Changelog
imagemagick (8:6.9.7.4+dfsg-14) unstable; urgency=high
* Security bugs:
+ assertion failed in DestroyImageInfo
A assertion failed in DestroyImageInfo, leading to DOS
(Closes: 870014)
+ CVE-2017-11523: endless loop in ReadTXTImage
If text image file only contains "MagickID..." line,
it will cause ReadTXTImage to infinite loop.
(Closes: #869210).
+ Memory leak in mat coder
Fix a memory leak in mat coder triggered by a special crafted file
(Closes: #870013).
+ Use of uninitialized data in ImageMagick/coders/mat.c
The coder accesses uninitialized data
which might pose a security issue or at least a bug. The first
undefined access happens within coders/mat.c:1196 in a call to
calcMinMax(). The back part of the buffer bImgBuff is now large enough
but does seemingly not contain any sensible data.
(Closes: #870012)
+ CVE-2017-11644
A special crafted file create a memory leak in MAT file coder.
The code need to free two buffer in some exceptionnal
circonstances, instead than just one is freed
(Closes: #870016)
+ Memory leak in mat coder
A special crafted file create a memory leak in MAT coder
(Closes: #870015)
+ Memory leak in mat coder
In case of corrupted file, cloned image (temporarly image) should be freed
(Closes: #870017)
+ assertion failed in DestroyImageInfo due to mat coder
(Closes: #870019)
+ assertion failed in DestroyImage due to mat coder
(Closes: #870020)
+ Memory leak in mat coder (upstream 617)
(Closes: #870021)
+ Memory leak in mat coder (upstream 616)
(Closes: #870022)
+ Memory leak in mat coder (upstream 616)
(Closes: #870023)
-- Bastien Roucariès <email address hidden> Sat, 29 Jul 2017 00:51:39 +0200
