Bugzilla – Bug 991444
VUL-1: CVE-2016-5010: ImageMagick: Out-of-bounds read when processing crafted tiff file
Last modified: 2020-06-13 21:06:05 UTC
Quoting from RH BZ: An out-of-bounds heap read vulnerability in ImageMagick compiled with TIFF support that can be triggered by running mogrify on crafted TIFF file was found. rh#1354500 References: https://bugzilla.redhat.com/show_bug.cgi?id=1354500 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5010
http://git.imagemagick.org/repos/ImageMagick/commit/c20de102cc57f3739a8870f79e728e3b0bea18c0
11/ImageMagick seems not to not be affected.
GraphicsMagick seems not to be affected.
I believe all affected code streams are fixed.
This is an autogenerated message for OBS integration: This bug (991444) was mentioned in https://build.opensuse.org/request/show/416993 13.2 / ImageMagick
released
openSUSE-SU-2016:2072-1: An update that fixes three vulnerabilities is now available. Category: security (moderate) Bug References: 991444,991445,991872 CVE References: CVE-2016-5010,CVE-2016-6491,CVE-2016-6520 Sources used: openSUSE 13.2 (src): ImageMagick-6.8.9.8-29.1
SUSE-SU-2016:2076-1: An update that fixes three vulnerabilities is now available. Category: security (moderate) Bug References: 991444,991445,991872 CVE References: CVE-2016-5010,CVE-2016-6491,CVE-2016-6520 Sources used: SUSE Linux Enterprise Workstation Extension 12-SP1 (src): ImageMagick-6.8.8.1-33.1 SUSE Linux Enterprise Software Development Kit 12-SP1 (src): ImageMagick-6.8.8.1-33.1 SUSE Linux Enterprise Server 12-SP1 (src): ImageMagick-6.8.8.1-33.1 SUSE Linux Enterprise Desktop 12-SP1 (src): ImageMagick-6.8.8.1-33.1
openSUSE-SU-2016:2148-1: An update that fixes three vulnerabilities is now available. Category: security (moderate) Bug References: 991444,991445,991872 CVE References: CVE-2016-5010,CVE-2016-6491,CVE-2016-6520 Sources used: openSUSE Leap 42.1 (src): ImageMagick-6.8.8.1-18.2