From URL: "This release is the product of significant bug and security fixes due to GraphicsMagick participating in Google's oss-fuzz project. This release fixes a number of issues detected by oss-fuzz as well as a number of issues reported via the SourceForge bug tracker, or discovered via testing. While it is possible that there are some regressions due to the bug fixes (please report any discovered), all users with exposure to untrusted inputs are recommended to upgrade to this release as soon as possible." Please bump to 1.3.38.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a644f31d20852a27de664b445243460c73d2c106 commit a644f31d20852a27de664b445243460c73d2c106 Author: Sam James <sam@gentoo.org> AuthorDate: 2022-07-31 12:18:12 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2022-07-31 12:18:12 +0000 media-gfx/graphicsmagick: drop 1.3.37 Bug: https://bugs.gentoo.org/836283 Signed-off-by: Sam James <sam@gentoo.org> media-gfx/graphicsmagick/Manifest | 1 - .../graphicsmagick/graphicsmagick-1.3.37.ebuild | 140 --------------------- 2 files changed, 141 deletions(-)
GLSA request filed
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=fb22bd14741ad3acda080e6d1e9e232492931833 commit fb22bd14741ad3acda080e6d1e9e232492931833 Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2022-09-29 14:22:18 +0000 Commit: John Helmert III <ajak@gentoo.org> CommitDate: 2022-09-29 14:48:00 +0000 [ GLSA 202209-19 ] GraphicsMagick: Multiple Vulnerabilities Bug: https://bugs.gentoo.org/721328 Bug: https://bugs.gentoo.org/836283 Bug: https://bugs.gentoo.org/873367 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: John Helmert III <ajak@gentoo.org> glsa-202209-19.xml | 45 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 45 insertions(+)
GLSA released, all done!
