http://bugzilla.opensuse.org/show_bug.cgi?id=1002422 Bug ID: 1002422 Summary: GraphicsMagick: 8BIM/8BIMW unsigned underflow leads to heap overflow Classification: openSUSE Product: openSUSE Distribution Version: Leap 42.1 Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Security Assignee: security-team@suse.de Reporter: mikhail.kasimov@gmail.com QA Contact: qa-bugs@suse.de Found By: --- Blocker: --- Reference: http://seclists.org/oss-sec/2016/q4/0 =========================== Today we received a report from Marco Grassi about a heap overflow in the 8BIM reader. 8BIM is a metadata chunk often attached to JPEG files. After investigation it was found that there was a small unsigned overflow leading to a huge size value, which then resulted in a heap overflow (causing a crash). We believe that this issue exists in all GraphicsMagick releases to date (including 1.3.25). The fix to this may be found in GraphicsMagick Mercurial at "https://sourceforge.net/p/graphicsmagick/code/ci/5c7b6d6094a25e99c57f8b18343...";. Bob -- Bob Friesenhahn bfriesen () simple dallas tx us, http://www.simplesystems.org/users/bfriesen/ GraphicsMagick Maintainer, http://www.GraphicsMagick.org/ =========================== Due to https://software.opensuse.org/package/GraphicsMagick version 1.3.25 is being in use in openSUSE Tumbleweed. Version 1.3.21 is being in use in 42.1... -- You are receiving this mail because: You are on the CC list for the bug.