180 lines
12 KiB
XML
180 lines
12 KiB
XML
<?xml version="1.0" encoding="UTF-8"?>
|
|
<cvrfdoc xmlns="http://www.icasi.org/CVRF/schema/cvrf/1.1" xmlns:cvrf="http://www.icasi.org/CVRF/schema/cvrf/1.1">
|
|
<DocumentTitle xml:lang="en">An update for ImageMagick is now available for openEuler-20.03-LTS-SP1</DocumentTitle>
|
|
<DocumentType>Security Advisory</DocumentType>
|
|
<DocumentPublisher Type="Vendor">
|
|
<ContactDetails>openeuler-security@openeuler.org</ContactDetails>
|
|
<IssuingAuthority>openEuler security committee</IssuingAuthority>
|
|
</DocumentPublisher>
|
|
<DocumentTracking>
|
|
<Identification>
|
|
<ID>openEuler-SA-2021-1219</ID>
|
|
</Identification>
|
|
<Status>Final</Status>
|
|
<Version>1.0</Version>
|
|
<RevisionHistory>
|
|
<Revision>
|
|
<Number>1.0</Number>
|
|
<Date>2021-06-12</Date>
|
|
<Description>Initial</Description>
|
|
</Revision>
|
|
</RevisionHistory>
|
|
<InitialReleaseDate>2021-06-12</InitialReleaseDate>
|
|
<CurrentReleaseDate>2021-06-12</CurrentReleaseDate>
|
|
<Generator>
|
|
<Engine>openEuler SA Tool V1.0</Engine>
|
|
<Date>2021-06-12</Date>
|
|
</Generator>
|
|
</DocumentTracking>
|
|
<DocumentNotes>
|
|
<Note Title="Synopsis" Type="General" Ordinal="1" xml:lang="en">ImageMagick security update</Note>
|
|
<Note Title="Summary" Type="General" Ordinal="2" xml:lang="en">An update for ImageMagick is now available for openEuler-20.03-LTS-SP1.</Note>
|
|
<Note Title="Description" Type="General" Ordinal="3" xml:lang="en">Use ImageMagick to create, edit, compose, or convert bitmap images. It can read and write images in a variety of formats (over 200) including PNG, JPEG, GIF, HEIC, TIFF, DPX, EXR, WebP, Postscript, PDF, and SVG. Use ImageMagick to resize, flip, mirror, rotate, distort, shear and transform images, adjust image colors, apply various special effects, or draw text, lines, polygons, ellipses and Bézier curves.
|
|
|
|
Security Fix(es):
|
|
|
|
There are several memory leaks in the MIFF coder in /coders/miff.c due to improper image depth values, which can be triggered by a specially crafted input file. These leaks could potentially lead to an impact to application availability or cause a denial of service. It was originally reported that the issues were in `AcquireMagickMemory()` because that is where LeakSanitizer detected the leaks, but the patch resolves issues in the MIFF coder, which incorrectly handles data being passed to `AcquireMagickMemory()`. This flaw affects ImageMagick versions prior to 7.0.9-0.(CVE-2020-27753)
|
|
|
|
TIFFGetProfiles() in /coders/tiff.c calls strstr() which causes a large out-of-bounds read when it searches for `"dc:format=\"image/dng\"` within `profile` due to improper string handling, when a crafted input file is provided to ImageMagick. The patch uses a StringInfo type instead of a raw C string to remedy this. This could cause an impact to availability of the application. This flaw affects ImageMagick versions prior to 7.0.9-0.(CVE-2020-25667)
|
|
|
|
In ParseMetaGeometry() of MagickCore/geometry.c, image height and width calculations can lead to divide-by-zero conditions which also lead to undefined behavior. This flaw can be triggered by a crafted input file processed by ImageMagick and could impact application availability. The patch uses multiplication in addition to the function `PerceptibleReciprocal()` in order to prevent such divide-by-zero conditions. This flaw affects ImageMagick versions prior to 7.0.9-0.(CVE-2020-27756)</Note>
|
|
<Note Title="Topic" Type="General" Ordinal="4" xml:lang="en">An update for ImageMagick is now available for openEuler-20.03-LTS-SP1.
