OVAL Reference oval:org.opensuse.security:def:2653

Oval Definition:

oval:org.opensuse.security:def:2653

Revision Date:	2020-12-02	Version:	1
Title:	Security update for ImageMagick (Low)
Description:	This update for ImageMagick fixes the following security issues: - CVE-2018-16413: Prevent heap-based buffer over-read in the PushShortPixel function leading to DoS (bsc#1106989) - CVE-2018-16329: Prevent NULL pointer dereference in the GetMagickProperty function leading to DoS (bsc#1106858). - CVE-2018-16328: Prevent NULL pointer dereference exists in the CheckEventLogging function leading to DoS (bsc#1106857). - CVE-2018-16323: ReadXBMImage left data uninitialized when processing an XBM file that has a negative pixel value. If the affected code was used as a library loaded into a process that includes sensitive information, that information sometimes can be leaked via the image data (bsc#1106855) - CVE-2018-16642: The function InsertRow allowed remote attackers to cause a denial of service via a crafted image file due to an out-of-bounds write (bsc#1107616) - CVE-2018-16640: Prevent memory leak in the function ReadOneJNGImage (bsc#1107619) - CVE-2018-16641: Prevent memory leak in the TIFFWritePhotoshopLayers function (bsc#1107618). - CVE-2018-16643: The functions ReadDCMImage, ReadPWPImage, ReadCALSImage, and ReadPICTImage did check the return value of the fputc function, which allowed remote attackers to cause a denial of service via a crafted image file (bsc#1107612) - CVE-2018-16644: Added missing check for length in the functions ReadDCMImage and ReadPICTImage, which allowed remote attackers to cause a denial of service via a crafted image (bsc#1107609) - CVE-2018-16645: Prevent excessive memory allocation issue in the functions ReadBMPImage and ReadDIBImage, which allowed remote attackers to cause a denial of service via a crafted image file (bsc#1107604)
Family:	unix	Class:	patch
Status:		Reference(s):	1048046 1051429 1071995 1089524 1094685 1095189 1095825 1095826 1095827 1095945 1097103 1106855 1106857 1106858 1106989 1107604 1107609 1107612 1107616 1107618 1107619 1108630 1108631 1108632 1109319 1113038 1113039 1114832 1118897 1118898 1118899 1121967 1124308 1125601 1127153 1127838 1130245 1131233 1131237 1131239 1131241 1131245 1134078 1134452 1136572 1141897 1142649 1144348 1144352 1144902 1148517 1149121 1149145 1149742 1149792 1149955 1151490 1153238 1154091 1154289 1154598 1159639 CVE-2018-11410 CVE-2018-11440 CVE-2018-11577 CVE-2018-11683 CVE-2018-11684 CVE-2018-11685 CVE-2018-12085 CVE-2018-16323 CVE-2018-16328 CVE-2018-16329 CVE-2018-16413 CVE-2018-16640 CVE-2018-16641 CVE-2018-16642 CVE-2018-16643 CVE-2018-16644 CVE-2018-16645 CVE-2018-16873 CVE-2018-16874 CVE-2018-16875 CVE-2018-17096 CVE-2018-17097 CVE-2018-17098 CVE-2018-17294 CVE-2018-18584 CVE-2018-18585 CVE-2019-0196 CVE-2019-0197 CVE-2019-0211 CVE-2019-0217 CVE-2019-0220 CVE-2019-0804 CVE-2019-10218 CVE-2019-14250 CVE-2019-14491 CVE-2019-14492 CVE-2019-14833 CVE-2019-14847 CVE-2019-15847 CVE-2019-15939 CVE-2019-16056 CVE-2019-16935 CVE-2019-5736 CVE-2019-6470 SUSE-SU-2018:2977-1 SUSE-SU-2018:3610-1 SUSE-SU-2019:0495-1 SUSE-SU-2019:0603-1 SUSE-SU-2019:0748-1 SUSE-SU-2019:0795-1 SUSE-SU-2019:0873-1 SUSE-SU-2019:2657-1 SUSE-SU-2019:2702-1 SUSE-SU-2019:2802-1 SUSE-SU-2019:2868-1 SUSE-SU-2019:3192-1 SUSE-SU-2019:3393-1
