Oval Definition:oval:org.opensuse.security:def:51219
Revision Date:2020-12-01Version:1
Title:Security update for ImageMagick (Moderate)
Description:

This update for ImageMagick fixes the following issues:

Security issues fixed:

- CVE-2019-11472: Fixed a denial-of-service in ReadXWDImage() (bsc#1133204). - CVE-2019-11470: Fixed a denial-of-service in ReadCINImage() (bsc#1133205). - CVE-2019-11506: Fixed a heap-based buffer overflow in the WriteMATLABImage() (bsc#1133498). - CVE-2019-11505: Fixed a heap-based buffer overflow in the WritePDBImage() (bsc#1133501). - CVE-2019-11598: Fixed a heap-based buffer overread in WritePNMImage() (bsc#1136732)

We also now disable PCL in the -SUSE configuration, as it also uses ghostscript for decoding (bsc#1136183)

Family:unixClass:patch
Status:Reference(s):1012382
1031392
1051510
1055120
1061840
1065729
1082519
1085030
1090078
1094244
1098782
1101669
1102495
1103269
1103405
1103587
1103636
1104888
1105190
1105795
1106105
1106240
1106948
1107783
1107829
1107832
1107928
1107947
1108096
1108170
1108281
1108323
1108399
1108823
1109244
1109333
1109336
1109337
1109603
1109806
1109859
1109979
1109992
1110006
1110233
1110301
1110363
1110639
1110642
1110643
1110644
1110645
1110646
1110647
1110649
1110650
1111331
1119454
1125401
1125721
1126455
1129622
1130675
1133204
1133205
1133498
1133501
1136183
1136732
1144502
1153108
1156317
1157770
1159913
1160611
1160612
1160613
1160614
1160615
1165631
1169063
1169740
1171355
1171899
1172651
1173334
1173606
1174157
1175476
992038
CVE-2008-3825
CVE-2009-0696
CVE-2009-1384
CVE-2009-4022
CVE-2010-3613
CVE-2010-3614
CVE-2010-3615
CVE-2011-0414
CVE-2011-1907
CVE-2011-1910
CVE-2011-2464
CVE-2011-3172
CVE-2011-4313
CVE-2012-1667
CVE-2012-3817
CVE-2012-3868
CVE-2012-4244
CVE-2012-5166
CVE-2012-5688
CVE-2012-5689
CVE-2013-2266
CVE-2013-4854
CVE-2014-0591
CVE-2014-3467
CVE-2014-3468
CVE-2014-3469
CVE-2018-12126
CVE-2018-12127
CVE-2018-12130
CVE-2018-14633
CVE-2018-17182
CVE-2018-20815
CVE-2018-8956
CVE-2019-10220
CVE-2019-11091
CVE-2019-11470
CVE-2019-11472
CVE-2019-11505
CVE-2019-11506
CVE-2019-11598
CVE-2019-13233
CVE-2019-14562
CVE-2019-15239
CVE-2019-2126
CVE-2019-3812
CVE-2019-5108
CVE-2019-8934
CVE-2019-9232
CVE-2019-9325
CVE-2019-9371
CVE-2019-9433
CVE-2019-9824
CVE-2020-11647
CVE-2020-11868
CVE-2020-13164
CVE-2020-13817
CVE-2020-14556
CVE-2020-14562
CVE-2020-14573
CVE-2020-14577
CVE-2020-14581
CVE-2020-14583
CVE-2020-14593
CVE-2020-14621
CVE-2020-15025
CVE-2020-15466
CVE-2020-1749
SUSE-SU-2018:3159-1
SUSE-SU-2018:3272-1
SUSE-SU-2019:1239-1
SUSE-SU-2019:1523-1
SUSE-SU-2019:2232-1
SUSE-SU-2019:3215-1
SUSE-SU-2020:0143-1
SUSE-SU-2020:1823-1
SUSE-SU-2020:2143-1
SUSE-SU-2020:2144-1
SUSE-SU-2020:2691-1
Platform(s):SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise Module for Desktop Applications 15 SP1
SUSE Linux Enterprise Module for Legacy Software 15
SUSE Linux Enterprise Module for Legacy Software 15 SP2
SUSE Linux Enterprise Module for Live Patching 15
SUSE Linux Enterprise Module for Live Patching 15 SP1
SUSE Linux Enterprise Module for Server Applications 15
SUSE Linux Enterprise Module for Server Applications 15 SP2
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 15-LTSS
SUSE Linux Enterprise Server for SAP Applications 15
SUSE OpenStack Cloud 6-LTSS
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP3 is installed
