Bug 1017321 - (CVE-2016-10064) VUL-0: CVE-2016-10064: ImageMagick: Improved checks for buffer overflow for TIFF handling
(CVE-2016-10064)
VUL-0: CVE-2016-10064: ImageMagick: Improved checks for buffer overflow for T...
Status: RESOLVED FIXED
: 1016590 (view as bug list)
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P3 - Medium : Minor
: ---
Assigned To: Security Team bot
Security Team bot
CVSSv2:SUSE:CVE-2016-10064:6.8:(AV:N/...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2016-12-27 09:23 UTC by Johannes Segitz
Modified: 2017-05-19 06:42 UTC (History)
1 user (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Johannes Segitz 2016-12-27 09:23:06 UTC
Debian bug: https://bugs.debian.org/845202
Reference URL: https://security-tracker.debian.org/845202
Upstream commit: https://github.com/ImageMagick/ImageMagick/commit/f8877abac8e568b2f339cca70c2c3c1b6eaec288
Upstream issue: N/A
Upstream version fixed: 6.9.5-1

Use CVE-2016-10064.
Comment 1 Swamp Workflow Management 2016-12-27 23:02:42 UTC
bugbot adjusting priority
Comment 2 Johannes Segitz 2016-12-28 11:02:54 UTC
*** Bug 1016590 has been marked as a duplicate of this bug. ***
Comment 3 Johannes Segitz 2016-12-28 11:04:34 UTC
From Marcus Meissner in the other bug:
(that the multiplication rows*columns 1 line above is not checked ... *sigh*

the overflow checking impl is in https://github.com/ImageMagick/ImageMagick/commit/0474237508f39c4f783208123431815f1ededb76   mixed with other code.
Comment 4 Petr Gajdos 2017-01-25 10:27:04 UTC
(In reply to Johannes Segitz from comment #3)
> From Marcus Meissner in the other bug:
> (that the multiplication rows*columns 1 line above is not checked ... *sigh*

It is .. inside AcquireQuantumMemory().
Comment 5 Petr Gajdos 2017-01-25 11:12:28 UTC
Affected: 12/ImageMagick, 11/ImageMagick, 11/GraphicsMagick, 42.1/GraphicsMagick
Comment 6 Petr Gajdos 2017-01-25 11:53:12 UTC
For GraphicsMagick, I will use solution similar to 42.2/GraphicsMagick.
Comment 7 Petr Gajdos 2017-01-27 11:04:53 UTC
Packages submitted, I believe all fixed.
Comment 9 Bernhard Wiedemann 2017-01-27 13:04:20 UTC
This is an autogenerated message for OBS integration:
This bug (1017321) was mentioned in
https://build.opensuse.org/request/show/452918 42.1 / GraphicsMagick
Comment 10 Swamp Workflow Management 2017-02-06 14:08:56 UTC
openSUSE-SU-2017:0391-1: An update that fixes 12 vulnerabilities is now available.

Category: security (moderate)
Bug References: 1017310,1017312,1017313,1017314,1017318,1017321,1017322,1017324,1017325,1017326,1020443,1020448
CVE References: CVE-2016-10048,CVE-2016-10050,CVE-2016-10051,CVE-2016-10052,CVE-2016-10059,CVE-2016-10064,CVE-2016-10065,CVE-2016-10068,CVE-2016-10069,CVE-2016-10070,CVE-2016-10146,CVE-2017-5511
Sources used:
openSUSE Leap 42.1 (src):    GraphicsMagick-1.3.21-26.1
Comment 11 Swamp Workflow Management 2017-02-20 14:11:57 UTC
SUSE-SU-2017:0518-1: An update that fixes 11 vulnerabilities is now available.

Category: security (moderate)
Bug References: 1017310,1017311,1017312,1017313,1017318,1017321,1017322,1017324,1017326,1020443,1020448
CVE References: CVE-2016-10048,CVE-2016-10049,CVE-2016-10050,CVE-2016-10051,CVE-2016-10059,CVE-2016-10064,CVE-2016-10065,CVE-2016-10068,CVE-2016-10070,CVE-2016-10146,CVE-2017-5511
Sources used:
SUSE Studio Onsite 1.3 (src):    GraphicsMagick-1.2.5-4.62.1
SUSE Linux Enterprise Software Development Kit 11-SP4 (src):    GraphicsMagick-1.2.5-4.62.1
SUSE Linux Enterprise Debuginfo 11-SP4 (src):    GraphicsMagick-1.2.5-4.62.1
Comment 12 Swamp Workflow Management 2017-02-21 14:09:38 UTC
SUSE-SU-2017:0529-1: An update that fixes 25 vulnerabilities is now available.

