{"id":"MGASA-2014-0087","summary":"Updated imagemagick package fixes security vulnerabilities","details":"A buffer overflow flaw was found in the way ImageMagick handled PSD images\nthat use RLE encoding. An attacker could create a malicious PSD image file\nthat, when opened in ImageMagick, would cause ImageMagick to crash or,\npotentially, execute arbitrary code with the privileges of the user running\nImageMagick (CVE-2014-1958).\n\nA buffer overflow flaw was found in the way ImageMagick writes PSD images when\nthe input data has a large number of unlabeled layers (CVE-2014-2030).\n","modified":"2026-04-16T06:24:23.350254532Z","published":"2014-02-21T18:10:03Z","upstream":["CVE-2014-1958","CVE-2014-2030"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2014-0087.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=12742"},{"type":"ADVISORY","url":"http://secunia.com/advisories/56844/"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1067276"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1064098"}],"affected":[{"package":{"name":"imagemagick","ecosystem":"Mageia:3","purl":"pkg:rpm/mageia/imagemagick?arch=source&distro=mageia-3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"6.8.1.1-2.1.mga3"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2014-0087.json"}},{"package":{"name":"imagemagick","ecosystem":"Mageia:4","purl":"pkg:rpm/mageia/imagemagick?arch=source&distro=mageia-4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"6.8.7.0-2.1.mga4"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2014-0087.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}