Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 890851 - <media-gfx/graphicsmagick-1.3.40: Multiple vulnerabilities
Summary: <media-gfx/graphicsmagick-1.3.40: Multiple vulnerabilities
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
URL:
Whiteboard: B2 [glsa+]
Keywords:
Depends on: 894484
Blocks:
  Show dependency tree
 
Reported: 2023-01-14 23:14 UTC by Sam James
Modified: 2024-07-05 08:26 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Sam James archtester Gentoo Infrastructure gentoo-dev Security 2023-01-14 23:14:59 UTC
As usual, assortment of oss-fuzz fixes (no specific citations given), but also:
```
 42 +Security Fixes:
 43 +
 44 +* DCX: Fixed heap overflow when writing more than 1023 scenes, and
 45 +  also eliminated use of uninitialized memory.
 46 +
```
Comment 1 Larry the Git Cow gentoo-dev 2023-01-14 23:22:26 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=347517dffa9f98c921535211bbe57aaa96c7d7d3

commit 347517dffa9f98c921535211bbe57aaa96c7d7d3
Author:     Sam James <sam@gentoo.org>
AuthorDate: 2023-01-14 23:13:57 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2023-01-14 23:15:07 +0000

    media-gfx/graphicsmagick: add 1.3.40
    
    Bug: https://bugs.gentoo.org/890851
    Signed-off-by: Sam James <sam@gentoo.org>

 media-gfx/graphicsmagick/Manifest                  |   2 +
 .../graphicsmagick/graphicsmagick-1.3.40.ebuild    | 160 +++++++++++++++++++++
 2 files changed, 162 insertions(+)
Comment 2 Larry the Git Cow gentoo-dev 2023-03-09 06:41:34 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a80a21a605475095d050ea14833d354338fc9e86

commit a80a21a605475095d050ea14833d354338fc9e86
Author:     Sam James <sam@gentoo.org>
AuthorDate: 2023-03-09 06:41:18 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2023-03-09 06:41:18 +0000

    media-gfx/graphicsmagick: drop 1.3.38-r5, 1.3.39
    
    Bug: https://bugs.gentoo.org/888545
    Bug: https://bugs.gentoo.org/890851
    Signed-off-by: Sam James <sam@gentoo.org>

 media-gfx/graphicsmagick/Manifest                  |   4 -
 .../graphicsmagick-1.3.38-configure-bashism.patch  |  34 -----
 .../graphicsmagick/graphicsmagick-1.3.38-r5.ebuild | 161 ---------------------
 .../graphicsmagick/graphicsmagick-1.3.39.ebuild    | 160 --------------------
 4 files changed, 359 deletions(-)
Comment 3 Larry the Git Cow gentoo-dev 2024-07-05 08:24:36 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/data/glsa.git/commit/?id=f9109763ff7ea477d040422ceaa7f39f20a26058

commit f9109763ff7ea477d040422ceaa7f39f20a26058
Author:     GLSAMaker <glsamaker@gentoo.org>
AuthorDate: 2024-07-05 08:23:55 +0000
Commit:     Hans de Graaff <graaff@gentoo.org>
CommitDate: 2024-07-05 08:24:31 +0000

    [ GLSA 202407-15 ] GraphicsMagick: Multiple Vulnerabilities
    
    Bug: https://bugs.gentoo.org/888545
    Bug: https://bugs.gentoo.org/890851
    Signed-off-by: GLSAMaker <glsamaker@gentoo.org>
    Signed-off-by: Hans de Graaff <graaff@gentoo.org>

 glsa-202407-15.xml | 42 ++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 42 insertions(+)