Information on source package imagemagick

Available versions

ReleaseVersion
wheezy8:6.7.7.10-5+deb7u4
wheezy (security)8:6.7.7.10-5+deb7u12
jessie8:6.8.9.9-5+deb8u6
jessie (security)8:6.8.9.9-5+deb8u8
stretch8:6.9.7.4+dfsg-2
sid8:6.9.7.4+dfsg-2

Open issues

BugwheezyjessiestretchsidDescription
CVE-2017-7275undeterminedundeterminedundeterminedundeterminedThe ReadPCXImage function in coders/pcx.c in ImageMagick 7.0.4.9 allows ...
CVE-2015-8903vulnerable (no DSA)fixedfixedfixedThe ReadVICARImage function in coders/vicar.c in ImageMagick 6.x ...
CVE-2015-8902vulnerable (no DSA)fixedfixedfixedThe ReadBlobByte function in coders/pdb.c in ImageMagick 6.x before ...
CVE-2015-8901vulnerable (no DSA)fixedfixedfixedImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a ...
CVE-2015-8900vulnerable (no DSA)fixedfixedfixedThe ReadHDRImage function in coders/hdr.c in ImageMagick 6.x and 7.x ...
CVE-2014-9841vulnerable (no DSA)fixedfixedfixedThe ReadPSDLayers function in coders/psd.c in ImageMagick 6.8.9.9 ...
CVE-2014-8716vulnerable (no DSA)fixedfixedfixedcrafted jpeg file could lead to DOS
CVE-2014-8562vulnerable (no DSA)fixedfixedfixedbuffer overflow in DCM parser
CVE-2014-8355vulnerable (no DSA)fixedfixedfixedbuffer overflow in PCX parser
CVE-2014-8354vulnerable (no DSA)fixedfixedfixedout-of-bounds memory access in resize code

Open unimportant issues

BugwheezyjessiestretchsidDescription
CVE-2017-6502vulnerablevulnerablevulnerablevulnerableAn issue was discovered in ImageMagick 6.9.7. A specially crafted webp ...
CVE-2016-8678vulnerablevulnerablevulnerablevulnerableThe IsPixelMonochrome function in MagickCore/pixel-accessor.h in ...
CVE-2008-3134vulnerablevulnerablevulnerablevulnerableMultiple unspecified vulnerabilities in GraphicsMagick before 1.2.4 ...
CVE-2005-0406vulnerablevulnerablevulnerablevulnerableA design flaw in image processing software that modifies JPEG images ...

