Oval Definition:	oval:org.opensuse.security:def:51378
Revision Date: 2020-12-01 Version: 1 Title: Security update for ImageMagick (Low) Description: This update for ImageMagick fixes the following security issues: - CVE-2018-16413: Prevent heap-based buffer over-read in the PushShortPixel function leading to DoS (bsc#1106989) - CVE-2018-16329: Prevent NULL pointer dereference in the GetMagickProperty function leading to DoS (bsc#1106858). - CVE-2018-16328: Prevent NULL pointer dereference exists in the CheckEventLogging function leading to DoS (bsc#1106857). - CVE-2018-16323: ReadXBMImage left data uninitialized when processing an XBM file that has a negative pixel value. If the affected code was used as a library loaded into a process that includes sensitive information, that information sometimes can be leaked via the image data (bsc#1106855) - CVE-2018-16642: The function InsertRow allowed remote attackers to cause a denial of service via a crafted image file due to an out-of-bounds write (bsc#1107616) - CVE-2018-16640: Prevent memory leak in the function ReadOneJNGImage (bsc#1107619) - CVE-2018-16641: Prevent memory leak in the TIFFWritePhotoshopLayers function (bsc#1107618). - CVE-2018-16643: The functions ReadDCMImage, ReadPWPImage, ReadCALSImage, and ReadPICTImage did check the return value of the fputc function, which allowed remote attackers to cause a denial of service via a crafted image file (bsc#1107612) - CVE-2018-16644: Added missing check for length in the functions ReadDCMImage and ReadPICTImage, which allowed remote attackers to cause a denial of service via a crafted image (bsc#1107609) - CVE-2018-16645: Prevent excessive memory allocation issue in the functions ReadBMPImage and ReadDIBImage, which allowed remote attackers to cause a denial of service via a crafted image file (bsc#1107604) Family: unix Class: patch Status: Reference(s): 1027282 1029377 1029902 1040164 1042670 1046299 1046303 1046305 1050244 1050536 1050545 1051510 1054914 1055117 1055186 1058115 1061840 1064802 1065600 1065729 1066129 1070853 1071995 1073513 1079761 1081750 1082555 1082635 1083507 1083647 1086001 1086323 1087092 1088004 1088009 1088573 1089644 1090631 1093205 1093536 1094462 1094814 1096254 1097583 1097584 1097585 1097586 1097587 1097588 1098291 1100352 1101674 1104967 1106855 1106857 1106858 1106989 1107030 1107604 1107609 1107612 1107616 1107618 1107619 1107874 1109158 1109663 1109845 1109847 1111666 1112178 1113722 1113994 1114279 1117665 1119086 1119461 1119465 1120644 1122191 1123034 1123080 1127988 1129346 1129715 1130840 1131304 1133140 1133452 1134303 1135642 1135854 1135873 1135967 1137040 1137069 1137526 1137799 1137861 1137865 1137942 1137959 1137982 1138190 1138459 1140090 1140155 1140729 1140845 1140883 1141013 1141600 1141853 1142076 1142635 1142667 1143706 1144338 1144375 1144449 1144903 1145099 1146042 1146519 1146540 1146612 1146664 1148133 1148410 1148712 1148868 1149119 1149121 1149313 1149446 1149555 1149651 1149792 1149841 1149853 1149955 1150305 1150381 1150423 1150452 1150457 1150465 1150846 1150875 1151021 1151067 1151192 1151350 1151490 1151508 1151610 1151661 1151662 1151667 1151680 1151807 1151891 1151955 1152024 1152025 1152026 1152033 1152161 1152187 1152243 1152325 1152457 1152460 1152466 1152525 1152624 1152665 1152685 1152696 1152697 1152788 1152790 1152791 1152972 1152974 1152975 1153112 1153158 1153236 1153238 1153263 1153476 1153509 1153607 1153646 1153681 1153713 1153717 1153718 1153719 1153811 1153969 1154064 1154108 1154189 1154242 1154268 1154354 1154366 1154372 1154521 1154578 1154607 1154608 1154610 1154611 1154651 1154737 1154747 1154848 1154858 1154905 1154956 1155061 1155178 1155179 1155184 1155186 1155671 1159035 1159622 1161883 1165629 1165631 1171988 1172428 1173798 1173998 1174205 1174458 1174757 1175112 1175122 1175128 1175204 1175213 1175515 1175518 1175691 