Advisories ยป MGASA-2020-0102

Updated graphicsmagick packages fix security vulnerabilities

Publication date: 26 Feb 2020
Type: security
Affected Mageia releases : 7
CVE: CVE-2019-19950 , CVE-2019-19951 , CVE-2019-19953

Description

Updated graphicsmagick packages fix security vulnerabilities:

Fixed a use-after-free in ThrowException and ThrowLoggedException of
magick/error.c (CVE-2019-19950).

Fixed a heap-based buffer overflow in ImportRLEPixels() (CVE-2019-19951).

Fixed a heap-based buffer overflow in EncodeImage() (CVE-2019-19953).
                

References

SRPMS

7/core