Bugzilla – Bug 1212847
VUL-0: CVE-2023-3428: ImageMagick: heap-buffer-overflow in coders/tiff.c
Last modified: 2024-06-07 12:26:38 UTC
CVE-2023-3428 A vulnerability was found in ImageMagick <=7.1.1, where heap-based buffer overflow was found in coders/tiff.c. References: https://github.com/ImageMagick/ImageMagick/commit/a531d28e31309676ce8168c3b6dbbb5374b78790 References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3428 https://bugzilla.redhat.com/show_bug.cgi?id=2218369
Affected: - SUSE:ALP:Source:Standard:1.0/ImageMagick 7.1.1.9 - openSUSE:Factory/ImageMagick 7.1.1.11 Not Affected: - SUSE:ALP:Source:Standard:1.0/GraphicsMagick 1.3.40 - SUSE:SLE-15-SP3:Update/GraphicsMagick 1.3.35 - openSUSE:Factory/GraphicsMagick 1.3.40 - SUSE:SLE-11:Update/ImageMagick 6.4.3.6 - SUSE:SLE-12:Update/ImageMagick 6.8.8.1 - SUSE:SLE-15-SP2:Update/ImageMagick 7.0.7.34 - SUSE:SLE-15:Update/ImageMagick 7.0.7.34 - SUSE:SLE-15-SP4:Update/ImageMagick 7.1.0.9
Thanks for evaluation. Submitted into TW,ALP/ImageMagick. I believe all fixed.
This is an autogenerated message for OBS integration: This bug (1212847) was mentioned in https://build.opensuse.org/request/show/1095937 Factory / ImageMagick
https://build.suse.de/request/show/302447
All done, closing.