Oval Definition:oval:org.opensuse.security:def:2801
Revision Date:2020-12-02Version:1
Title:Security update for ImageMagick (Moderate)
Description:

This update for ImageMagick fixes the following issues:

- CVE-2019-13301: Fixed a memory leak in AcquireMagickMemory() (bsc#1140554). - CVE-2019-13309: Fixed a memory leak at AcquireMagickMemory due to mishandling the NoSuchImage error in CLIListOperatorImages (bsc#1140520). - CVE-2019-13310: Fixed a memory leak at AcquireMagickMemory because of an error in MagickWand/mogrify.c (bsc#1140501). - CVE-2019-13311: Fixed a memory leak at AcquireMagickMemory because of a wand/mogrify.c error (bsc#1140513). - CVE-2019-13303: Fixed a heap-based buffer over-read in MagickCore/composite.c in CompositeImage (bsc#1140549). - CVE-2019-13296: Fixed a memory leak in AcquireMagickMemory because of an error in CLIListOperatorImages in MagickWand/operation.c (bsc#1140665). - CVE-2019-13299: Fixed a heap-based buffer over-read at MagickCore/pixel-accessor.h in GetPixelChannel (bsc#1140668). - CVE-2019-13454: Fixed a division by zero in RemoveDuplicateLayers in MagickCore/layer.c (bsc#1141171). - CVE-2019-13295: Fixed a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage (bsc#1140664). - CVE-2019-13297: Fixed a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage (bsc#1140666). - CVE-2019-12979: Fixed the use of uninitialized values in SyncImageSettings() (bsc#1139886). - CVE-2019-13391: Fixed a heap-based buffer over-read in MagickCore/fourier.c (bsc#1140673). - CVE-2019-13308: Fixed a heap-based buffer overflow in MagickCore/fourier.c (bsc#1140534). - CVE-2019-13302: Fixed a heap-based buffer over-read in MagickCore/fourier.c in ComplexImages (bsc#1140552). - CVE-2019-13298: Fixed a heap-based buffer overflow at MagickCore/pixel-accessor.h in SetPixelViaPixelInfo (bsc#1140667). - CVE-2019-13300: Fixed a heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages (bsc#1140669). - CVE-2019-13307: Fixed a heap-based buffer overflow at MagickCore/statistic.c (bsc#1140538). - CVE-2019-12977: Fixed the use of uninitialized values in WriteJP2Imag() (bsc#1139884). - CVE-2019-12975: Fixed a memory leak in the WriteDPXImage() in coders/dpx.c (bsc#1140106). - CVE-2019-13135: Fixed the use of uninitialized values in ReadCUTImage() (bsc#1140103). - CVE-2019-12978: Fixed the use of uninitialized values in ReadPANGOImage() (bsc#1139885). - CVE-2019-12974: Fixed a NULL pointer dereference in the ReadPANGOImage() (bsc#1140111). - CVE-2019-13304: Fixed a stack-based buffer overflow at coders/pnm.c in WritePNMImage (bsc#1140547). - CVE-2019-13305: Fixed one more stack-based buffer overflow at coders/pnm.c in WritePNMImage (bsc#1140545). - CVE-2019-13306: Fixed an additional stack-based buffer overflow at coders/pnm.c in WritePNMImage (bsc#1140543). - CVE-2019-13133: Fixed a memory leak in the ReadBMPImage() (bsc#1140100). - CVE-2019-13134: Fixed a memory leak in the ReadVIFFImage() (bsc#1140102). - CVE-2019-13137: Fixed a memory leak in the ReadPSImage() (bsc#1140105). - CVE-2019-13136: Fixed a integer overflow vulnerability in the TIFFSeekCustomStream() (bsc#1140104). - CVE-2019-12976: Fixed a memory leak in the ReadPCLImage() in coders/pcl.c(bsc#1140110).