1175992 1176012 1176069 1176072 1176382 1176896 1177513 1177729 1178003 637176 658604 673071 709442 743787 747125 751718 754447 754677 787526 809831 831629 834601 871152 885662 885882 917607 942751 951166 983582 984751 985177 985348 989523 CVE-2002-2443 CVE-2009-0844 CVE-2009-0845 CVE-2009-0846 CVE-2009-0847 CVE-2009-3295 CVE-2009-4212 CVE-2010-0283 CVE-2010-0628 CVE-2010-1320 CVE-2010-1321 CVE-2010-1322 CVE-2010-1323 CVE-2010-1324 CVE-2010-3609 CVE-2010-4020 CVE-2010-4021 CVE-2010-4022 CVE-2011-0281 CVE-2011-0282 CVE-2011-0284 CVE-2011-0285 CVE-2011-1527 CVE-2011-1528 CVE-2011-1529 CVE-2011-1530 CVE-2011-3389 CVE-2011-4944 CVE-2012-0845 CVE-2012-1012 CVE-2012-1013 CVE-2012-1016 CVE-2012-1150 CVE-2013-1415 CVE-2013-1417 CVE-2013-1418 CVE-2013-1752 CVE-2013-1991 CVE-2013-2000 CVE-2013-2001 CVE-2013-4238 CVE-2014-2667 CVE-2014-4341 CVE-2014-4342 CVE-2014-4343 CVE-2014-4344 CVE-2014-4345 CVE-2014-4650 CVE-2014-5351 CVE-2014-5352 CVE-2014-5353 CVE-2014-5354 CVE-2014-5355 CVE-2014-9421 CVE-2014-9422 CVE-2014-9423 CVE-2015-2694 CVE-2015-2695 CVE-2015-2696 CVE-2015-2697 CVE-2016-0772 CVE-2016-1000110 CVE-2016-5636 CVE-2016-5699 CVE-2017-18207 CVE-2017-18595 CVE-2018-1000802 CVE-2018-1060 CVE-2018-1061 CVE-2018-10811 CVE-2018-12207 CVE-2018-13301 CVE-2018-14647 CVE-2018-16151 CVE-2018-16152 CVE-2018-16323 CVE-2018-16328 CVE-2018-16329 CVE-2018-16413 CVE-2018-16640 CVE-2018-16641 CVE-2018-16642 CVE-2018-16643 CVE-2018-16644 CVE-2018-16645 CVE-2018-17540 CVE-2018-20406 CVE-2018-20852 CVE-2018-5388 CVE-2019-10160 CVE-2019-10220 CVE-2019-11135 CVE-2019-12730 CVE-2019-14821 CVE-2019-14835 CVE-2019-15291 CVE-2019-15903 CVE-2019-16056 CVE-2019-16232 CVE-2019-16233 CVE-2019-16234 CVE-2019-16935 CVE-2019-16995 CVE-2019-17056 CVE-2019-17133 CVE-2019-17542 CVE-2019-17666 CVE-2019-5010 CVE-2019-9506 CVE-2019-9636 CVE-2019-9718 CVE-2019-9947 CVE-2020-0430 CVE-2020-0431 CVE-2020-10135 CVE-2020-12351 CVE-2020-13753 CVE-2020-14314 CVE-2020-14331 CVE-2020-14339 CVE-2020-14356 CVE-2020-14381 CVE-2020-14386 CVE-2020-14386 CVE-2020-16166 CVE-2020-1749 CVE-2020-24394 CVE-2020-24394 CVE-2020-25212 CVE-2020-25645 CVE-2020-9802 CVE-2020-9803 CVE-2020-9805 CVE-2020-9806 CVE-2020-9807 CVE-2020-9843 CVE-2020-9850 SUSE-SU-2018:2977-1 SUSE-SU-2019:2710-1 SUSE-SU-2019:2952-1 SUSE-SU-2019:3056-1 SUSE-SU-2019:3184-1 SUSE-SU-2020:0114-1 SUSE-SU-2020:1990-1 SUSE-SU-2020:2269-1 SUSE-SU-2020:2610-1 SUSE-SU-2020:3180-1 SUSE-SU-2020:3441-1 Platform(s): openSUSE Leap 15.0 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for additional PackageHub packages 15 SUSE Linux Enterprise Module for Development Tools 15 SUSE Linux Enterprise Module for Live Patching 15 SUSE Linux Enterprise Module for Live Patching 15 SP1 SUSE Linux Enterprise Module for Public Cloud 15 SP1 SUSE Linux Enterprise Module for Server Applications 15 SP2 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 15-LTSS SUSE Linux Enterprise Server for SAP Applications 15 SUSE Linux Enterprise Workstation Extension 15 SP1 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information kbd-2.0.4-lp150.6 is installed OR kbd-legacy-2.0.4-lp150.6 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP2 is installed AND kvm-0.15.1-0.27 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information MozillaFirefox-38.2.1esr-19 is installed OR MozillaFirefox-branding-SLED-31.0-0.12 is installed OR MozillaFirefox-translations-38.2.1esr-19 is installed OR libfreebl3-3.19.2.0-0.16 is installed OR libfreebl3-32bit-3.19.2.0-0.16 is installed OR libsoftokn3-3.19.2.0-0.16 is installed OR libsoftokn3-32bit-3.19.2.0-0.16 is installed OR mozilla-nss-3.19.2.0-0.16 is installed OR mozilla-nss-32bit-3.19.2.0-0.16 is installed OR mozilla-nss-tools-3.19.2.0-0.16 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information flash-player-11.2.202.577-0.38 is installed OR flash-player-gnome-11.2.202.577-0.38 