Oval Definition:	oval:org.opensuse.security:def:201711722
Revision Date: 2022-05-22 Version: 1 Title: CVE-2017-11722 Description: The WriteOnePNGImage function in coders/png.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file, because the program's actual control flow was inconsistent with its indentation. This resulted in a logging statement executing outside of a loop, and consequently using an invalid array index corresponding to the loop's exit condition. Family: unix Class: vulnerability Status: Reference(s): CVE-2017-11722 Mitre CVE-2017-11722 SUSE CVE-2017-11722 openSUSE-SU-2018:0460-1 Platform(s): openSUSE Leap 42.3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server for SAP Applications 11 SP4 SUSE Linux Enterprise Server for SAP Applications 12 SP2 SUSE Linux Enterprise Server for SAP Applications 12 SP3 SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Software Development Kit 12 SP2 SUSE Linux Enterprise Software Development Kit 12 SP3 SUSE Linux Enterprise Workstation Extension 12 SP2 SUSE Linux Enterprise Workstation Extension 12 SP3 Product(s): Definition Synopsis openSUSE Leap 42.3 is installed AND Package Information GraphicsMagick-1.3.25-68 is installed AND GraphicsMagick is signed with openSUSE key OR GraphicsMagick-devel-1.3.25-68 is installed AND GraphicsMagick-devel is signed with openSUSE key OR libGraphicsMagick++-Q16-12-1.3.25-68 is installed AND libGraphicsMagick++-Q16-12 is signed with openSUSE key OR libGraphicsMagick++-devel-1.3.25-68 is installed AND libGraphicsMagick++-devel is signed with openSUSE key OR libGraphicsMagick-Q16-3-1.3.25-68 is installed AND libGraphicsMagick-Q16-3 is signed with openSUSE key OR libGraphicsMagick3-config-1.3.25-68 is installed AND libGraphicsMagick3-config is signed with openSUSE key OR libGraphicsMagickWand-Q16-2-1.3.25-68 is installed AND libGraphicsMagickWand-Q16-2 is signed with openSUSE key OR perl-GraphicsMagick-1.3.25-68 is installed AND perl-GraphicsMagick is signed with openSUSE key Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND ImageMagick is not affected Definition Synopsis Release Information SUSE Linux Enterprise Desktop 12 SP3 is installed AND ImageMagick is not affected OR Package Information SUSE Linux Enterprise Desktop 12 SP2 is installed AND ImageMagick is affected Definition Synopsis Release Information SUSE Linux Enterprise Server 11 SP4 is installed AND ImageMagick is not affected OR Package Information SUSE Linux Enterprise Software Development Kit 11 SP4 is installed AND GraphicsMagick is not affected OR ImageMagick is not affected Definition Synopsis Release Information SUSE Linux Enterprise Desktop 12 SP3 is installed OR SUSE Linux Enterprise Server 12 SP2 is installed OR SUSE Linux Enterprise Server 12 SP3 is installed OR SUSE Linux Enterprise Software Development Kit 12 SP2 is installed OR SUSE Linux Enterprise Software Development Kit 12 SP3 is installed OR SUSE Linux Enterprise Workstation Extension 12 SP2 is installed OR SUSE Linux Enterprise Workstation Extension 12 SP3 is installed AND ImageMagick is not affected Definition Synopsis Release Information SUSE Linux Enterprise Desktop 12 SP2 is installed OR SUSE Linux Enterprise Desktop 12 SP3 is installed OR SUSE Linux Enterprise Server 12 SP2 is installed OR SUSE Linux Enterprise Server 12 SP3 is installed OR SUSE Linux Enterprise Server for SAP Applications 12 SP2 is installed OR SUSE Linux Enterprise Server for SAP Applications 12 SP3 is installed OR SUSE Linux Enterprise Workstation Extension 12 SP2 is installed OR SUSE Linux Enterprise Workstation Extension 12 SP3 is installed AND ImageMagick is not affected Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND ImageMagick is not affected
BACK