-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Mon, 12 Feb 2024 20:15:47 +0000 Source: imagemagick Architecture: source Version: 8:6.9.11.60+dfsg-1.6+deb12u1 Distribution: bookworm-security Urgency: high Maintainer: ImageMagick Packaging Team <pkg-gmagick-im-team@lists.alioth.debian.org> Changed-By: Bastien Roucariès <rouca@debian.org> Closes: 1013282 1036999 Changes: imagemagick (8:6.9.11.60+dfsg-1.6+deb12u1) bookworm-security; urgency=high . * Acknowledge NMU * Fix CVE-2021-3610 heap buffer overflow vulnerability in TIFF coder * Fix an heap buffer overflow in TIFF coder * Fix uninitialised value passing in TIFFGetField * Fix stack overflow in TIFF coder * Early exit in case of malformed TIFF file * Fix buffer overrun in TIFF coder * Fix unitialised value in TIFF coder * Fix CVE-2022-1115: Heap based overflow in TIFF coder (Closes: #1013282) * Fix uninitialised value in TIFF coders * Use salsa-ci * Fix CVE-2023-1289: A specially created SVG file loaded itself and causes a segmentation fault. This flaw allows a remote attacker to pass a specially crafted SVG file that leads to a segmentation fault, generating many trash files in "/tmp," resulting in a denial of service. When ImageMagick crashes, it generates a lot of trash files. These trash files can be large if the SVG file contains many render actions. In a denial of service attack, if a remote attacker uploads an SVG file of size t, ImageMagick generates files of size 103*t. If an attacker uploads a 100M SVG, the server will generate about 10G. * Fix CVE-2023-1906: A heap-based buffer overflow issue was discovered in ImageMagick's ImportMultiSpectralQuantum() function in MagickCore/quantum-import.c. An attacker could pass specially crafted file to convert, triggering an out-of-bounds read error, allowing an application to crash, resulting in a denial of service. * Fix CVE-2023-34151: Imagemagick was vulnerable due to an undefined behaviors of casting double to size_t in svg, mvg and other coders. (Closes: #1036999) * Fix CVE-2023-3428: A heap-based buffer overflow vulnerability was found in coders/tiff.c in ImageMagick. This issue may allow a local attacker to trick the user into opening a specially crafted file, resulting in an application crash and denial of service. * Fix CVE-2023-5341: A heap use-after-free flaw was found in coders/bmp.c Checksums-Sha1: 6622115f5257a7e728056152f4b806b50c9a36ba 5131 imagemagick_6.9.11.60+dfsg-1.6+deb12u1.dsc 824a63dce5e54bd8b78077d671d8ab06300a8848 9395144 imagemagick_6.9.11.60+dfsg.orig.tar.xz 099247f6a7601427b123abb75ff2f9895794ae57 264292 imagemagick_6.9.11.60+dfsg-1.6+deb12u1.debian.tar.xz 96e9900a5dcc40ec1b7e34074c2c7ef1b81cd184 30898 imagemagick_6.9.11.60+dfsg-1.6+deb12u1_amd64.buildinfo Checksums-Sha256: 743092dc6ff5e41c150695215d1649557dcd5b7eac2ed4795ce5e7b4009a958f 5131 imagemagick_6.9.11.60+dfsg-1.6+deb12u1.dsc 472fb516df842ee9c819ed80099c188463b9e961303511c36ae24d0eaa8959c4 9395144 imagemagick_6.9.11.60+dfsg.orig.tar.xz 4ffc4f35cdf1a21e175d5e791c096767b4db12e2a00a335df2f7a615aa4d9141 264292 imagemagick_6.9.11.60+dfsg-1.6+deb12u1.debian.tar.xz 9618fd0514f03af02d5e709a2ee7f8a1ec591f0e18b0764a5f5f87fd1e30042c 30898 imagemagick_6.9.11.60+dfsg-1.6+deb12u1_amd64.buildinfo Files: b8185323af6c75536275a8d84f557fb6 5131 graphics optional imagemagick_6.9.11.60+dfsg-1.6+deb12u1.dsc 8b8f7b82bd1299cf30aa3c488c46a3cd 9395144 graphics optional imagemagick_6.9.11.60+dfsg.orig.tar.xz 7fa57d0d30392ec182249a5ac240b0fc 264292 graphics optional imagemagick_6.9.11.60+dfsg-1.6+deb12u1.debian.tar.xz 21b5af2f739093766560be0091c35f27 30898 graphics optional imagemagick_6.9.11.60+dfsg-1.6+deb12u1_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQJFBAEBCgAvFiEEXQGHuUCiRbrXsPVqADoaLapBCF8FAmXPqzQRHHJvdWNhQGRl Ymlhbi5vcmcACgkQADoaLapBCF+eWg/9EnzIP6+okBJab3hMFrU93UDpScGAeT3D etohWACjZzFt2AQDgEomCWXqAAB0+96Px8OdjJjZa8gPEbvts4oXN7gNpPzK/4n/ F1w1RvU5VTkJ5xLtJI3KBVi7Ojc+H7z0kh92onelXEWv2xFlKR2VWfFixSHmLAMt IXCRP+uePzUFSOBBHmnf+v+yEgvWi+WHOPZDU+fZNcwRQg6GRdG3JUFakC+k0bd5 JUkSNMr1FQW8tVrGCMBQ/aOuvStT174rAgSqLh8CkoPOb6Ab/uD6is735C71bFfT hNPnW6mGfXrdiJwf+FAoQhzi/EBy31XTvxKd6asb3OA8dfOGrM7usf15mHIR8Qd9 VXdQ+OhKFRVi8XHXcTGogTQtwcA8Y1qwUe9OzHHMMCaCYq8hvArd1RjdXAmFetjU eF6QVvFX3hmKpzC3+NoOy3QUbJMnF8ByTfyGasZgB+cktsi/+ynpePG57itE+FEM NSjT59be0Vyg6H1hvkQ3LUbTwWRkdp5qauAaTh6kDIJkuXTTDJlmn22P0pE8U7f3 pqNwQWv7mhQ/9FwuQWSLzgGk528gMIqbhhJR2uh+LywbyR9+z7jQ4zJSd6G03y2F ABM4EVVYCOfx6T5WhirOCJfkvq5WSLwEbGLk0v/uRDmcJ1FcjAWnh5GmuiyG0P7u r/QKX5YC4Os= =ba+U -----END PGP SIGNATURE-----