From owner-svn-ports-head@freebsd.org Thu May 25 20:51:50 2017 Return-Path: Delivered-To: svn-ports-head@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 6EAB9D82119; Thu, 25 May 2017 20:51:50 +0000 (UTC) (envelope-from brnrd@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 2E34A17E1; Thu, 25 May 2017 20:51:50 +0000 (UTC) (envelope-from brnrd@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id v4PKpn8H012577; Thu, 25 May 2017 20:51:49 GMT (envelope-from brnrd@FreeBSD.org) Received: (from brnrd@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id v4PKpmSN012575; Thu, 25 May 2017 20:51:48 GMT (envelope-from brnrd@FreeBSD.org) Message-Id: <201705252051.v4PKpmSN012575@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: brnrd set sender to brnrd@FreeBSD.org using -f From: Bernard Spil Date: Thu, 25 May 2017 20:51:48 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r441717 - head/security/vuxml X-SVN-Group: ports-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-head@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: SVN commit messages for the ports tree for head List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 25 May 2017 20:51:50 -0000 Author: brnrd Date: Thu May 25 20:51:48 2017 New Revision: 441717 URL: https://svnweb.freebsd.org/changeset/ports/441717 Log: security/vuxml: Document ImageMagick vulnerabilities PR: 219497 Reported by: dani Modified: head/security/vuxml/vuln.xml Modified: head/security/vuxml/vuln.xml ============================================================================== --- head/security/vuxml/vuln.xml Thu May 25 20:34:46 2017 (r441716) +++ head/security/vuxml/vuln.xml Thu May 25 20:51:48 2017 (r441717) @@ -58,6 +58,182 @@ Notes: * Do not forget port variants (linux-f10-libxml2, libxml2, etc.) --> + + imagemagick -- multiple vulnerabilities + + + imagemagick + 6.9.8.6 + + + + +
+
    +
  • CVE-2017-5506: Double free vulnerability in magick/profile.c in + ImageMagick allows remote attackers to have unspecified impact via + a crafted file.
    • +
  • CVE-2017-5507: Memory leak in coders/mpc.c in ImageMagick before + 6.9.7-4 and 7.x before 7.0.4-4 allows remote attackers to cause a + denial of service (memory consumption) via vectors involving a + pixel cache.
    • +
  • CVE-2017-5508: Heap-based buffer overflow in the + PushQuantumPixel function in ImageMagick before 6.9.7-3 and 7.x + before 7.0.4-3 allows remote attackers to cause a denial of + service (application crash) via a crafted TIFF file.
    • +
  • CVE-2017-5509: coders/psd.c in ImageMagick allows remote + attackers to have unspecified impact via a crafted PSD file, which + triggers an out-of-bounds write.
    • +
  • CVE-2017-5510: coders/psd.c in ImageMagick allows remote + attackers to have unspecified impact via a crafted PSD file, which + triggers an out-of-bounds write.
    • +
  • CVE-2017-5511: coders/psd.c in ImageMagick allows remote + attackers to have unspecified impact by leveraging an improper + cast, which triggers a heap-based buffer overflow.
    • +
  • CVE-2017-6497: An issue was discovered in ImageMagick 6.9.7. + A specially crafted psd file could lead to a NULL pointer + dereference (thus, a DoS).
    • +
  • CVE-2017-6498: An issue was discovered in ImageMagick 6.9.7. + Incorrect TGA files could trigger assertion failures, thus leading + to DoS.
    • +
  • CVE-2017-6499: An issue was discovered in Magick++ in + ImageMagick 6.9.7. A specially crafted file creating a nested + exception could lead to a memory leak (thus, a DoS).
    • +
  • CVE-2017-6500: An issue was discovered in ImageMagick 6.9.7. + A specially crafted sun file triggers a heap-based + buffer over-read.
    • +
  • CVE-2017-6501: An issue was discovered in ImageMagick 6.9.7. + A specially crafted xcf file could lead to a NULL pointer + dereference.
    • +
  • CVE-2017-6502: An issue was discovered in ImageMagick 6.9.7. + A specially crafted webp file could lead to a file-descriptor + leak in libmagickcore (thus, a DoS).
    • +
  • CVE-2017-7275: The ReadPCXImage function in coders/pcx.c in + ImageMagick 7.0.4.9 allows remote attackers to cause a denial of + service (attempted large memory allocation and application crash) + via a crafted file. NOTE: this vulnerability exists because of an + incomplete fix for CVE-2016-8862 and CVE-2016-8866.
    • +
  • CVE-2017-7606: coders/rle.c in ImageMagick 7.0.5-4 has an + "outside the range of representable values of type unsigned char" + undefined behavior issue, which might allow remote attackers to + cause a denial of service (application crash) or possibly have + unspecified other impact via a crafted image.
    • +
  • CVE-2017-7619: In ImageMagick 7.0.4-9, an infinite loop can + occur because of a floating-point rounding error in some of the + color algorithms. This affects ModulateHSL, ModulateHCL, + ModulateHCLp, ModulateHSB, ModulateHSI, ModulateHSV, ModulateHWB, + ModulateLCHab, and ModulateLCHuv.