Resolved issues

BugDescription
TEMP-0811308-B63DA1Multiple minor security issues
CVE-2017-6501An issue was discovered in ImageMagick 6.9.7. A specially crafted xcf ...
CVE-2017-6500An issue was discovered in ImageMagick 6.9.7. A specially crafted sun ...
CVE-2017-6499An issue was discovered in Magick++ in ImageMagick 6.9.7. A specially ...
CVE-2017-6498An issue was discovered in ImageMagick 6.9.7. Incorrect TGA files could ...
CVE-2017-6497An issue was discovered in ImageMagick 6.9.7. A specially crafted psd ...
CVE-2017-5511coders/psd.c in ImageMagick allows remote attackers to have ...
CVE-2017-5510coders/psd.c in ImageMagick allows remote attackers to have ...
CVE-2017-5509coders/psd.c in ImageMagick allows remote attackers to have ...
CVE-2017-5508Heap-based buffer overflow in the PushQuantumPixel function in ...
CVE-2017-5507Memory leak in coders/mpc.c in ImageMagick before 6.9.7-4 and 7.x ...
CVE-2017-5506Double free vulnerability in magick/profile.c in ImageMagick allows ...
CVE-2016-9773Heap-based buffer overflow in the IsPixelGray function in ...
CVE-2016-9559coders/tiff.c in ImageMagick before 7.0.3.7 allows remote attackers to ...
CVE-2016-9556The IsPixelGray function in MagickCore/pixel-accessor.h in ImageMagick ...
CVE-2016-9298Heap overflow in the WaveletDenoiseImage function in MagickCore/fx.c ...
CVE-2016-8866The AcquireMagickMemory function in MagickCore/memory.c in ...
CVE-2016-8862The AcquireMagickMemory function in MagickCore/memory.c in ImageMagick ...
CVE-2016-8707An exploitable out of bounds write exists in the handling of ...
CVE-2016-8677The AcquireQuantumPixels function in MagickCore/quantum.c in ...
CVE-2016-7906magick/attribute.c in ImageMagick 7.0.3-2 allows remote attackers to ...
CVE-2016-7799MagickCore/profile.c in ImageMagick before 7.0.3-2 allows remote ...
CVE-2016-7540writing to rgf format aborts
CVE-2016-7539potential DOS by not releasing memory
CVE-2016-7538SIGABRT for corrupted pdb file
CVE-2016-7537out of bound access for corrupted pdb file
CVE-2016-7536SEGV reported in corrupted profile handling
CVE-2016-7535out of bound access for corrupted psd file
CVE-2016-7534out of bound access in generic decoder
CVE-2016-7533wpg file out of bound for corrupted file
CVE-2016-7532Fix handling of corrupted psd file
CVE-2016-7531pbd file out of bound access
CVE-2016-7530out of bound in quantum handling
CVE-2016-7529out of bound access in xcf file coder
CVE-2016-7528out of bound access for viff file coder
CVE-2016-7527
CVE-2016-7526out of bound access in wpg file coder
CVE-2016-7525heap buffer overflow in psd file coder
CVE-2016-7524
CVE-2016-7523meta file out of bound access
CVE-2016-7522out of bound access for malformed psd file
CVE-2016-7521heap buffer overflow in psd file handling
CVE-2016-7520heap overflow in hdr file handling
CVE-2016-7519
CVE-2016-7518
CVE-2016-7517
CVE-2016-7516out of bunds problem in rle, pict, viff and sun files
CVE-2016-7515rle file handling for corrupted file
CVE-2016-7514out-of-bounds read in coders/psd.c
CVE-2016-7513off-by-one error leading to segfault
CVE-2016-7101The SGI coder in ImageMagick before 7.0.2-10 allows remote attackers ...
CVE-2016-6823Integer overflow in the BMP coder in ImageMagick before 7.0.2-10 ...
CVE-2016-6520Buffer overflow in MagickCore/enhance.c in ImageMagick before 7.0.2-7 ...
CVE-2016-6491Buffer overflow in the Get8BIMProperty function in ...
CVE-2016-5842MagickCore/property.c in ImageMagick before 7.0.2-1 allows remote ...
CVE-2016-5841Integer overflow in MagickCore/profile.c in ImageMagick before 7.0.2-1 ...
CVE-2016-5691The DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 ...
CVE-2016-5690The ReadDCMImage function in DCM reader in ImageMagick before 6.9.4-5 ...
CVE-2016-5689The DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 ...
CVE-2016-5688The WPG parser in ImageMagick before 6.9.4-4 and 7.x before 7.0.1-5, ...
CVE-2016-5687The VerticalFilter function in the DDS coder in ImageMagick before ...
CVE-2016-5239The gnuplot delegate functionality in ImageMagick before 6.9.4-0 and ...
CVE-2016-5118The OpenBlob function in blob.c in GraphicsMagick before 1.3.24 and ...
CVE-2016-5010Out-of-bounds read when processing crafted tiff file
CVE-2016-4564The DrawImage function in MagickCore/draw.c in ImageMagick before ...
CVE-2016-4563The TraceStrokePolygon function in MagickCore/draw.c in ImageMagick ...
CVE-2016-4562The DrawDashPolygon function in MagickCore/draw.c in ImageMagick ...
CVE-2016-3718The (1) HTTP and (2) FTP coders in ImageMagick before 6.9.3-10 and 7.x ...
CVE-2016-3717The LABEL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 ...
CVE-2016-3716The MSL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 ...
CVE-2016-3715The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before ...
CVE-2016-3714The (1) EPHEMERAL, (2) HTTPS, (3) MVG, (4) MSL, (5) TEXT, (6) SHOW, ...
CVE-2016-10252Memory leak in the IsOptionMember function in MagickCore/option.c in ...
CVE-2016-10146Multiple memory leaks in the caption and label handling code in ...
