Advisories ยป MGASA-2019-0033

Updated graphicsmagick packages fix security vulnerabilities

Publication date: 11 Jan 2019
Type: security
Affected Mageia releases : 6
CVE: CVE-2018-20184 , CVE-2018-20185 , CVE-2018-20189

Description

It was discovered that graphicsmagick was subject to vulnerabilites.
* heap-based buffer overflow in the WriteTGAImage function of tga.c
(CVE-2018-20184).
* denial of service vulnerability in ReadDIBImage function of
coders/dib.c (CVE-2018-20189).
* heap-based buffer over-read in the ReadBMPImage function of bmp.c
(CVE-2018-20185).
                

References

SRPMS

6/core