    • +
  • CVE-2017-7941: The ReadSGIImage function in sgi.c allows remote + attackers to consume an amount of available memory via a crafted + file.
    • +
  • CVE-2017-7942: The ReadAVSImage function in avs.c allows remote + attackers to consume an amount of available memory via a crafted + file.
    • +
  • CVE-2017-7943: The ReadSVGImage function in svg.c allows remote + attackers to consume an amount of available memory via a crafted + file.
    • +
  • CVE-2017-8343: ReadAAIImage function in aai.c allows attackers + to cause a denial of service (memory leak) via a crafted file.
    • +
  • CVE-2017-8344: ReadPCXImage function in pcx.c allows attackers + to cause a denial of service (memory leak) via a crafted file. The + ReadMNGImage function in png.c allows attackers to cause a denial + of service (memory leak) via a crafted file.
    • +
  • CVE-2017-8345: ReadMNGImage function in png.c allows attackers + to cause a denial of service (memory leak) via a crafted file.
    • +
  • CVE-2017-8346: ReadMATImage function in mat.c allows attackers + to cause a denial of service (memory leak) via a crafted file.
    • +
  • CVE-2017-8347: ReadMATImage function in mat.c allows attackers + to cause a denial of service (memory leak) via a crafted file.
    • +
  • CVE-2017-8348: ReadMATImage function in mat.c allows attackers + to cause a denial of service (memory leak) via a crafted file.
    • +
  • CVE-2017-8349: ReadSFWImage function in sfw.c allows attackers + to cause a denial of service (memory leak) via a crafted file.
    • +
  • CVE-2017-8350: ReadJNGImage function in png.c allows attackers + to cause a denial of service (memory leak) via a crafted file.
    • +
  • CVE-2017-8351: ReadPCDImage function in pcd.c allows attackers + to cause a denial of service (memory leak) via a crafted file.
    • +
  • CVE-2017-8352: ReadXWDImage function in xwd.c allows attackers + to cause a denial of service (memory leak) via a crafted file.
    • +
  • CVE-2017-8353: ReadPICTImage function in pict.c allows attackers + to cause a denial of service (memory leak) via a crafted file.
    • +
  • CVE-2017-8354: ReadBMPImage function in bmp.c allows attackers + to cause a denial of service (memory leak) via a crafted file.
    • +
  • CVE-2017-8355: ReadMTVImage function in mtv.c allows attackers + to cause a denial of service (memory leak) via a crafted file.
    • +
  • CVE-2017-8356: ReadSUNImage function in sun.c allows attackers + to cause a denial of service (memory leak) via a crafted file.
    • +
  • CVE-2017-8357: ReadEPTImage function in ept.c allows attackers + to cause a denial of service (memory leak) via a crafted file.
    • +
  • CVE-2017-8365: The function named ReadICONImage in coders\icon.c + has a memory leak vulnerability which can cause memory exhaustion + via a crafted ICON file.
    • +
  • CVE-2017-8830: ReadBMPImage function in bmp.c:1379 allows + attackers to cause a denial of service (memory leak) via a crafted + file.
    • +
  • CVE-2017-9141: A crafted file could trigger an assertion failure + in the ResetImageProfileIterator function in MagickCore/profile.c + because of missing checks in the ReadDDSImage function in + coders/dds.c.
    • +
  • CVE-2017-9142: A crafted file could trigger an assertion failure + in the WriteBlob function in MagickCore/blob.c because of missing + checks in the ReadOneJNGImage function in coders/png.c.
    • +
  • CVE-2017-9143: ReadARTImage function in coders/art.c allows + attackers to cause a denial of service (memory leak) via a crafted + .art file.
    • +
  • CVE-2017-9144: A crafted RLE image can trigger a crash because + of incorrect EOF handling in coders/rle.c.
    • +
+
+ + + + https://nvd.nist.gov/vuln/search/results?query=ImageMagick + CVE-2017-5506 + CVE-2017-5507 + CVE-2017-5508 + CVE-2017-5509 + CVE-2017-5510 + CVE-2017-5511 + CVE-2017-6497 + CVE-2017-6498 + CVE-2017-6499 + CVE-2017-6500 + CVE-2017-6501 + CVE-2017-6502 + CVE-2017-7275 + CVE-2017-7606 + CVE-2017-7619 + CVE-2017-7941 + CVE-2017-7942 + CVE-2017-7943 + CVE-2017-8343 + CVE-2017-8344 + CVE-2017-8345 + CVE-2017-8346 + CVE-2017-8347 + CVE-2017-8348 + CVE-2017-8349 + CVE-2017-8350 + CVE-2017-8351 + CVE-2017-8352 + CVE-2017-8353 + CVE-2017-8354 + CVE-2017-8355 + CVE-2017-8356 + CVE-2017-8357 + CVE-2017-8365 + CVE-2017-8830 + CVE-2017-9141 + CVE-2017-9142 + CVE-2017-9143 + CVE-2017-9144 + + + 2017-03-05 + 2017-05-25 + + + samba -- remote code execution vulnerability