Platform(s):	SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise for SAP 12 SUSE Linux Enterprise High Availability 12 SP2 SUSE Linux Enterprise High Availability 12 SP3 SUSE Linux Enterprise High Availability 12 SP4 SUSE Linux Enterprise High Availability 15 SUSE Linux Enterprise High Availability 15 SP1 SUSE Linux Enterprise Module for additional PackageHub packages 15 SUSE Linux Enterprise Module for Advanced Systems Management 12 SUSE Linux Enterprise Module for Containers 12 SUSE Linux Enterprise Module for Desktop Applications 15 SUSE Linux Enterprise Module for High Performance Computing 15 SUSE Linux Enterprise Module for High Performance Computing 15 SP1 SUSE Linux Enterprise Module for Legacy Software 15 SUSE Linux Enterprise Module for Legacy Software 15 SP1 SUSE Linux Enterprise Module for Live Patching 15 SUSE Linux Enterprise Module for Live Patching 15 SP1 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2 SUSE Linux Enterprise Module for Server Applications 15 SP1 SUSE Linux Enterprise Module for Web Scripting 12 SUSE Linux Enterprise Module for Web Scripting 15 SUSE Linux Enterprise Module for Web Scripting 15 SP1 SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Server 11 SP1-LTSS SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP2-LTSS SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP3-LTSS SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server 11-SECURITY SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server for VMWare 11 SP2 SUSE Linux Enterprise Server for VMWare 11 SP3 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Software Development Kit 12 SP2 SUSE Linux Enterprise Workstation Extension 12 SP2 SUSE Linux Enterprise Workstation Extension 15 SUSE Linux Enterprise Workstation Extension 15 SP1 SUSE Package Hub for SUSE Linux Enterprise 12 SP1	Product(s):
Definition Synopsis
SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 is installed AND Package Information openstack-cinder-2014.2.3.dev13-1 is installed OR openstack-cinder-volume-2014.2.3.dev13-1 is installed OR python-cinder-2014.2.3.dev13-1 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 is installed AND Package Information alsa-1.0.27.2-11 is installed OR libasound2-1.0.27.2-11 is installed OR libasound2-32bit-1.0.27.2-11 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information ImageMagick-6.8.8.1-8 is installed OR libMagick++-6_Q16-3-6.8.8.1-8 is installed OR libMagickCore-6_Q16-1-6.8.8.1-8 is installed OR libMagickCore-6_Q16-1-32bit-6.8.8.1-8 is installed OR libMagickWand-6_Q16-1-6.8.8.1-8 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information libpython3_4m1_0-3.4.5-19 is installed OR python3-3.4.5-19 is installed OR python3-base-3.4.5-19 is installed OR python3-curses-3.4.5-19 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP4 is installed AND libotr5-4.0.0-9 is installed
Definition Synopsis
SUSE Linux Enterprise for SAP 12 is installed AND Package Information kgraft-patch-3_12_55-52_42-default-4-2.1 is installed OR kgraft-patch-3_12_55-52_42-xen-4-2.1 is installed OR kgraft-patch-SLE12_Update_12-4-2.1 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP2 is installed AND haproxy-1.6.5-5 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP3 is installed AND Package Information cluster-md-kmp-default-4.4.73-5 is installed OR dlm-kmp-default-4.4.73-5 is installed OR gfs2-kmp-default-4.4.73-5 is installed OR ocfs2-kmp-default-4.4.73-5 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP4 is installed AND Package Information corosync-2.3.6-9.13 is installed OR libcorosync4-2.3.6-9.13 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 15 is installed AND Package Information cluster-md-kmp-default-4.12.14-25.19 is installed OR dlm-kmp-default-4.12.14-25.19 is installed OR gfs2-kmp-default-4.12.14-25.19 is installed OR kernel-default-4.12.14-25.19 is installed OR ocfs2-kmp-default-4.12.14-25.19 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 15 SP1 is installed AND Package Information cluster-md-kmp-default-4.12.14-197.21 is installed OR dlm-kmp-default-4.12.14-197.21 is installed OR gfs2-kmp-default-4.12.14-197.21 is installed OR kernel-default-4.12.14-197.21 is installed OR ocfs2-kmp-default-4.12.14-197.21 is installed