Family:unixClass:patch
Status:Reference(s):1033084
1033085
1033086
1033087
1033088
1033089
1033090
1051510
1055117
1071995
1083647
1083710
1101888
1101889
1103991
1106390
1107066
1107067
1111666
1111973
1112723
1112726
1115015
1115022
1115025
1115375
1118087
1119222
1123080
1123685
1125007
1127034
1127315
1128935
1128937
1129770
1130746
1133021
1133100
1134097
1134390
1134399
1134856
1135335
1135642
1137458
1137534
1137535
1137584
1137609
1137827
1137835
1139358
1139884
1139885
1139886
1140100
1140102
1140103
1140104
1140105
1140106
1140110
1140111
1140133
1140139
1140322
1140461
1140501
1140513
1140520
1140534
1140538
1140543
1140545
1140547
1140549
1140552
1140554
1140652
1140664
1140665
1140666
1140667
1140668
1140669
1140673
1140868
1140887
1140888
1140889
1140891
1140893
1140903
1140945
1140948
1140954
1140955
1140956
1140957
1140958
1140959
1140960
1140961
1140962
1140964
1140971
1140972
1140992
1141171
1141401
1141402
1141452
1141453
1141454
1141478
1141780
1141781
1141782
1141783
1141784
1141785
1141787
1141788
1141789
1142023
1142112
1142220
1142221
1142265
1142350
1142351
1142354
1142359
1142450
1142701
1142868
1143003
1143105
1143185
1143189
1143191
1143507
1145383
1145575
1145579
1145580
1145582
1145738
1145739
1145740
1145741
1145742
1153102
CVE-2017-7607
CVE-2017-7608
CVE-2017-7609
CVE-2017-7610
CVE-2017-7611
CVE-2017-7612
CVE-2017-7613
CVE-2018-14394
CVE-2018-14395
CVE-2018-16062
CVE-2018-16402
CVE-2018-16403
CVE-2018-16843
CVE-2018-16844
CVE-2018-16845
CVE-2018-16868
CVE-2018-18310
CVE-2018-18520
CVE-2018-18521
CVE-2018-20855
CVE-2019-10081
CVE-2019-10082
CVE-2019-10092
CVE-2019-10097
CVE-2019-10098
CVE-2019-1125
CVE-2019-11709
CVE-2019-11711
CVE-2019-11712
CVE-2019-11713
CVE-2019-11715
CVE-2019-11717
CVE-2019-11719
CVE-2019-11729
CVE-2019-11730
CVE-2019-11810
CVE-2019-12779
CVE-2019-12974
CVE-2019-12975
CVE-2019-12976
CVE-2019-12977
CVE-2019-12978
CVE-2019-12979
CVE-2019-13133
CVE-2019-13134
CVE-2019-13135
CVE-2019-13136
CVE-2019-13137
CVE-2019-13295
CVE-2019-13296
CVE-2019-13297
CVE-2019-13298
CVE-2019-13299
CVE-2019-13300
CVE-2019-13301
CVE-2019-13302
CVE-2019-13303
CVE-2019-13304
CVE-2019-13305
CVE-2019-13306
CVE-2019-13307
CVE-2019-13308
CVE-2019-13309
CVE-2019-13310
CVE-2019-13311
CVE-2019-13391
CVE-2019-13454
CVE-2019-13631
CVE-2019-13648
CVE-2019-14283
CVE-2019-14284
CVE-2019-14806
CVE-2019-17113
CVE-2019-2745
CVE-2019-2762
CVE-2019-2766
CVE-2019-2769
CVE-2019-2786
CVE-2019-2816
CVE-2019-2818
CVE-2019-2821
CVE-2019-7150
CVE-2019-7317
CVE-2019-7665
CVE-2019-9511
CVE-2019-9513
CVE-2019-9516
CVE-2019-9517
CVE-2019-9704
CVE-2019-9705
CVE-2019-9811
SUSE-SU-2019:1299-2
SUSE-SU-2019:1351-2
SUSE-SU-2019:1389-2
SUSE-SU-2019:1486-1
SUSE-SU-2019:1791-1
SUSE-SU-2019:1869-1
SUSE-SU-2019:2002-1
SUSE-SU-2019:2068-1
SUSE-SU-2019:2106-1
SUSE-SU-2019:2237-1
SUSE-SU-2019:2309-1
SUSE-SU-2019:2365-1
SUSE-SU-2019:2622-1
Platform(s):SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 11 SP4
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise High Availability 12 SP2
SUSE Linux Enterprise High Availability 12 SP3
SUSE Linux Enterprise High Availability 12 SP4
SUSE Linux Enterprise Module for additional PackageHub packages 15
SUSE Linux Enterprise Module for Advanced Systems Management 12
SUSE Linux Enterprise Module for Containers 12
SUSE Linux Enterprise Module for Desktop Applications 15 SP1
SUSE Linux Enterprise Module for High Performance Computing 15
SUSE Linux Enterprise Module for Legacy Software 12
SUSE Linux Enterprise Module for Legacy Software 15
SUSE Linux Enterprise Module for Legacy Software 15 SP1
SUSE Linux Enterprise Module for Live Patching 15
SUSE Linux Enterprise Module for Live Patching 15 SP1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2
SUSE Linux Enterprise Module for Public Cloud 15
SUSE Linux Enterprise Module for Public Cloud 15 SP1
SUSE Linux Enterprise Module for Python2 packages 15 SP1
SUSE Linux Enterprise Module for Server Applications 15
SUSE Linux Enterprise Module for Server Applications 15 SP1
SUSE Linux Enterprise Server 11
SUSE Linux Enterprise Server 11 SP1-LTSS
SUSE Linux Enterprise Server 11 SP2
SUSE Linux Enterprise Server 11 SP2-LTSS
SUSE Linux Enterprise Server 11 SP3
SUSE Linux Enterprise Server 11 SP3-LTSS
SUSE Linux Enterprise Server 11 SP4
SUSE Linux Enterprise Server 11-SECURITY
