Alerts This Week
Warning Icon 1 758
Alerts This Week
Warning Icon 1 758

Fedora 39: 2023-2939487fd9 High: Mingw-ImageMagick Denial of Service

fedora
Calendar Grey September 15, 2023
Dist Fedora Esm H88
The recent update to the MinGW Windows FreeImage library for Fedora 39 resolves issues related to buffer overflow vulnerabilities with an array of enhancements. Discover further details.
Update to latest svn revision.

Summary

MinGW Windows freeimage library.

Update Information:

Update to latest svn revision.

Change Log

* Mon Aug 28 2023 Sandro Mani - 3.19.0-0.16.svn1889 - Update to r1909

References


[ 1 ] Bug #2235358 - CVE-2020-22524 freeimage: buffer overflow in FreeImage_Load() in Plugin.cpp [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2235358 [ 2 ] Bug #2235359 - CVE-2020-22524 mingw-freeimage: freeimage: buffer overflow in FreeImage_Load() in Plugin.cpp [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2235359 [ 3 ] Bug #2235406 - CVE-2020-21426 mingw-freeimage: freeimage: buffer overflow in C_IStream::read() in PluginEXR.cpp [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2235406 [ 4 ] Bug #2235407 - CVE-2020-21426 freeimage: buffer overflow in C_IStream::read() in PluginEXR.cpp [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2235407 [ 5 ] Bug #2235412 - CVE-2020-21427 mingw-freeimage: freeimage: buffer overflow in LoadPixelDataRLE8() in PluginBMP.cpp [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2235412 [ 6 ] Bug #2235414 - CVE-2020-21427 freeimage: buffer overfl...

Read the Full Advisory

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-2840932fa8' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html

Name: mingw-freeimage
Product: Fedora 39
Version: 3.19.0
Release: 0.16.svn1909.fc39
Summary: MinGW Windows freeimage library

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here