|
|
|
|
openEuler Security has rated this update as having a security impact of medium. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.</Note>
|
|
<Note Title="Severity" Type="General" Ordinal="5" xml:lang="en">Medium</Note>
|
|
<Note Title="Affected Component" Type="General" Ordinal="6" xml:lang="en">ImageMagick</Note>
|
|
</DocumentNotes>
|
|
<DocumentReferences>
|
|
<Reference Type="Self">
|
|
<URL>https://openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2021-1219</URL>
|
|
</Reference>
|
|
<Reference Type="openEuler CVE">
|
|
<URL>https://openeuler.org/en/security/cve/detail.html?id=CVE-2020-27753</URL>
|
|
<URL>https://openeuler.org/en/security/cve/detail.html?id=CVE-2020-25667</URL>
|
|
<URL>https://openeuler.org/en/security/cve/detail.html?id=CVE-2020-27756</URL>
|
|
</Reference>
|
|
<Reference Type="Other">
|
|
<URL>https://nvd.nist.gov/vuln/detail/CVE-2020-27753</URL>
|
|
<URL>https://nvd.nist.gov/vuln/detail/CVE-2020-25667</URL>
|
|
<URL>https://nvd.nist.gov/vuln/detail/CVE-2020-27756</URL>
|
|
</Reference>
|
|
</DocumentReferences>
|
|
<ProductTree xmlns="http://www.icasi.org/CVRF/schema/prod/1.1">
|
|
<Branch Type="Product Name" Name="openEuler">
|
|
<FullProductName ProductID="openEuler-20.03-LTS-SP1" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">openEuler-20.03-LTS-SP1</FullProductName>
|
|
</Branch>
|
|
<Branch Type="Package Arch" Name="aarch64">
|
|
<FullProductName ProductID="ImageMagick-debuginfo-6.9.10.67-25" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">ImageMagick-debuginfo-6.9.10.67-25.oe1.aarch64.rpm</FullProductName>
|
|
<FullProductName ProductID="ImageMagick-6.9.10.67-25" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">ImageMagick-6.9.10.67-25.oe1.aarch64.rpm</FullProductName>
|
|
<FullProductName ProductID="ImageMagick-help-6.9.10.67-25" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">ImageMagick-help-6.9.10.67-25.oe1.aarch64.rpm</FullProductName>
|
|
<FullProductName ProductID="ImageMagick-perl-6.9.10.67-25" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">ImageMagick-perl-6.9.10.67-25.oe1.aarch64.rpm</FullProductName>
|
|
<FullProductName ProductID="ImageMagick-c++-devel-6.9.10.67-25" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">ImageMagick-c++-devel-6.9.10.67-25.oe1.aarch64.rpm</FullProductName>
|
|
<FullProductName ProductID="ImageMagick-debugsource-6.9.10.67-25" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">ImageMagick-debugsource-6.9.10.67-25.oe1.aarch64.rpm</FullProductName>
|
|
<FullProductName ProductID="ImageMagick-devel-6.9.10.67-25" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">ImageMagick-devel-6.9.10.67-25.oe1.aarch64.rpm</FullProductName>
|
|
<FullProductName ProductID="ImageMagick-c++-6.9.10.67-25" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">ImageMagick-c++-6.9.10.67-25.oe1.aarch64.rpm</FullProductName>
|
|
</Branch>
|
|
<Branch Type="Package Arch" Name="src">
|
|
<FullProductName ProductID="ImageMagick-6.9.10.67-25" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">ImageMagick-6.9.10.67-25.oe1.src.rpm</FullProductName>
|
|
</Branch>
|
|
<Branch Type="Package Arch" Name="x86_64">
|
|
<FullProductName ProductID="ImageMagick-help-6.9.10.67-25" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">ImageMagick-help-6.9.10.67-25.oe1.x86_64.rpm</FullProductName>
|
|
<FullProductName ProductID="ImageMagick-perl-6.9.10.67-25" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">ImageMagick-perl-6.9.10.67-25.oe1.x86_64.rpm</FullProductName>
|
|
<FullProductName ProductID="ImageMagick-6.9.10.67-25" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">ImageMagick-6.9.10.67-25.oe1.x86_64.rpm</FullProductName>
|
|
<FullProductName ProductID="ImageMagick-debugsource-6.9.10.67-25" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">ImageMagick-debugsource-6.9.10.67-25.oe1.x86_64.rpm</FullProductName>
|
|
<FullProductName ProductID="ImageMagick-c++-6.9.10.67-25" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">ImageMagick-c++-6.9.10.67-25.oe1.x86_64.rpm</FullProductName>
|
|
<FullProductName ProductID="ImageMagick-debuginfo-6.9.10.67-25" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">ImageMagick-debuginfo-6.9.10.67-25.oe1.x86_64.rpm</FullProductName>
|
|
<FullProductName ProductID="ImageMagick-c++-devel-6.9.10.67-25" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">ImageMagick-c++-devel-6.9.10.67-25.oe1.x86_64.rpm</FullProductName>
|
|
<FullProductName ProductID="ImageMagick-devel-6.9.10.67-25" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">ImageMagick-devel-6.9.10.67-25.oe1.x86_64.rpm</FullProductName>