CVE-2016-10145Off-by-one error in coders/wpg.c in ImageMagick allows remote ...
CVE-2016-10144coders/ipl.c in ImageMagick allows remote attackers to have unspecific ...
CVE-2016-10071coders/mat.c in ImageMagick before 6.9.4-0 allows remote attackers to ...
CVE-2016-10070Heap-based buffer overflow in the CalcMinMax function in coders/mat.c ...
CVE-2016-10069coders/mat.c in ImageMagick before 6.9.4-5 allows remote attackers to ...
CVE-2016-10068The MSL interpreter in ImageMagick before 6.9.6-4 allows remote ...
CVE-2016-10067magick/memory.c in ImageMagick before 6.9.4-5 allows remote attackers ...
CVE-2016-10066Buffer overflow in the ReadVIFFImage function in coders/viff.c in ...
CVE-2016-10065The ReadVIFFImage function in coders/viff.c in ImageMagick before ...
CVE-2016-10064Buffer overflow in coders/tiff.c in ImageMagick before 6.9.5-1 allows ...
CVE-2016-10063Buffer overflow in coders/tiff.c in ImageMagick before 6.9.5-1 allows ...
CVE-2016-10062The ReadGROUP4Image function in coders/tiff.c in ImageMagick does not ...
CVE-2016-10061The ReadGROUP4Image function in coders/tiff.c in ImageMagick before ...
CVE-2016-10060The ConcatenateImages function in MagickWand/magick-cli.c in ...
CVE-2016-10059Buffer overflow in coders/tiff.c in ImageMagick before 6.9.4-1 allows ...
CVE-2016-10058Memory leak in the ReadPSDLayers function in coders/psd.c in ...
CVE-2016-10057Buffer overflow in the WriteGROUP4Image function in coders/tiff.c in ...
CVE-2016-10056Buffer overflow in the sixel_decode function in coders/sixel.c in ...
CVE-2016-10055Buffer overflow in the WritePDBImage function in coders/pdb.c in ...
CVE-2016-10054Buffer overflow in the WriteMAPImage function in coders/map.c in ...
CVE-2016-10053The WriteTIFFImage function in coders/tiff.c in ImageMagick before ...
CVE-2016-10052Buffer overflow in the WriteProfile function in coders/jpeg.c in ...
CVE-2016-10051Use-after-free vulnerability in the ReadPWPImage function in ...
CVE-2016-10050Heap-based buffer overflow in the ReadRLEImage function in ...
CVE-2016-10049Buffer overflow in the ReadRLEImage function in coders/rle.c in ...
CVE-2016-10048Directory traversal vulnerability in magick/module.c in ImageMagick ...
CVE-2016-10047Memory leak in the NewXMLTree function in magick/xml-tree.c in ...
CVE-2016-10046Heap-based buffer overflow in the DrawImage function in magick/draw.c ...
CVE-2015-8959DOS due to corrupted DDS files
CVE-2015-8958potential DOS in sun file handling due to malformed files
CVE-2015-8957buffer overflow in sun file handling
CVE-2015-8898The WriteImages function in magick/constitute.c in ImageMagick before ...
CVE-2015-8897The SpliceImage function in MagickCore/transform.c in ImageMagick ...
CVE-2015-8896Integer truncation issue in coders/pict.c in ImageMagick before ...
CVE-2015-8895Integer overflow in coders/icon.c in ImageMagick 6.9.1-3 and later ...
CVE-2015-8894Double free vulnerability in coders/tga.c in ImageMagick 7.0.0 and ...
CVE-2014-9915Off-by-one error in ImageMagick before 6.6.0-4 allows remote attackers ...
CVE-2014-9907DOS due to corrupted DDS files
CVE-2014-9854coders/tiff.c in ImageMagick allows remote attackers to cause a denial ...
CVE-2014-9853Memory leak in coders/rle.c in ImageMagick allows remote attackers to ...
CVE-2014-9852distribute-cache.c in ImageMagick re-uses objects after they have been ...
CVE-2014-9851ImageMagick 6.8.9.9 allows remote attackers to cause a denial of ...
CVE-2014-9850Logic error in ImageMagick 6.8.9.9 allows remote attackers to cause a ...
CVE-2014-9849The png coder in ImageMagick allows remote attackers to cause a denial ...
CVE-2014-9848Memory leak in ImageMagick allows remote attackers to cause a denial ...
CVE-2014-9847The jng decoder in ImageMagick 6.8.9.9 allows remote attackers to have ...
CVE-2014-9846Buffer overflow in the ReadRLEImage function in coders/rle.c in ...
CVE-2014-9845The ReadDIBImage function in coders/dib.c in ImageMagick allows remote ...
CVE-2014-9844The ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 ...
CVE-2014-9843The DecodePSDPixels function in coders/psd.c in ImageMagick 6.8.9.9 ...
CVE-2014-9842Memory leak in the ReadPSDLayers function in coders/psd.c in ...
CVE-2014-9840ImageMagick 6.8.9-9 allows remote attackers to cause a denial of ...
CVE-2014-9839magick/colormap-private.h in ImageMagick 6.8.9-9 allows remote ...
CVE-2014-9838magick/cache.c in ImageMagick 6.8.9-9 allows remote attackers to cause ...
CVE-2014-9837Add additional PNM sanity checks
CVE-2014-9836ImageMagick 6.8.9-9 allows remote attackers to cause a denial of ...
CVE-2014-9835Heap overflow in ImageMagick 6.8.9-9 via a crafted wpf file. ...
CVE-2014-9834Heap overflow in ImageMagick 6.8.9-9 via a crafted pict file. ...
CVE-2014-9833Heap overflow in ImageMagick 6.8.9-9 via a crafted psd file. ...
CVE-2014-9832Heap overflow in ImageMagick 6.8.9-9 via a crafted pcx file. ...
CVE-2014-9831Fix handling of corrupted wpg file
CVE-2014-9830Fix handling of corrupted sun file
CVE-2014-9829Fix an out of bound access in sun file
