CVE-2022-32545 (https://bugzilla.redhat.com/show_bug.cgi?id=2091811): https://github.com/ImageMagick/ImageMagick/commit/9c9a84cec4ab28ee0b57c2b9266d6fbe68183512 https://github.com/ImageMagick/ImageMagick6/commit/450949ed017f009b399c937cf362f0058eacc5fa A vulnerability was found in ImageMagick, causing an outside the range of representable values of type 'unsigned char' at coders/psd.c, when crafted or untrusted input is processed. This leads to a negative impact to application availability or other problems related to undefined behavior. CVE-2022-32546 (https://github.com/ImageMagick/ImageMagick/commit/f221ea0fa3171f0f4fdf74ac9d81b203b9534c23): https://bugzilla.redhat.com/show_bug.cgi?id=2091812 https://github.com/ImageMagick/ImageMagick6/commit/29c8abce0da56b536542f76a9ddfebdaab5b2943 A vulnerability was found in ImageMagick, causing an outside the range of representable values of type 'unsigned long' at coders/pcl.c, when crafted or untrusted input is processed. This leads to a negative impact to application availability or other problems related to undefined behavior. CVE-2022-32547 (https://bugzilla.redhat.com/show_bug.cgi?id=2091813): https://github.com/ImageMagick/ImageMagick6/commit/dc070da861a015d3c97488fdcca6063b44d47a7b https://github.com/ImageMagick/ImageMagick/commit/eac8ce4d873f28bb6a46aa3a662fb196b49b95d0 In ImageMagick, there is load of misaligned address for type 'double', which requires 8 byte alignment and for type 'float', which requires 4 byte alignment at MagickCore/property.c. Whenever crafted or untrusted input is processed by ImageMagick, this causes a negative impact to application availability or other problems related to undefined behavior. These seem to be fixed by 6.9.12-45 and 7.1.0-30, so please bump.
CVE-2022-2719 (https://bugzilla.redhat.com/show_bug.cgi?id=2116537): In ImageMagick, a crafted file could trigger an assertion failure when a call to WriteImages was made in MagickWand/operation.c, due to a NULL image list. This could potentially cause a denial of service. This was fixed in upstream ImageMagick version 7.1.0-30. Patch: https://github.com/ImageMagick/ImageMagick/commit/716496e6df0add89e9679d6da9c0afca814cfe49 It's unclear to me whether 6.9 is affected.
CVE-2021-20224: An integer overflow issue was discovered in ImageMagick's ExportIndexQuantum() function in MagickCore/quantum-export.c. Function calls to GetPixelIndex() could result in values outside the range of representable for the 'unsigned char'. When ImageMagick processes a crafted pdf file, this could lead to an undefined behaviour or a crash. 7.x patch: https://github.com/ImageMagick/ImageMagick/commit/5af1dffa4b6ab984b5f13d1e91c95760d75f12a6 6.x patch: https://github.com/ImageMagick/ImageMagick6/commit/553054c1cb1e4e05ec86237afef76a32cd7c464d In >7.0.10.57 and >6.9.11.57
CVE-2022-0284: A heap-based-buffer-over-read flaw was found in ImageMagick's GetPixelAlpha() function of 'pixel-accessor.h'. This vulnerability is triggered when an attacker passes a specially crafted Tagged Image File Format (TIFF) image to convert it into a PICON file format. This issue can potentially lead to a denial of service and information disclosure. Issue: https://github.com/ImageMagick/ImageMagick/issues/4729 Patch: https://github.com/ImageMagick/ImageMagick/commit/e50f19fd73c792ebe912df8ab83aa51a243a3da7 Not sure if v6 is affected? CVE-2022-1115: A heap-buffer-overflow flaw was found in ImageMagick’s PushShortPixel() function of quantum-private.h file. This vulnerability is triggered when an attacker passes a specially crafted TIFF image file to ImageMagick for conversion, potentially leading to a denial of service. Issue: https://github.com/ImageMagick/ImageMagick/issues/4974 Patches: https://github.com/ImageMagick/ImageMagick6/commit/1f860f52bd8d58737ad883072203391096b30b51 https://github.com/ImageMagick/ImageMagick/commit/c8718305f120293d8bf13724f12eed885d830b09
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=acd4cfe8e97a26fa5534a5468bfbdc4da4593362 commit acd4cfe8e97a26fa5534a5468bfbdc4da4593362 Author: Sam James <sam@gentoo.org> AuthorDate: 2022-08-31 02:51:32 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2022-08-31 02:51:32 +0000 media-gfx/imagemagick: drop 6.9.12.28, 6.9.12.58, 7.1.0.13, 7.1.0.43 Bug: https://bugs.gentoo.org/852947 Bug: https://bugs.gentoo.org/843833 Signed-off-by: Sam James <sam@gentoo.org> media-gfx/imagemagick/Manifest | 4 - media-gfx/imagemagick/imagemagick-6.9.12.28.ebuild | 267 -------------------- media-gfx/imagemagick/imagemagick-6.9.12.58.ebuild | 269 -------------------- media-gfx/imagemagick/imagemagick-7.1.0.13.ebuild | 274 -------------------- media-gfx/imagemagick/imagemagick-7.1.0.43.ebuild | 278 --------------------- 5 files changed, 1092 deletions(-)
Nothing to do for me/us here anymore
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=4a7120d937eaaec2a14046c3d00320bd902c32bf commit 4a7120d937eaaec2a14046c3d00320bd902c32bf Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2024-05-04 06:13:29 +0000 Commit: Hans de Graaff <graaff@gentoo.org> CommitDate: 2024-05-04 06:14:05 +0000 [ GLSA 202405-02 ] ImageMagick: Multiple Vulnerabilities Bug: https://bugs.gentoo.org/835931 Bug: https://bugs.gentoo.org/843833 Bug: https://bugs.gentoo.org/852947 Bug: https://bugs.gentoo.org/871954 Bug: https://bugs.gentoo.org/893526 Bug: https://bugs.gentoo.org/904357 Bug: https://bugs.gentoo.org/908082 Bug: https://bugs.gentoo.org/917594 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: Hans de Graaff <graaff@gentoo.org> glsa-202405-02.xml | 74 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 74 insertions(+)