  • AND Package Information
  • MozillaFirefox-31.8.0esr-0.13 is installed
  • OR MozillaFirefox-translations-31.8.0esr-0.13 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 is installed
  • AND Package Information
  • bind-libs-9.9.5P1-1 is installed
  • OR bind-libs-32bit-9.9.5P1-1 is installed
  • OR bind-utils-9.9.5P1-1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP1 is installed
  • AND Package Information
  • libXrandr2-1.4.2-3 is installed
  • OR libXrandr2-32bit-1.4.2-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • AND Package Information
  • libdcerpc-binding0-4.4.2-29 is installed
  • OR libdcerpc-binding0-32bit-4.4.2-29 is installed
  • OR libdcerpc0-4.4.2-29 is installed
  • OR libdcerpc0-32bit-4.4.2-29 is installed
  • OR libndr-krb5pac0-4.4.2-29 is installed
  • OR libndr-krb5pac0-32bit-4.4.2-29 is installed
  • OR libndr-nbt0-4.4.2-29 is installed
  • OR libndr-nbt0-32bit-4.4.2-29 is installed
  • OR libndr-standard0-4.4.2-29 is installed
  • OR libndr-standard0-32bit-4.4.2-29 is installed
  • OR libndr0-4.4.2-29 is installed
  • OR libndr0-32bit-4.4.2-29 is installed
  • OR libnetapi0-4.4.2-29 is installed
  • OR libnetapi0-32bit-4.4.2-29 is installed
  • OR libsamba-credentials0-4.4.2-29 is installed
  • OR libsamba-credentials0-32bit-4.4.2-29 is installed
  • OR libsamba-errors0-4.4.2-29 is installed
  • OR libsamba-errors0-32bit-4.4.2-29 is installed
  • OR libsamba-hostconfig0-4.4.2-29 is installed
  • OR libsamba-hostconfig0-32bit-4.4.2-29 is installed
  • OR libsamba-passdb0-4.4.2-29 is installed
  • OR libsamba-passdb0-32bit-4.4.2-29 is installed
  • OR libsamba-util0-4.4.2-29 is installed
  • OR libsamba-util0-32bit-4.4.2-29 is installed
  • OR libsamdb0-4.4.2-29 is installed
  • OR libsamdb0-32bit-4.4.2-29 is installed
  • OR libsmbclient0-4.4.2-29 is installed
  • OR libsmbclient0-32bit-4.4.2-29 is installed
  • OR libsmbconf0-4.4.2-29 is installed
  • OR libsmbconf0-32bit-4.4.2-29 is installed
  • OR libsmbldap0-4.4.2-29 is installed
  • OR libsmbldap0-32bit-4.4.2-29 is installed
  • OR libtevent-util0-4.4.2-29 is installed
  • OR libtevent-util0-32bit-4.4.2-29 is installed
  • OR libwbclient0-4.4.2-29 is installed
  • OR libwbclient0-32bit-4.4.2-29 is installed
  • OR samba-4.4.2-29 is installed
  • OR samba-client-4.4.2-29 is installed
  • OR samba-client-32bit-4.4.2-29 is installed
  • OR samba-doc-4.4.2-29 is installed
  • OR samba-libs-4.4.2-29 is installed
  • OR samba-libs-32bit-4.4.2-29 is installed
  • OR samba-winbind-4.4.2-29 is installed
  • OR samba-winbind-32bit-4.4.2-29 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND Package Information
  • glib2-lang-2.48.2-10 is installed
  • OR glib2-tools-2.48.2-10 is installed
  • OR libgio-2_0-0-2.48.2-10 is installed
  • OR libgio-2_0-0-32bit-2.48.2-10 is installed
  • OR libgio-fam-2.48.2-10 is installed
  • OR libglib-2_0-0-2.48.2-10 is installed
  • OR libglib-2_0-0-32bit-2.48.2-10 is installed
  • OR libgmodule-2_0-0-2.48.2-10 is installed
  • OR libgmodule-2_0-0-32bit-2.48.2-10 is installed
  • OR libgobject-2_0-0-2.48.2-10 is installed
  • OR libgobject-2_0-0-32bit-2.48.2-10 is installed
  • OR libgthread-2_0-0-2.48.2-10 is installed
  • OR libgthread-2_0-0-32bit-2.48.2-10 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND Package Information
  • bash-4.3-83.15 is installed