Definition Synopsis
SUSE Linux Enterprise Module for additional PackageHub packages 15 is installed AND Package Information ffmpeg-3.4.2-4.12 is installed OR libavdevice57-3.4.2-4.12 is installed OR libavfilter6-3.4.2-4.12 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Advanced Systems Management 12 is installed AND Package Information puppet-3.6.2-3 is installed OR puppet-server-3.6.2-3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Containers 12 is installed AND python-PyYAML-3.10-15 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Desktop Applications 15 is installed AND Package Information ImageMagick-7.0.7.34-3.24 is installed OR ImageMagick-devel-7.0.7.34-3.24 is installed OR libMagick++-7_Q16HDRI4-7.0.7.34-3.24 is installed OR libMagick++-devel-7.0.7.34-3.24 is installed OR libMagickCore-7_Q16HDRI6-7.0.7.34-3.24 is installed OR libMagickWand-7_Q16HDRI6-7.0.7.34-3.24 is installed
Definition Synopsis
SUSE Linux Enterprise Module for High Performance Computing 15 is installed AND Package Information libpmi0-17.11.7-6.3 is installed OR libslurm32-17.11.7-6.3 is installed OR perl-slurm-17.11.7-6.3 is installed OR slurm-17.11.7-6.3 is installed OR slurm-auth-none-17.11.7-6.3 is installed OR slurm-config-17.11.7-6.3 is installed OR slurm-devel-17.11.7-6.3 is installed OR slurm-doc-17.11.7-6.3 is installed OR slurm-lua-17.11.7-6.3 is installed OR slurm-munge-17.11.7-6.3 is installed OR slurm-node-17.11.7-6.3 is installed OR slurm-pam_slurm-17.11.7-6.3 is installed OR slurm-plugins-17.11.7-6.3 is installed OR slurm-slurmdbd-17.11.7-6.3 is installed OR slurm-sql-17.11.7-6.3 is installed OR slurm-torque-17.11.7-6.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for High Performance Computing 15 SP1 is installed AND Package Information libpmi0-18.08.8-3.4 is installed OR libslurm33-18.08.8-3.4 is installed OR perl-Switch-2.17-3.2 is installed OR perl-slurm-18.08.8-3.4 is installed OR slurm-18.08.8-3.4 is installed OR slurm-auth-none-18.08.8-3.4 is installed OR slurm-config-18.08.8-3.4 is installed OR slurm-config-man-18.08.8-3.4 is installed OR slurm-devel-18.08.8-3.4 is installed OR slurm-doc-18.08.8-3.4 is installed OR slurm-lua-18.08.8-3.4 is installed OR slurm-munge-18.08.8-3.4 is installed OR slurm-node-18.08.8-3.4 is installed OR slurm-pam_slurm-18.08.8-3.4 is installed OR slurm-plugins-18.08.8-3.4 is installed OR slurm-slurmdbd-18.08.8-3.4 is installed OR slurm-sql-18.08.8-3.4 is installed OR slurm-sview-18.08.8-3.4 is installed OR slurm-torque-18.08.8-3.4 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Legacy Software 15 is installed AND Package Information kernel-default-4.12.14-25.3 is installed OR reiserfs-kmp-default-4.12.14-25.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Legacy Software 15 SP1 is installed AND Package Information java-1_8_0-openjdk-1.8.0.212-3.19 is installed OR java-1_8_0-openjdk-demo-1.8.0.212-3.19 is installed OR java-1_8_0-openjdk-devel-1.8.0.212-3.19 is installed OR java-1_8_0-openjdk-headless-1.8.0.212-3.19 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Live Patching 15 is installed AND Package Information kernel-default-4.12.14-25.3 is installed OR kernel-default-livepatch-4.12.14-25.3 is installed OR kernel-livepatch-4_12_14-25_3-default-1-1.3 is installed OR kernel-livepatch-SLE15_Update_1-1-1.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Live Patching 15 SP1 is installed AND Package Information kernel-default-4.12.14-197.10 is installed OR kernel-default-livepatch-4.12.14-197.10 is installed OR kernel-default-livepatch-devel-4.12.14-197.10 is installed OR kernel-livepatch-4_12_14-197_10-default-1-3.3 is installed OR kernel-livepatch-SLE15-SP1_Update_3-1-3.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 is installed AND Package Information dhcp-4.3.5-6.3 is installed OR dhcp-doc-4.3.5-6.