This update for GraphicsMagick fixes several issues.
These security issues were fixed:
CVE-2017-13065: Prevent NULL pointer dereference in the function SVGStartElement
(bsc#1055038).
CVE-2018-5685: Prevent infinite loop and application hang in the ReadBMPImage
function. Remote attackers could leverage this vulnerability to cause a denial
of service via an image file with a crafted bit-field mask value (bsc#1075939).
CVE-2017-9262: The ReadJNGImage function in coders/png.c allowed attackers to
cause a denial of service (memory leak) via a crafted file (bsc#1043353)
CVE-2017-9261: The ReadMNGImage function in coders/png.c allowed attackers to
cause a denial of service (memory leak) via a crafted file (bsc#1043354)
CVE-2017-10995: The mnggetlong function in coders/png.c allowed remote
attackers to cause a denial of service (heap-based buffer over-read and
application crash) via a crafted MNG image (bsc#1047908)
CVE-2017-11102: The ReadOneJNGImage function allowed remote attackers to
cause a denial of service (application crash) during JNG reading via a
zero-length color_image data structure (bsc#1047910).
CVE-2017-11539: Prevent memory leak in the ReadOnePNGImage() function in
coders/png.c (bsc#1050037)
CVE-2017-11505: The ReadOneJNGImage function in coders/png.c allowed remote
attackers to cause a denial of service (large loop and CPU consumption) via a
crafted file (bsc#1050072)
CVE-2017-11526: The ReadOneMNGImage function in coders/png.c allowed remote
attackers to cause a denial of service (large loop and CPU consumption) via a
crafted file (bsc#1050100)
CVE-2017-11750: The ReadOneJNGImage function in coders/png.c allowed remote
attackers to cause a denial of service (NULL pointer dereference) via a crafted
file (bsc#1051442)
CVE-2017-12565: Prevent memory leak in the function ReadOneJNGImage in
coders/png.c, which allowed attackers to cause a denial of service
(bsc#1052470)
CVE-2017-12676: Prevent memory leak in the function ReadOneJNGImage in
coders/png.c, which allowed attackers to cause a denial of service
(bsc#1052708)
CVE-2017-12673: Prevent memory leak in the function ReadOneMNGImage in
coders/png.c, which allowed attackers to cause a denial of service
(bsc#1052717)
CVE-2017-12643: Prevent a memory exhaustion vulnerability in ReadOneJNGImage
in coders\png.c (bsc#1052768)
CVE-2017-12641: Prevent a memory leak vulnerability in ReadOneJNGImage in
coders\png.c (bsc#1052777)
CVE-2017-12640: Prevent an out-of-bounds read vulnerability in
ReadOneMNGImage in coders/png.c (bsc#1052781)
CVE-2017-12935: The ReadMNGImage function in coders/png.c mishandled large
MNG images, leading to an invalid memory read in the SetImageColorCallBack
function in magick/image.c (bsc#1054600)
CVE-2017-13147: Prevent allocation failure in the function ReadMNGImage in
coders/png.c when a small MNG file has a MEND chunk with a large length value
(bsc#1055374)
CVE-2017-13142: Added additional checks for short files to prevent a crafted
PNG file from triggering a crash (bsc#1055455)
CVE-2017-13141: Prevent memory leak in ReadOnePNGImage in coders/png.c
(bsc#1055456)
CVE-2017-14103: The ReadJNGImage and ReadOneJNGImage functions in
coders/png.c did not properly manage image pointers after certain error
conditions, which allowed remote attackers to conduct use-after-free attacks
via a crafted file, related to a ReadMNGImage out-of-order CloseBlob call
(bsc#1057000)
CVE-2017-14649: ReadOneJNGImage in coders/png.c did not properly validate JNG
data, leading to a denial of service (assertion failure in
magick/pixel_cache.c, and application crash) (bsc#1060162)
CVE-2017-15218: Prevent memory leak in ReadOneJNGImage in coders/png.c
(bsc#1062752)
CVE-2017-15238: ReadOneJNGImage had a use-after-free issue when the height or
width is zero, related to ReadJNGImage (bsc#1067198).
CVE-2017-17782: Prevent heap-based buffer over-read in ReadOneJNGImage
related to oFFs chunk allocation (bsc#1073690).
CVE-2017-17501: WriteOnePNGImage had a heap-based buffer over-read that could
be triggered via a crafted file (bsc#1074023).
CVE-2017-17884: Prevent memory leak in the function WriteOnePNGImage in
coders/png.c, which allowed attackers to cause a denial of service via a
crafted PNG image file (bsc#1074120)
CVE-2017-17879: Prevent heap-based buffer over-read in ReadOneMNGImage in
coders/png.c, related to length calculation and caused by an off-by-one error
(bsc#1074125)
CVE-2017-17915: Prevent heap-based buffer over-read in ReadMNGImage when
accessing one byte testing whether a limit has been reached (bsc#1074175).