|
|
</Branch>
|
|
</ProductTree>
|
|
<Vulnerability Ordinal="1" xmlns="http://www.icasi.org/CVRF/schema/vuln/1.1">
|
|
<Notes>
|
|
<Note Title="Vulnerability Description" Type="General" Ordinal="1" xml:lang="en">There are several memory leaks in the MIFF coder in /coders/miff.c due to improper image depth values, which can be triggered by a specially crafted input file. These leaks could potentially lead to an impact to application availability or cause a denial of service. It was originally reported that the issues were in `AcquireMagickMemory()` because that is where LeakSanitizer detected the leaks, but the patch resolves issues in the MIFF coder, which incorrectly handles data being passed to `AcquireMagickMemory()`. This flaw affects ImageMagick versions prior to 7.0.9-0.</Note>
|
|
</Notes>
|
|
<ReleaseDate>2021-06-12</ReleaseDate>
|
|
<CVE>CVE-2020-27753</CVE>
|
|
<ProductStatuses>
|
|
<Status Type="Fixed">
|
|
<ProductID>openEuler-20.03-LTS-SP1</ProductID>
|
|
</Status>
|
|
</ProductStatuses>
|
|
<Threats>
|
|
<Threat Type="Impact">
|
|
<Description>Medium</Description>
|
|
</Threat>
|
|
</Threats>
|
|
<CVSSScoreSets>
|
|
<ScoreSet>
|
|
<BaseScore>5.5</BaseScore>
|
|
<Vector>AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H</Vector>
|
|
</ScoreSet>
|
|
</CVSSScoreSets>
|
|
<Remediations>
|
|
<Remediation Type="Vendor Fix">
|
|
<Description>ImageMagick security update</Description>
|
|
<DATE>2021-06-12</DATE>
|
|
<URL>https://openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2021-1219</URL>
|
|
</Remediation>
|
|
</Remediations>
|
|
</Vulnerability>
|
|
<Vulnerability Ordinal="2" xmlns="http://www.icasi.org/CVRF/schema/vuln/1.1">
|
|
<Notes>
|
|
<Note Title="Vulnerability Description" Type="General" Ordinal="2" xml:lang="en">TIFFGetProfiles() in /coders/tiff.c calls strstr() which causes a large out-of-bounds read when it searches for `"dc:format=\"image/dng\"` within `profile` due to improper string handling, when a crafted input file is provided to ImageMagick. The patch uses a StringInfo type instead of a raw C string to remedy this. This could cause an impact to availability of the application. This flaw affects ImageMagick versions prior to 7.0.9-0.</Note>
|
|
</Notes>
|
|
<ReleaseDate>2021-06-12</ReleaseDate>
|
|
<CVE>CVE-2020-25667</CVE>
|
|
<ProductStatuses>
|
|
<Status Type="Fixed">
|
|
<ProductID>openEuler-20.03-LTS-SP1</ProductID>
|
|
</Status>
|
|
</ProductStatuses>
|
|
<Threats>
|
|
<Threat Type="Impact">
|
|
<Description>Medium</Description>
|
|
</Threat>
|
|
</Threats>
|
|
<CVSSScoreSets>
|
|
<ScoreSet>
|
|
<BaseScore>5.5</BaseScore>
|
|
<Vector>AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H</Vector>
|
|
</ScoreSet>
|
|
</CVSSScoreSets>
|
|
<Remediations>
|
|
<Remediation Type="Vendor Fix">
|
|
<Description>ImageMagick security update</Description>
|
|
<DATE>2021-06-12</DATE>
|
|
<URL>https://openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2021-1219</URL>
|
|
</Remediation>
|
|
</Remediations>
|
|
</Vulnerability>
|
|
<Vulnerability Ordinal="3" xmlns="http://www.icasi.org/CVRF/schema/vuln/1.1">
|
|
<Notes>
|
|
<Note Title="Vulnerability Description" Type="General" Ordinal="3" xml:lang="en">In ParseMetaGeometry() of MagickCore/geometry.c, image height and width calculations can lead to divide-by-zero conditions which also lead to undefined behavior. This flaw can be triggered by a crafted input file processed by ImageMagick and could impact application availability. The patch uses multiplication in addition to the function `PerceptibleReciprocal()` in order to prevent such divide-by-zero conditions. This flaw affects ImageMagick versions prior to 7.0.9-0.</Note>
|
|
</Notes>
|
|
<ReleaseDate>2021-06-12</ReleaseDate>
|
|
<CVE>CVE-2020-27756</CVE>
|
|
<ProductStatuses>
|
|
<Status Type="Fixed">
|
|
<ProductID>openEuler-20.03-LTS-SP1</ProductID>
|
|
</Status>
|
|
</ProductStatuses>
|
|
<Threats>
|
|
<Threat Type="Impact">
|
|
<Description>Medium</Description>
|
|
</Threat>
|
|
</Threats>
|
|
<CVSSScoreSets>
|
|
<ScoreSet>
|
|
<BaseScore>5.5</BaseScore>
|
|
<Vector>AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H</Vector>
|
|
</ScoreSet>
|
|
</CVSSScoreSets>
|
|
<Remediations>
|
|
<Remediation Type="Vendor Fix">
|
|
<Description>ImageMagick security update</Description>
|
|
<DATE>2021-06-12</DATE>
|
|
<URL>https://openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2021-1219</URL>
|
|
</Remediation>
|
|
</Remediations>
|
|
</Vulnerability>
|
|
</cvrfdoc> |