  • OR bash-doc-4.3-83.15 is installed
  • OR bash-lang-4.3-83.15 is installed
  • OR libreadline6-6.3-83.15 is installed
  • OR libreadline6-32bit-6.3-83.15 is installed
  • OR readline-doc-6.3-83.15 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Desktop Applications 15 SP1 is installed
  • AND Package Information
  • ImageMagick-7.0.7.34-3.61 is installed
  • OR ImageMagick-config-7-SUSE-7.0.7.34-3.61 is installed
  • OR ImageMagick-devel-7.0.7.34-3.61 is installed
  • OR libMagick++-7_Q16HDRI4-7.0.7.34-3.61 is installed
  • OR libMagick++-devel-7.0.7.34-3.61 is installed
  • OR libMagickCore-7_Q16HDRI6-7.0.7.34-3.61 is installed
  • OR libMagickWand-7_Q16HDRI6-7.0.7.34-3.61 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Legacy Software 15 is installed
  • AND Package Information
  • kernel-default-4.12.14-25.22 is installed
  • OR reiserfs-kmp-default-4.12.14-25.22 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Legacy Software 15 SP2 is installed
  • AND ntp-4.2.8p15-4.10 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Live Patching 15 is installed
  • AND Package Information
  • kernel-livepatch-4_12_14-25_3-default-5-2 is installed
  • OR kernel-livepatch-SLE15_Update_1-5-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Live Patching 15 SP1 is installed
  • AND Package Information
  • kernel-livepatch-4_12_14-197_7-default-3-2 is installed
  • OR kernel-livepatch-SLE15-SP1_Update_2-3-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Server Applications 15 is installed
  • AND Package Information
  • qemu-2.11.2-9.25 is installed
  • OR qemu-arm-2.11.2-9.25 is installed
  • OR qemu-block-curl-2.11.2-9.25 is installed
  • OR qemu-block-iscsi-2.11.2-9.25 is installed
  • OR qemu-block-rbd-2.11.2-9.25 is installed
  • OR qemu-block-ssh-2.11.2-9.25 is installed
  • OR qemu-guest-agent-2.11.2-9.25 is installed
  • OR qemu-ipxe-1.0.0+-9.25 is installed
  • OR qemu-kvm-2.11.2-9.25 is installed
  • OR qemu-lang-2.11.2-9.25 is installed
  • OR qemu-ppc-2.11.2-9.25 is installed
  • OR qemu-s390-2.11.2-9.25 is installed
  • OR qemu-seabios-1.11.0-9.25 is installed
  • OR qemu-sgabios-8-9.25 is installed
  • OR qemu-vgabios-1.11.0-9.25 is installed
  • OR qemu-x86-2.11.2-9.25 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Server Applications 15 SP2 is installed
  • AND Package Information
  • ovmf-201911-7.5 is installed
  • OR ovmf-tools-201911-7.5 is installed
  • OR qemu-ovmf-x86_64-201911-7.5 is installed
  • OR qemu-uefi-aarch64-201911-7.5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • cyrus-sasl-2.1.26-7 is installed
  • OR cyrus-sasl-32bit-2.1.26-7 is installed
  • OR cyrus-sasl-crammd5-2.1.26-7 is installed
  • OR cyrus-sasl-crammd5-32bit-2.1.26-7 is installed
  • OR cyrus-sasl-digestmd5-2.1.26-7 is installed
  • OR cyrus-sasl-gssapi-2.1.26-7 is installed
  • OR cyrus-sasl-gssapi-32bit-2.1.26-7 is installed
  • OR cyrus-sasl-otp-2.1.26-7 is installed
  • OR cyrus-sasl-otp-32bit-2.1.26-7 is installed
  • OR cyrus-sasl-plain-2.1.26-7 is installed
  • OR cyrus-sasl-plain-32bit-2.1.26-7 is installed
  • OR cyrus-sasl-saslauthd-2.1.26-7 is installed
  • OR cyrus-sasl-sqlauxprop-2.1.26-7 is installed
  • OR cyrus-sasl-sqlauxprop-32bit-2.1.26-7 is installed
  • OR libsasl2-3-2.1.26-7 is installed
  • OR libsasl2-3-32bit-2.1.26-7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • libspice-server1-0.12.5-10 is installed
