-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sat, 17 Feb 2024 15:31:24 +0000 Source: imagemagick Architecture: source Version: 8:6.9.11.60+dfsg-1.3+deb11u3 Distribution: bullseye-security Urgency: medium Maintainer: ImageMagick Packaging Team <pkg-gmagick-im-team@lists.alioth.debian.org> Changed-By: Bastien Roucariès <rouca@debian.org> Closes: 1013282 1036999 Changes: imagemagick (8:6.9.11.60+dfsg-1.3+deb11u3) bullseye-security; urgency=medium . * Fix CVE-2021-3610 heap buffer overflow vulnerability in TIFF coder * Fix an heap buffer overflow in TIFF coder * Fix uninitialised value passing in TIFFGetField * Fix stack overflow in TIFF coder * Early exit in case of malformed TIFF file * Fix buffer overrun in TIFF coder * Fix unitialised value in TIFF coder * Fix CVE-2022-1115: Heap based overflow in TIFF coder (Closes: #1013282) * Fix uninitialised value in TIFF coders * Use salsa-ci * Fix CVE-2023-1289: A specially created SVG file loaded itself and causes a segmentation fault. This flaw allows a remote attacker to pass a specially crafted SVG file that leads to a segmentation fault, generating many trash files in "/tmp," resulting in a denial of service. When ImageMagick crashes, it generates a lot of trash files. These trash files can be large if the SVG file contains many render actions. In a denial of service attack, if a remote attacker uploads an SVG file of size t, ImageMagick generates files of size 103*t. If an attacker uploads a 100M SVG, the server will generate about 10G. * Fix CVE-2023-1906: A heap-based buffer overflow issue was discovered in ImageMagick's ImportMultiSpectralQuantum() function in MagickCore/quantum-import.c. An attacker could pass specially crafted file to convert, triggering an out-of-bounds read error, allowing an application to crash, resulting in a denial of service. * Fix CVE-2023-34151: Imagemagick was vulnerable due to an undefined behaviors of casting double to size_t in svg, mvg and other coders. (Closes: #1036999) * Fix CVE-2023-3428: A heap-based buffer overflow vulnerability was found in coders/tiff.c in ImageMagick. This issue may allow a local attacker to trick the user into opening a specially crafted file, resulting in an application crash and denial of service. * Fix CVE-2023-5341: A heap use-after-free flaw was found in coders/bmp.c Checksums-Sha1: be11a2c206a17c86362b39985ab168010e4af271 5131 imagemagick_6.9.11.60+dfsg-1.3+deb11u3.dsc ef515de6277141ee73ec6de5730ed23d71a266d9 263996 imagemagick_6.9.11.60+dfsg-1.3+deb11u3.debian.tar.xz cc9a5e3894f2b99a719f175514e39e64393b202c 30930 imagemagick_6.9.11.60+dfsg-1.3+deb11u3_amd64.buildinfo Checksums-Sha256: c5c87b8bde9f0737ba3751d8dde5b7dede10019038690b03b11e331568cfa02e 5131 imagemagick_6.9.11.60+dfsg-1.3+deb11u3.dsc cb1f7ee1bd082f28b36b4db6a9eb9e5e04d92a5514e0aac14727f2378eb9a2ae 263996 imagemagick_6.9.11.60+dfsg-1.3+deb11u3.debian.tar.xz 630ae106eedb7718cb6faeec92763811296912eaa4b6d16c9470c5a025dc413c 30930 imagemagick_6.9.11.60+dfsg-1.3+deb11u3_amd64.buildinfo Files: 4bd2d05d79f290d0dd0b6f2bc9e3d336 5131 graphics optional imagemagick_6.9.11.60+dfsg-1.3+deb11u3.dsc c39087eecf2c3e1fa259f9d200e6eb65 263996 graphics optional imagemagick_6.9.11.60+dfsg-1.3+deb11u3.debian.tar.xz 3adf9c61d5a8f1a031b2b4628fd2f2ce 30930 graphics optional imagemagick_6.9.11.60+dfsg-1.3+deb11u3_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQJFBAEBCgAvFiEEXQGHuUCiRbrXsPVqADoaLapBCF8FAmXSPVMRHHJvdWNhQGRl Ymlhbi5vcmcACgkQADoaLapBCF8OXw/9H390//Zc2A1LR9XQS3gBIOJYTTx96upi 8tcwRUjH2M5gERkY/f24bfNnvOskVmZGWfkx9qdQPLvZBtoWalUcGzIzBBIRcqQo ZaFTsOX0V3tYd8rE5I+lD6a2aN6h26uMIvNul11rnXIfDn6tXOUX9QqipbnC885U DmcsV5OpY2waeOBxMQmQHAVXcAvVz8Ed+/PF4QzCetWUV/5koKzZQh76y1wQDxoL cgCpu+omDSMIwD15zIJQF4j7Bg1JqgS2yaSr63ekr6ubnI3GBY/VcyVl8+01HacS cj0XoNsmEwMDXy07Xbg0F6/PQnueYwzuIxQqXIH3P0arWR5WnrFFTiBBvtyqh37r zG6K6AEaSxiQcPB4SgNvqrPMxr8yMjGOZnbsK64pkgRxTkZ+C1svQDbDJgE552bX C1It8JI6aPRRk5g5QCRkqeNBv4Pt8IPRhfjB1Saw+NcacSgD5hjjIwP+L7aMCHOn YUWSPJVH6MoYy9z3/FdkUVdpVSoDJUrw0P71nA4petT5UK3lRkTNoFZUEmwpWdjP E1JjILzqCPAgheyKJTeIxsmovcEBaKDz4X2X10QVg1VtKCA+SYODE2rX1cDd+CWy Q156t3xIO10tQ2HTzbL8+WfqYiPzGL7HcQI7il+wuhZwcj3x7WbC3+D4wC4zxC3Z CcdGIX1hf1E= =KILb -----END PGP SIGNATURE-----