CVE-2014-9828Fix corrupted (too many colors) psd file
CVE-2014-9827Fix handling of corrupted of xpm file
CVE-2014-9826Fix handling of corrupted of sun file
CVE-2014-9825Fix handling of corrupted of psd file
CVE-2014-9824Fix heap overflow in psd file
CVE-2014-9823Fix heap overflow in palm file
CVE-2014-9822Fix heap overflow in quantum file
CVE-2014-9821Avoid heap overflow in xpm files
CVE-2014-9820Avoid heap overflow in pnm files
CVE-2014-9819Avoid heap overflow in palm files
CVE-2014-9818Avoid an out of bound access on malformed sun file
CVE-2014-9817Avoid a heap buffer overflow in pdb file handling
CVE-2014-9816Avoid an out of bound access in viff image
CVE-2014-9815Do not continue on corrupted wpg file
CVE-2014-9814Fix a NULL pointer dereference in wpg file handling
CVE-2014-9813Fix a crash with corrupted viff file
CVE-2014-9812Avoid a NULL pointer dereference in ps file handling
CVE-2014-9811Fix a SEGV in malformed xwd file handler
CVE-2014-9810Fix a SEGV in dpx file handler
CVE-2014-9809Fix a SEGV due to corrupted xwd images
CVE-2014-9808Fix a SEGV due to corrupted dpc images
CVE-2014-9807Fix a double free in pdb coder
CVE-2014-9806Do not leak fd due to corrupted file
CVE-2014-9805Avoid a SEGV due to a corrupted pnm file
CVE-2014-9804Avoid a DOS in vision.c due to an infinite loop
CVE-2014-8561Remotely DOS: convert +profile regression enters infinite loop exhausting memory
CVE-2014-2030
CVE-2014-1958PSD Images Processing RLE Decoding Buffer Overflow Vulnerability
CVE-2014-1947Buffer overflow vulnerability
CVE-2013-4298The ReadGIFImage function in coders/gif.c in ImageMagick before ...
CVE-2012-3437The Magick_png_malloc function in coders/png.c in ImageMagick 6.7.8 ...
CVE-2012-1798The TIFFGetEXIFProperties function in coders/tiff.c in ImageMagick ...
CVE-2012-1610Integer overflow in the GetEXIFProperty function in magick/property.c ...
CVE-2012-1186Integer overflow in the SyncImageProfiles function in profile.c in ...
CVE-2012-1185Multiple integer overflows in (1) magick/profile.c or (2) ...
CVE-2012-0260The JPEGWarningHandler function in coders/jpeg.c in ImageMagick before ...
CVE-2012-0259The GetEXIFProperty function in magick/property.c in ImageMagick ...
CVE-2012-0248ImageMagick 6.7.5-7 and earlier allows remote attackers to cause a ...
CVE-2012-0247ImageMagick 6.7.5-7 and earlier allows remote attackers to cause a ...
CVE-2010-4167Untrusted search path vulnerability in configure.c in ImageMagick ...
CVE-2009-3736ltdl.c in libltdl in GNU Libtool 1.5.x, and 2.2.6 before 2.2.6b, as ...
CVE-2009-1882Integer overflow in the XMakeImage function in magick/xwindow.c in ...
CVE-2008-1097Heap-based buffer overflow in the ReadPCXImage function in the PCX ...
CVE-2008-1096The load_tile function in the XCF coder in coders/xcf.c in (1) ...
CVE-2007-4988Sign extension error in the ReadDIBImage function in ImageMagick ...
CVE-2007-4987Off-by-one error in the ReadBlobString function in blob.c in ...
CVE-2007-4986Multiple integer overflows in ImageMagick before 6.3.5-9 allow ...
CVE-2007-4985ImageMagick before 6.3.5-9 allows context-dependent attackers to cause ...
CVE-2007-1797Multiple integer overflows in ImageMagick before 6.3.3-5 allow remote ...
CVE-2007-1667Multiple integer overflows in (1) the XGetPixel function in ImUtil.c ...
CVE-2007-0770Buffer overflow in GraphicsMagick and ImageMagick allows user-assisted ...
CVE-2006-5868Multiple buffer overflows in Imagemagick 6.0 before 6.0.6.2, and 6.2 ...
CVE-2006-5456Multiple buffer overflows in GraphicsMagick before 1.1.7 and ...
CVE-2006-4144Integer overflow in the ReadSGIImage function in sgi.c in ImageMagick ...
CVE-2006-3744Multiple integer overflows in ImageMagick before 6.2.9 allows ...
CVE-2006-3743Multiple buffer overflows in ImageMagick before 6.2.9 allow ...
CVE-2006-2440Heap-based buffer overflow in the libMagick componet of ImageMagick ...
CVE-2006-0082Format string vulnerability in the SetImageInfo function in image.c ...
CVE-2005-4601The delegate code in ImageMagick 6.2.4.5-0.3 allows remote attackers ...
CVE-2005-3582ImageMagick before 6.2.4.2-r1 allows local users in the portage group ...
CVE-2005-1739The XWD Decoder in ImageMagick before 6.2.2.3, and GraphicsMagick ...
CVE-2005-1275Heap-based buffer overflow in the ReadPNMImage function in pnm.c for ...
CVE-2005-0762Heap-based buffer overflow in the SGI parser in ImageMagick before 6.0 ...
CVE-2005-0761Unknown vulnerability in ImageMagick before 6.1.8 allows remote ...
CVE-2005-0760The TIFF decoder in ImageMagick before 6.0 allows remote attackers to ...
CVE-2005-0759ImageMagick before 6.0 allows remote attackers to cause a denial of ...
CVE-2005-0397Format string vulnerability in the SetImageInfo function in image.c ...
CVE-2005-0005Heap-based buffer overflow in psd.c for ImageMagick 6.1.0, 6.1.7, and ...
CVE-2004-0981Buffer overflow in the EXIF parsing routine in ImageMagick before ...
CVE-2004-0827Multiple buffer overflows in the ImageMagick graphics library 5.x ...
CVE-2003-0455The imagemagick libmagick library 5.5 and earlier creates temporary ...

