Fedora 26: perl-Image-SubImageFind Security Update Critical Issues
fedora
September 19, 2017
Many security fixes, bug fixes, and other changes from the previous version 6.9.3.0
Summary
Perl module to aide in locating a sub-image within an image.
Many security fixes, bug fixes, and other changes from the previous version
6.9.3.0. See the [6.9 branch ChangeLog](https://github.com/ImageMagick/ImageMagick/blob/3fd358e2ac34977fda38a2cf4d88a1cb4dd2d7c7/ChangeLog). Dependent packages
are mostly straight rebuilds, a couple also include bugfix version updates.
[ 1 ] Bug #1471837 - CVE-2017-11352 ImageMagick: Improper EOF handling in coders/rle.c can trigger crash (Incomplete fix for CVE-2017-9144) [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1471837
[ 2 ] Bug #1471122 - CVE-2017-10995 ImageMagick: Out-of-bounds heap read in mng_get_long function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1471122
[ 3 ] Bug #1470670 - CVE-2017-11170 ImageMagick: Memory leak in ReadTGAImage function when processing TGA or VST file [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1470670
[ 4 ] Bug #1465064 - CVE-2017-7941 CVE-2017-7942 CVE-2017-7943 CVE-2017-8352 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1465064
[ 5 ] Bug #1455602 - CVE-2017-9141 CVE-2017-9142 CVE-2017-9143 CVE-2017-9144 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1455602
[ 6 ] Bug #1453125 - CVE-2017-9098 ImageMagick: use of uninitialized memory in RLE decoder [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1453125
[ 7 ] Bug #1413898 - CVE-2016-9556 CVE-2016-9559 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1413898
[ 8 ] Bug #1408404 - CVE-2016-8707 ImageMagick: OOB write in convert utility when deflating TIFF files [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1408404
[ 9 ] Bug #1483575 - CVE-2017-12587 ImageMagick: Resource exhaustion in ReadPWPImage function in coders\pwp.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1483575
[ 10 ] Bug #1299275 - ImageMagick-7.0.6-9 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1299275
[ 11 ] Bug #1483132 - CVE-2017-12433 CVE-2017-12434 CVE-2017-12435 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1483132
[ 12 ] Bug #1483117 - CVE-2017-12640 CVE-2017-12641 CVE-2017-12642 CVE-2017-12643 CVE-2017-12644 CVE-2017-12654 CVE-2017-12662 CVE-2017-12663 CVE-2017-12664 CVE-2017-12665 CVE-2017-12666 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1483117
[ 13 ] Bug #1482655 - CVE-2017-12427 CVE-2017-12428 CVE-2017-12429 CVE-2017-12430 CVE-2017-12432 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1482655
[ 14 ] Bug #1482626 - CVE-2017-12418 ImageMagick: Memory leaks in the parse8BIMW and format8BIM functions in coders/meta.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1482626
[ 15 ] Bug #1350462 - CVE-2016-5841 CVE-2016-5842 imagemagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1350462
[ 16 ] Bug #1361494 - CVE-2016-6491 ImageMagick: Out-of-bounds read in CopyMagickMemory [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1361494
[ 17 ] Bug #1378790 - CVE-2014-9907 CVE-2015-8957 CVE-2015-8958 CVE-2015-8959 CVE-2016-6823 CVE-2016-7101 CVE-2016-7513 CVE-2016-7514 CVE-2016-7515 CVE-2016-7516 CVE-2016-7517 CVE-2016-7518 CVE-2016-7519 CVE-2016-7520 CVE-2016-7521 ... ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1378790
[ 18 ] Bug #1361578 - CVE-2016-5010 ImageMagick: Out-of-bounds read when processing crafted tiff file [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1361578
[ 19 ] Bug #1477566 - CVE-2017-12140 ImageMagick: integer signedness error in ReadDCMImage function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1477566
[ 20 ] Bug #1477070 - CVE-2017-11724 CVE-2017-11750 CVE-2017-11751 CVE-2017-11752 CVE-2017-11753 CVE-2017-11754 CVE-2017-11755 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1477070
[ 21 ] Bug #1475486 - CVE-2017-11644 ImageMagick: Memory-Leak in ReadMATImage() coders/mat.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1475486
[ 22 ] Bug #1475471 - CVE-2017-11639 ImageMagick: heap-based buffer over-read in the WriteCIPImage() function in coders/cip.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1475471
[ 23 ] Bug #1475464 - CVE-2017-11640 ImageMagick: NULL pointer dereference in WritePTIFImage() in coders/tiff.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1475464
[ 24 ] Bug #1474846 - CVE-2017-11523 ImageMagick: Endless loop in ReadTXTImage function in coders/txt.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1474846
[ 25 ] Bug #1474420 - CVE-2017-11446 CVE-2017-11478 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1474420
[ 26 ] Bug #1473848 - CVE-2017-11360 ImageMagick: Resource exhaustion in ReadRLEImage function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473848
[ 27 ] Bug #1473825 - CVE-2017-11188 ImageMagick: Resource exhaustion in ReadDPXImage function in coders\dpx.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473825
[ 28 ] Bug #1473802 - CVE-2017-11448 ImageMagick: Info leak from from uninitialized memory in ReadJPEGImage function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473802
[ 29 ] Bug #1473799 - CVE-2017-11447 ImageMagick: Memory leak in ReadSCREENSHOTImage function in coders/screenshot.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473799
[ 30 ] Bug #1473797 - CVE-2017-11449 ImageMagick: coders/mpc.c don't validade blob sizes of stdin image input [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473797
[ 31 ] Bug #1473775 - CVE-2017-11450 ImageMagick: Too short JPEG data causes denial of service in coders/jpeg.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473775
[ 32 ] Bug #1473758 - CVE-2017-11141 ImageMagick: Memory exhaustion in ReadMATImage function in coders\mat.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473758
[ 33 ] Bug #1473719 - CVE-2017-10928 ImageMagick: heap-based buffer over-read in the GetNextToken function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473719
[ 34 ] Bug #1410515 - ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1410515
[ 35 ] Bug #1479313 - synfigstudio doesn't start
https://bugzilla.redhat.com/show_bug.cgi?id=1479313
su -c 'dnf upgrade perl-Image-SubImageFind' at the command line.
For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/security/
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Change Log
References
Update Instructions
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Product: Fedora 26
Version: 0.03
Release: 13.fc26
Summary: Perl extension for locating a sub-image within an image
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!