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed AND Package Information bzip2-1.0.6-5.3 is installed OR bzip2-doc-1.0.6-5.3 is installed OR libbz2-devel-32bit-1.0.6-5.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2 is installed AND Package Information MozillaFirefox-68.6.0-3.75 is installed OR MozillaFirefox-branding-upstream-68.6.0-3.75 is installed OR MozillaFirefox-buildsymbols-68.6.0-3.75 is installed OR MozillaFirefox-devel-68.6.0-3.75 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Server Applications 15 SP1 is installed AND Package Information rmt-server-2.3.1-3.3 is installed OR rmt-server-config-2.3.1-3.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Web Scripting 12 is installed AND python3-3.4.1-2 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Web Scripting 15 is installed AND Package Information nodejs8-8.15.0-3.11 is installed OR nodejs8-devel-8.15.0-3.11 is installed OR nodejs8-docs-8.15.0-3.11 is installed OR npm8-8.15.0-3.11 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Web Scripting 15 SP1 is installed AND Package Information nodejs8-8.16.1-3.20 is installed OR nodejs8-devel-8.16.1-3.20 is installed OR nodejs8-docs-8.16.1-3.20 is installed OR npm8-8.16.1-3.20 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 is installed AND Package Information alsa-1.0.27.2-11 is installed OR alsa-docs-1.0.27.2-11 is installed OR libasound2-1.0.27.2-11 is installed OR libasound2-32bit-1.0.27.2-11 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information accountsservice-0.6.35-3 is installed OR accountsservice-lang-0.6.35-3 is installed OR libaccountsservice0-0.6.35-3 is installed OR typelib-1_0-AccountsService-1_0-0.6.35-3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information libgnomesu-2.0.0-353.6 is installed OR libgnomesu-lang-2.0.0-353.6 is installed OR libgnomesu0-2.0.0-353.6 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information apache-commons-beanutils-1.9.2-1 is installed OR apache-commons-beanutils-javadoc-1.9.2-1 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 is installed AND Package Information ImageMagick-6.8.8.1-5 is installed OR ImageMagick-devel-6.8.8.1-5 is installed OR libMagick++-6_Q16-3-6.8.8.1-5 is installed OR libMagick++-devel-6.8.8.1-5 is installed OR perl-PerlMagick-6.8.8.1-5 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 SP2 is installed AND Package Information ImageMagick-6.8.8.1-33.1 is installed OR ImageMagick-devel-6.8.8.1-33.1 is installed OR libMagick++-6_Q16-3-6.8.8.1-33.1 is installed OR libMagick++-devel-6.8.8.1-33.1 is installed OR perl-PerlMagick-6.8.8.1-33.1 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 SP2 is installed AND Package Information libjavascriptcoregtk-1_0-0-2.4.11-23.20 is installed OR libjavascriptcoregtk-1_0-0-32bit-2.4.11-23.20 is installed OR libwebkitgtk-1_0-0-2.4.11-23.20 is installed OR libwebkitgtk-1_0-0-32bit-2.4.11-23.20 is installed OR libwebkitgtk2-lang-2.4.11-23.20 is installed OR typelib-1_0-JavaScriptCore-3_0-2.4.11-23.20 is installed OR typelib-1_0-WebKit-3_0-2.4.11-23.20 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 15 is installed AND Package Information kernel-default-4.12.14-25.3 is installed OR kernel-default-extra-4.12.14-25.3 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 15 SP1 is installed AND Package Information MozillaThunderbird-60.8.0-3.46 is installed OR MozillaThunderbird-translations-common-60.8.0-3.46 is installed OR MozillaThunderbird-translations-other-60.8.0-3.46 is installed
Definition Synopsis
SUSE Package Hub for SUSE Linux Enterprise 12 SP1 is installed AND Package Information kinit-5.20.0-6 is installed OR kinit-devel-5.20.0-6 is installed OR kinit-lang-5.20.0-6 is installed

BACK