An update for GraphicsMagick is now available for openEuler-22.03-LTS-SP2 Security Advisory openeuler-security@openeuler.org openEuler security committee openEuler-SA-2023-1819 Final 1.0 1.0 2023-11-17 Initial 2023-11-17 2023-11-17 openEuler SA Tool V1.0 2023-11-17 GraphicsMagick security update An update for GraphicsMagick is now available for openEuler-22.03-LTS-SP2. GraphicsMagick is the swiss army knife of image processing. Comprised of 267K physical lines (according to David A. Wheeler's SLOCCount) of source code in the base package (or 1,225K including 3rd party libraries) it provides a robust and efficient collection of tools and libraries which support reading, writing, and manipulating an image in over 89 major formats including important formats like DPX, GIF, JPEG, JPEG-2000, PNG, PDF, PNM, TIFF, and WebP. Security Fix(es): Buffer Overflow vulnerability in WritePCXImage function in pcx.c in GraphicsMagick 1.4 allows remote attackers to cause a denial of service via converting of crafted image file to pcx format.(CVE-2020-21679) An update for GraphicsMagick is now available for openEuler-22.03-LTS-SP2. openEuler Security has rated this update as having a security impact of medium. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section. Medium GraphicsMagick https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2023-1819 https://www.openeuler.org/en/security/cve/detail.html?id=CVE-2020-21679 https://nvd.nist.gov/vuln/detail/CVE-2020-21679 openEuler-22.03-LTS-SP2 GraphicsMagick-perl-1.3.41-1.oe2203sp2.aarch64.rpm GraphicsMagick-1.3.41-1.oe2203sp2.aarch64.rpm GraphicsMagick-debuginfo-1.3.41-1.oe2203sp2.aarch64.rpm GraphicsMagick-devel-1.3.41-1.oe2203sp2.aarch64.rpm GraphicsMagick-c++-devel-1.3.41-1.oe2203sp2.aarch64.rpm GraphicsMagick-debugsource-1.3.41-1.oe2203sp2.aarch64.rpm GraphicsMagick-c++-1.3.41-1.oe2203sp2.aarch64.rpm GraphicsMagick-help-1.3.41-1.oe2203sp2.noarch.rpm GraphicsMagick-1.3.41-1.oe2203sp2.src.rpm GraphicsMagick-perl-1.3.41-1.oe2203sp2.x86_64.rpm GraphicsMagick-1.3.41-1.oe2203sp2.x86_64.rpm GraphicsMagick-devel-1.3.41-1.oe2203sp2.x86_64.rpm GraphicsMagick-debugsource-1.3.41-1.oe2203sp2.x86_64.rpm GraphicsMagick-c++-1.3.41-1.oe2203sp2.x86_64.rpm GraphicsMagick-debuginfo-1.3.41-1.oe2203sp2.x86_64.rpm GraphicsMagick-c++-devel-1.3.41-1.oe2203sp2.x86_64.rpm Buffer Overflow vulnerability in WritePCXImage function in pcx.c in GraphicsMagick 1.4 allows remote attackers to cause a denial of service via converting of crafted image file to pcx format. 2023-11-17 CVE-2020-21679 openEuler-22.03-LTS-SP2 Medium 5.5 AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H GraphicsMagick security update 2023-11-17 https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2023-1819