Category: security (moderate)
Bug References: 1017308,1017310,1017311,1017312,1017313,1017314,1017318,1017319,1017320,1017321,1017322,1017324,1017325,1017326,1017421,1020433,1020435,1020436,1020439,1020441,1020443,1020446,1020448
CVE References: CVE-2016-10046,CVE-2016-10048,CVE-2016-10049,CVE-2016-10050,CVE-2016-10051,CVE-2016-10052,CVE-2016-10059,CVE-2016-10060,CVE-2016-10061,CVE-2016-10062,CVE-2016-10063,CVE-2016-10064,CVE-2016-10065,CVE-2016-10068,CVE-2016-10069,CVE-2016-10070,CVE-2016-10071,CVE-2016-10144,CVE-2016-10145,CVE-2016-10146,CVE-2017-5506,CVE-2017-5507,CVE-2017-5508,CVE-2017-5510,CVE-2017-5511
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP2 (src):    ImageMagick-6.8.8.1-59.1
SUSE Linux Enterprise Workstation Extension 12-SP1 (src):    ImageMagick-6.8.8.1-59.1
SUSE Linux Enterprise Software Development Kit 12-SP2 (src):    ImageMagick-6.8.8.1-59.1
SUSE Linux Enterprise Software Development Kit 12-SP1 (src):    ImageMagick-6.8.8.1-59.1
SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (src):    ImageMagick-6.8.8.1-59.1
SUSE Linux Enterprise Server 12-SP2 (src):    ImageMagick-6.8.8.1-59.1
SUSE Linux Enterprise Server 12-SP1 (src):    ImageMagick-6.8.8.1-59.1
SUSE Linux Enterprise Desktop 12-SP2 (src):    ImageMagick-6.8.8.1-59.1
SUSE Linux Enterprise Desktop 12-SP1 (src):    ImageMagick-6.8.8.1-59.1
Comment 13 Swamp Workflow Management 2017-03-01 20:10:55 UTC
SUSE-SU-2017:0586-1: An update that fixes 21 vulnerabilities is now available.

Category: security (moderate)
Bug References: 1017308,1017310,1017311,1017312,1017313,1017314,1017318,1017319,1017320,1017321,1017322,1017324,1017326,1017421,1020433,1020435,1020436,1020439,1020441,1020443,1020448
CVE References: CVE-2016-10046,CVE-2016-10048,CVE-2016-10049,CVE-2016-10050,CVE-2016-10051,CVE-2016-10052,CVE-2016-10059,CVE-2016-10060,CVE-2016-10063,CVE-2016-10064,CVE-2016-10065,CVE-2016-10068,CVE-2016-10070,CVE-2016-10071,CVE-2016-10144,CVE-2016-10145,CVE-2016-10146,CVE-2017-5506,CVE-2017-5507,CVE-2017-5508,CVE-2017-5511
Sources used:
SUSE Linux Enterprise Software Development Kit 11-SP4 (src):    ImageMagick-6.4.3.6-7.65.1
SUSE Linux Enterprise Server 11-SP4 (src):    ImageMagick-6.4.3.6-7.65.1
SUSE Linux Enterprise Debuginfo 11-SP4 (src):    ImageMagick-6.4.3.6-7.65.1
Comment 14 Swamp Workflow Management 2017-03-02 14:09:42 UTC
openSUSE-SU-2017:0587-1: An update that fixes 25 vulnerabilities is now available.

Category: security (moderate)
Bug References: 1017308,1017310,1017311,1017312,1017313,1017314,1017318,1017319,1017320,1017321,1017322,1017324,1017325,1017326,1017421,1020433,1020435,1020436,1020439,1020441,1020443,1020446,1020448
CVE References: CVE-2016-10046,CVE-2016-10048,CVE-2016-10049,CVE-2016-10050,CVE-2016-10051,CVE-2016-10052,CVE-2016-10059,CVE-2016-10060,CVE-2016-10061,CVE-2016-10062,CVE-2016-10063,CVE-2016-10064,CVE-2016-10065,CVE-2016-10068,CVE-2016-10069,CVE-2016-10070,CVE-2016-10071,CVE-2016-10144,CVE-2016-10145,CVE-2016-10146,CVE-2017-5506,CVE-2017-5507,CVE-2017-5508,CVE-2017-5510,CVE-2017-5511
Sources used:
openSUSE Leap 42.2 (src):    ImageMagick-6.8.8.1-28.1
openSUSE Leap 42.1 (src):    ImageMagick-6.8.8.1-30.1
Comment 15 Matthias Gerstner 2017-03-06 09:41:25 UTC
All codestreams released. openSUSE comes from SLE. Closing.