Upstream information

CVE-2019-19950 at MITRE

Description

In GraphicsMagick 1.4 snapshot-20190403 Q8, there is a use-after-free in ThrowException and ThrowLoggedException of magick/error.c.

SUSE information

Overall state of this security issue: Does not affect SUSE products

This issue is currently rated as having moderate severity.

SUSE Bugzilla entry: 1159852 [NEW]

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
openSUSE Leap 15.1
  • GraphicsMagick >= 1.3.29-lp151.4.14.1
  • GraphicsMagick-debuginfo >= 1.3.29-lp151.4.14.1
  • GraphicsMagick-debugsource >= 1.3.29-lp151.4.14.1
  • GraphicsMagick-devel >= 1.3.29-lp151.4.14.1
  • libGraphicsMagick++-Q16-12 >= 1.3.29-lp151.4.14.1
  • libGraphicsMagick++-Q16-12-debuginfo >= 1.3.29-lp151.4.14.1
  • libGraphicsMagick++-devel >= 1.3.29-lp151.4.14.1
  • libGraphicsMagick-Q16-3 >= 1.3.29-lp151.4.14.1
  • libGraphicsMagick-Q16-3-debuginfo >= 1.3.29-lp151.4.14.1
  • libGraphicsMagick3-config >= 1.3.29-lp151.4.14.1
  • libGraphicsMagickWand-Q16-2 >= 1.3.29-lp151.4.14.1
  • libGraphicsMagickWand-Q16-2-debuginfo >= 1.3.29-lp151.4.14.1
  • perl-GraphicsMagick >= 1.3.29-lp151.4.14.1
  • perl-GraphicsMagick-debuginfo >= 1.3.29-lp151.4.14.1
Patchnames:
openSUSE-2020-55