilities in imagemagick: Various memory handling problems and cases of missing or incomplete input sanitising may result in denial of service or the execution of arbitrary code if malformed TIFF, WPG, RLE, RAW, PSD, Sun, PICT, VIFF, HDR, Meta, Quantum, PDB, DDS, DCM, EXIF, RGF or BMP files are processed.

This update for ImageMagick fixes the following issues :

  - security update :

  - CVE-2016-6520: buffer overflow [bsc#991872]

  - CVE-2016-5010: Out-of-bounds read in CopyMagickMemory     [bsc#991444]

  - CVE-2016-6491: Out-of-bounds read when processing     crafted tiff files [bsc#991445]

This update was imported from the SUSE:SLE-12:Update update project.

This update for ImageMagick fixes the following issues :

  - security update :

  - CVE-2016-6520: buffer overflow [bsc#991872]

  - CVE-2016-5010: Out-of-bounds read in CopyMagickMemory     [bsc#991444]

  - CVE-2016-6491: Out-of-bounds read when processing     crafted tiff files [bsc#991445]

ID	Name	Product	Family	Severity
135519	EulerOS 2.0 SP3 : ImageMagick (EulerOS-SA-2020-1390)	Nessus	Huawei Local Security Checks	high
131846	EulerOS 2.0 SP2 : ImageMagick (EulerOS-SA-2019-2354)	Nessus	Huawei Local Security Checks	high
103333	Fedora 25 : 1:emacs / ImageMagick / WindowMaker / autotrace / converseen / etc (2017-3a568adb31)	Nessus	Fedora Local Security Checks	high
103314	Fedora 26 : 1:emacs / ImageMagick / WindowMaker / autotrace / converseen / etc (2017-8f27031c8f)	Nessus	Fedora Local Security Checks	high
95420	GLSA-201611-21 : ImageMagick: Multiple vulnerabilities (ImageTragick)	Nessus	Gentoo Local Security Checks	critical
95053	Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS / 16.10 : imagemagick vulnerabilities (USN-3131-1)	Nessus	Ubuntu Local Security Checks	high
93291	SUSE SLED12 / SLES12 Security Update : ImageMagick (SUSE-SU-2016:2076-1)	Nessus	SuSE Local Security Checks	medium
93290	SUSE SLES11 Security Update : ImageMagick (SUSE-SU-2016:2075-1)	Nessus	SuSE Local Security Checks	medium
93115	Debian DSA-3652-1 : imagemagick - security update	Nessus	Debian Local Security Checks	high
93105	openSUSE Security Update : ImageMagick (openSUSE-2016-1016)	Nessus	SuSE Local Security Checks	medium
92980	openSUSE Security Update : ImageMagick (openSUSE-2016-983)	Nessus	SuSE Local Security Checks	medium

CVE-2016-6491

Description

References

Details

Risk Information

CVSS v2.0

CVSS v3.0

Vulnerable Software

Configuration 1

Configuration 2

Tenable Plugins