openSUSE Security Update : GraphicsMagick (openSUSE-2018-213)
High Nessus Plugin ID 107047
SynopsisThe remote openSUSE host is missing a security update.
DescriptionThis update for GraphicsMagick fixes the following issues :
Security issues fixed :
- CVE-2017-11533: An infoleak by 1 byte due to heap-based buffer over-read in the WriteUILImage() in coders/uil.c was fixed (boo#1050132)
- CVE-2017-17682: A large loop vulnerability was found in the function ExtractPostscript in coders/wpg.c, which allowed attackers to cause a denial of service (CPU exhaustion) (boo#1072898)
- CVE-2017-17500: A heap-based buffer overread in the ImportRGBQuantumType was fixed that could lead to information leak or a crash (boo#1077737)
SolutionUpdate the affected GraphicsMagick packages.