  • OR spice-0.12.5-10 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND clamav-0.99.2-25 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • ntp-4.2.8p12-64.8 is installed
  • OR ntp-doc-4.2.8p12-64.8 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • kgraft-patch-4_4_114-92_67-default-10-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_19-10-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • java-1_7_1-ibm-1.7.1_sr4.30-38.26 is installed
  • OR java-1_7_1-ibm-alsa-1.7.1_sr4.30-38.26 is installed
  • OR java-1_7_1-ibm-devel-1.7.1_sr4.30-38.26 is installed
  • OR java-1_7_1-ibm-jdbc-1.7.1_sr4.30-38.26 is installed
  • OR java-1_7_1-ibm-plugin-1.7.1_sr4.30-38.26 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • dracut-044-113 is installed
  • OR dracut-fips-044-113 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • MozillaFirefox-68.3.0-109.98 is installed
  • OR MozillaFirefox-translations-common-68.3.0-109.98 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • libopenssl-devel-1.0.2j-60.55 is installed
  • OR libopenssl1_0_0-1.0.2j-60.55 is installed
  • OR libopenssl1_0_0-32bit-1.0.2j-60.55 is installed
  • OR libopenssl1_0_0-hmac-1.0.2j-60.55 is installed
  • OR libopenssl1_0_0-hmac-32bit-1.0.2j-60.55 is installed
  • OR openssl-1.0.2j-60.55 is installed
  • OR openssl-doc-1.0.2j-60.55 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_176-94_88-default-4-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_24-4-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • g3utils-1.1.36-58.3 is installed
  • OR mgetty-1.1.36-58.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • colord-gtk-lang-0.1.26-6 is installed
  • OR libcolord-gtk1-0.1.26-6 is installed
  • OR libcolord2-1.3.3-12 is installed
  • OR libcolord2-32bit-1.3.3-12 is installed
  • OR libcolorhug2-1.3.3-12 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 15-LTSS is installed
  • AND Package Information
  • libvpx-1.6.1-6.3 is installed
  • OR libvpx4-1.6.1-6.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server for SAP Applications 15 is installed
  • AND Package Information
  • java-11-openjdk-11.0.8.0-3.45 is installed
  • OR java-11-openjdk-demo-11.0.8.0-3.45 is installed
  • OR java-11-openjdk-devel-11.0.8.0-3.45 is installed
  • OR java-11-openjdk-headless-11.0.8.0-3.45 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 6-LTSS is installed
  • AND python-cryptography-2.1.4-3.15 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • java-1_7_1-ibm-1.7.1_sr4.45-38.37 is installed
  • OR java-1_7_1-ibm-alsa-1.7.1_sr4.45-38.37 is installed
  • OR java-1_7_1-ibm-devel-1.7.1_sr4.45-38.37 is installed
  • OR java-1_7_1-ibm-jdbc-1.7.1_sr4.45-38.37 is installed
  • OR java-1_7_1-ibm-plugin-1.7.1_sr4.45-38.37 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • libsolv-0.6.36-2.16 is installed
  • OR libsolv-tools-0.6.36-2.16 is installed
  • OR libzypp-16.20.0-2.39 is installed
  • OR perl-solv-0.6.36-2.16 is installed
  • OR python-solv-0.6.36-2.16 is installed
  • OR zypper-1.13.51-21.26 is installed
  • OR zypper-log-1.13.51-21.26 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • kafka-0.10.2.2-5.6 is installed
  • OR openstack-monasca-api-2.2.1~dev24-3.6 is installed
  • OR python-monasca-api-2.2.1~dev24-3.6 is installed
    • BACK