SUSE Linux Enterprise Server 12
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server for VMWare 11 SP2
SUSE Linux Enterprise Server for VMWare 11 SP3
SUSE Linux Enterprise Software Development Kit 12
SUSE Linux Enterprise Software Development Kit 12 SP1
SUSE Linux Enterprise Software Development Kit 12 SP2
SUSE Linux Enterprise Workstation Extension 15
SUSE Linux Enterprise Workstation Extension 15 SP1
Product(s):
Definition Synopsis
  • SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 is installed
  • AND Package Information
  • openstack-cinder-2014.2.3.dev13-1 is installed
  • OR openstack-cinder-volume-2014.2.3.dev13-1 is installed
  • OR python-cinder-2014.2.3.dev13-1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 is installed
  • AND argyllcms-1.6.3-1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP1 is installed
  • AND Package Information
  • accountsservice-0.6.35-3 is installed
  • OR accountsservice-lang-0.6.35-3 is installed
  • OR libaccountsservice0-0.6.35-3 is installed
  • OR typelib-1_0-AccountsService-1_0-0.6.35-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • AND Package Information
  • libdcerpc-atsvc0-4.2.4-28.21 is installed
  • OR samba-4.2.4-28.21 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND Package Information
  • audiofile-0.3.6-10 is installed
  • OR libaudiofile1-0.3.6-10 is installed
  • OR libaudiofile1-32bit-0.3.6-10 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND Package Information
  • vorbis-tools-1.4.0-26 is installed
  • OR vorbis-tools-lang-1.4.0-26 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise High Availability 12 SP2 is installed
  • AND fence-agents-4.0.22+git.1455008135.15c5e92-8 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise High Availability 12 SP3 is installed
  • AND Package Information
  • cluster-md-kmp-default-4.4.73-5 is installed
  • OR dlm-kmp-default-4.4.73-5 is installed
  • OR gfs2-kmp-default-4.4.73-5 is installed
  • OR ocfs2-kmp-default-4.4.73-5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise High Availability 12 SP4 is installed
  • AND Package Information
  • cluster-md-kmp-default-4.12.14-94.41 is installed
  • OR dlm-kmp-default-4.12.14-94.41 is installed
  • OR gfs2-kmp-default-4.12.14-94.41 is installed
  • OR ocfs2-kmp-default-4.12.14-94.41 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for additional PackageHub packages 15 is installed
  • AND Package Information
  • glib2-2.54.3-4.7 is installed
  • OR glib2-devel-32bit-2.54.3-4.7 is installed
  • OR glib2-tools-32bit-2.54.3-4.7 is installed
  • OR libgthread-2_0-0-32bit-2.54.3-4.7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Advanced Systems Management 12 is installed
  • AND facter-2.0.2-1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Containers 12 is installed
  • AND docker-1.6.2-31 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Desktop Applications 15 SP1 is installed
  • AND Package Information
  • ImageMagick-7.0.7.34-3.67 is installed
  • OR ImageMagick-config-7-SUSE-7.0.7.34-3.67 is installed
  • OR ImageMagick-devel-7.0.7.34-3.67 is installed
  • OR libMagick++-7_Q16HDRI4-7.0.7.34-3.67 is installed
  • OR libMagick++-devel-7.0.7.34-3.67 is installed
  • OR libMagickCore-7_Q16HDRI6-7.0.7.34-3.67 is installed
  • OR libMagickWand-7_Q16HDRI6-7.0.7.34-3.67 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for High Performance Computing 15 is installed
  • AND Package Information
  • libmunge2-0.5.13-4.3 is installed
  • OR munge-0.5.13-4.3 is installed
  • OR munge-devel-0.5.13-4.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Legacy Software 12 is installed
  • AND Package Information
  • libopenssl0_9_8-0.9.8j-59 is installed
  • OR libopenssl0_9_8-32bit-0.9.8j-59 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Legacy Software 15 is installed
  • AND Package Information
  • kernel-default-4.12.14-25.3 is installed
  • OR reiserfs-kmp-default-4.12.14-25.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Legacy Software 15 SP1 is installed
  • AND Package Information
  • java-1_8_0-openjdk-1.8.0.212-3.19 is installed
  • OR java-1_8_0-openjdk-demo-1.8.0.212-3.19 is installed
  • OR java-1_8_0-openjdk-devel-1.8.0.212-3.19 is installed
  • OR java-1_8_0-openjdk-headless-1.8.0.212-3.19 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Live Patching 15 is installed
