Advisories ยป MGASA-2018-0285

Updated imagemagick packages fix security vulnerability

Publication date: 16 Jun 2018
Modification date: 16 Jun 2018
Type: security
Affected Mageia releases : 6
CVE: CVE-2018-9018

Description

Imagemagick has been updated to version 6.9.10.0 to fix several bugs and
possible security issues.

- Fixed numerous use of uninitialized values, integer overflow, memory
  exceeded, and timeouts
- Missing break when checking "compliance" element.
- Fixed errant 'not enough pixel data'
- Fixed memory corruption for MVG paths
- A SVG rectangle with a width and height of 1, is a point
- Properly initialize SVG color style
- Heap buffer overflow fix
                

References

SRPMS

6/core