Security announcements

DSA / DLADescription
DLA-868-1imagemagick - security update
DSA-3808-1imagemagick - security update
DSA-3799-1imagemagick - security update
DLA-807-1imagemagick - security update
DLA-756-1imagemagick - security update
DLA-731-2imagemagick - regression update
DLA-731-1imagemagick - security update
DSA-3726-1imagemagick - security update
DSA-3675-1imagemagick - security update
DSA-3652-1imagemagick - security update
DLA-517-1imagemagick - security update
DSA-3591-1imagemagick - security update
DLA-500-1imagemagick - security update
DLA-486-1imagemagick - security update
DSA-3580-1imagemagick - security update
DSA-3547-1imagemagick - security update
DLA-353-1imagemagick - security update
DLA-242-1imagemagick - security update
DLA-90-1imagemagick - security update
DSA-2898-1imagemagick - security update
DSA-2898-1imagemagick - security update
DSA-2750-1imagemagick - buffer overflow
DSA-2462-1imagemagick - several
DSA-2427-1imagemagick - several
DSA-1858-1imagemagick - several vulnerabilities
DSA-1858-1imagemagick - several vulnerabilities
DSA-1260imagemagick
DSA-1213imagemagick
DSA-1168-1imagemagick
DSA-957-2imagemagick - missing shell meta sanitising
DSA-957-2imagemagick - missing shell meta sanitising
DSA-702-1imagemagick - several
DSA-646-1imagemagick - buffer overflow
DSA-593-1imagemagick - buffer overflow
DSA-547-1imagemagick - buffer overflows
DSA-331imagemagick - insecure temporary file

Search for package or bug name: Reporting problems