  • AND Package Information
  • kernel-livepatch-4_12_14-25_16-default-2-2 is installed
  • OR kernel-livepatch-SLE15_Update_4-2-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Live Patching 15 SP1 is installed
  • AND Package Information
  • kernel-livepatch-4_12_14-197_4-default-3-2 is installed
  • OR kernel-livepatch-SLE15-SP1_Update_1-3-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed
  • AND Package Information
  • ffmpeg-3.4.2-4.17 is installed
  • OR ffmpeg-private-devel-3.4.2-4.17 is installed
  • OR libavcodec57-32bit-3.4.2-4.17 is installed
  • OR libavdevice-devel-3.4.2-4.17 is installed
  • OR libavdevice57-3.4.2-4.17 is installed
  • OR libavdevice57-32bit-3.4.2-4.17 is installed
  • OR libavfilter-devel-3.4.2-4.17 is installed
  • OR libavfilter6-3.4.2-4.17 is installed
  • OR libavfilter6-32bit-3.4.2-4.17 is installed
  • OR libavformat57-32bit-3.4.2-4.17 is installed
  • OR libavresample3-32bit-3.4.2-4.17 is installed
  • OR libavutil55-32bit-3.4.2-4.17 is installed
  • OR libpostproc54-32bit-3.4.2-4.17 is installed
  • OR libswresample2-32bit-3.4.2-4.17 is installed
  • OR libswscale4-32bit-3.4.2-4.17 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2 is installed
  • AND Package Information
  • libfreebl3-hmac-32bit-3.53-3.40 is installed
  • OR libsoftokn3-hmac-32bit-3.53-3.40 is installed
  • OR mozilla-nss-3.53-3.40 is installed
  • OR mozilla-nss-sysinit-32bit-3.53-3.40 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Public Cloud 15 is installed
  • AND Package Information
  • kernel-azure-4.12.14-5.16 is installed
  • OR kernel-azure-base-4.12.14-5.16 is installed
  • OR kernel-azure-devel-4.12.14-5.16 is installed
  • OR kernel-devel-azure-4.12.14-5.16 is installed
  • OR kernel-source-azure-4.12.14-5.16 is installed
  • OR kernel-syms-azure-4.12.14-5.16 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Public Cloud 15 SP1 is installed
  • AND Package Information
  • cloud-init-19.2-8.11 is installed
  • OR cloud-init-config-suse-19.2-8.11 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Python2 packages 15 SP1 is installed
  • AND Package Information
  • python-requests-2.20.1-6.3 is installed
  • OR python2-requests-2.20.1-6.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Server Applications 15 is installed
  • AND Package Information
  • rsyslog-8.33.1-3.3 is installed
  • OR rsyslog-module-gssapi-8.33.1-3.3 is installed
  • OR rsyslog-module-mysql-8.33.1-3.3 is installed
  • OR rsyslog-module-pgsql-8.33.1-3.3 is installed
  • OR rsyslog-module-relp-8.33.1-3.3 is installed
  • OR rsyslog-module-snmp-8.33.1-3.3 is installed
  • OR rsyslog-module-udpspoof-8.33.1-3.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Server Applications 15 SP1 is installed
  • AND Package Information
  • nginx-1.14.2-6.3 is installed
  • OR nginx-source-1.14.2-6.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 is installed
  • AND Package Information
  • MozillaFirefox-31.1.0esr-1 is installed
  • OR MozillaFirefox-translations-31.1.0esr-1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • DirectFB-1.7.1-4 is installed
  • OR lib++dfb-1_7-1-1.7.1-4 is installed
  • OR libdirectfb-1_7-1-1.7.1-4 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND unzip-6.00-32 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • DirectFB-1.7.1-6 is installed
  • OR lib++dfb-1_7-1-1.7.1-6 is installed
  • OR libdirectfb-1_7-1-1.7.1-6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 12 is installed
  • AND ppp-devel-2.4.7-1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 12 SP1 is installed
  • AND Package Information
  • xen-4.5.2_02-4.1 is installed
  • OR xen-devel-4.5.2_02-4.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 12 SP2 is installed
  • AND libsndfile-devel-1.0.25-25.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 15 is installed
  • AND Package Information
  • LibVNCServer-0.9.10-4.6 is installed
  • OR libvncclient0-0.9.10-4.6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 15 SP1 is installed
  • AND Package Information
  • MozillaThunderbird-68.1.1-3.51 is installed
  • OR MozillaThunderbird-translations-common-68.1.1-3.51 is installed
  • OR MozillaThunderbird-translations-other-68.1.1-3.51 is installed
    • BACK