is installed OR flash-player-kde4-11.2.202.577-0.38 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 is installed AND Package Information openslp-2.0.0-2 is installed OR openslp-32bit-2.0.0-2 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information krb5-1.12.1-19 is installed OR krb5-32bit-1.12.1-19 is installed OR krb5-client-1.12.1-19 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND facter-2.0.2-6 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information cpio-2.11-35 is installed OR cpio-lang-2.11-35 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information cracklib-2.9.0-7 is installed OR libcrack2-2.9.0-7 is installed OR libcrack2-32bit-2.9.0-7 is installed Definition Synopsis SUSE Linux Enterprise Module for additional PackageHub packages 15 is installed AND Package Information strongswan-5.6.0-4.3 is installed OR strongswan-nm-5.6.0-4.3 is installed Definition Synopsis SUSE Linux Enterprise Module for Development Tools 15 is installed AND Package Information ImageMagick-7.0.7.34-3.24 is installed OR perl-PerlMagick-7.0.7.34-3.24 is installed Definition Synopsis SUSE Linux Enterprise Module for Live Patching 15 is installed AND Package Information kernel-livepatch-4_12_14-150_17-default-4-2 is installed OR kernel-livepatch-SLE15_Update_10-4-2 is installed Definition Synopsis SUSE Linux Enterprise Module for Live Patching 15 SP1 is installed AND Package Information kernel-default-4.12.14-197.21 is installed OR kernel-default-livepatch-4.12.14-197.21 is installed OR kernel-default-livepatch-devel-4.12.14-197.21 is installed OR kernel-livepatch-4_12_14-197_21-default-1-3.3 is installed OR kernel-livepatch-SLE15-SP1_Update_6-1-3.3 is installed Definition Synopsis SUSE Linux Enterprise Module for Public Cloud 15 SP1 is installed AND Package Information kernel-azure-4.12.14-8.19 is installed OR kernel-azure-base-4.12.14-8.19 is installed OR kernel-azure-devel-4.12.14-8.19 is installed OR kernel-devel-azure-4.12.14-8.19 is installed OR kernel-source-azure-4.12.14-8.19 is installed OR kernel-syms-azure-4.12.14-8.19 is installed Definition Synopsis SUSE Linux Enterprise Module for Server Applications 15 SP2 is installed AND Package Information libvirt-6.0.0-13.3 is installed OR libvirt-admin-6.0.0-13.3 is installed OR libvirt-bash-completion-6.0.0-13.3 is installed OR libvirt-client-6.0.0-13.3 is installed OR libvirt-daemon-6.0.0-13.3 is installed OR libvirt-daemon-config-network-6.0.0-13.3 is installed OR libvirt-daemon-config-nwfilter-6.0.0-13.3 is installed OR libvirt-daemon-driver-interface-6.0.0-13.3 is installed OR libvirt-daemon-driver-libxl-6.0.0-13.3 is installed OR libvirt-daemon-driver-lxc-6.0.0-13.3 is installed OR libvirt-daemon-driver-network-6.0.0-13.3 is installed OR libvirt-daemon-driver-nodedev-6.0.0-13.3 is installed OR libvirt-daemon-driver-nwfilter-6.0.0-13.3 is installed OR libvirt-daemon-driver-qemu-6.0.0-13.3 is installed OR libvirt-daemon-driver-secret-6.0.0-13.3 is installed OR libvirt-daemon-driver-storage-6.0.0-13.3 is installed OR libvirt-daemon-driver-storage-core-6.0.0-13.3 is installed OR libvirt-daemon-driver-storage-disk-6.0.0-13.3 is installed OR libvirt-daemon-driver-storage-iscsi-6.0.0-13.3 is installed OR libvirt-daemon-driver-storage-logical-6.0.0-13.3 is installed OR libvirt-daemon-driver-storage-mpath-6.0.0-13.3 is installed OR libvirt-daemon-driver-storage-rbd-6.0.0-13.3 is installed OR libvirt-daemon-driver-storage-scsi-6.0.0-13.3 is installed OR libvirt-daemon-hooks-6.0.0-13.3 is installed OR libvirt-daemon-lxc-6.0.0-13.3 is installed OR libvirt-daemon-qemu-6.0.0-13.3 is installed OR libvirt-daemon-xen-6.0.0-13.3 is installed OR libvirt-devel-6.0.0-13.3 is installed OR libvirt-doc-6.0.0-13.3 is installed OR libvirt-lock-sanlock-6.0.0-13.3 is installed OR libvirt-nss-6.0.0-13.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND opensc-0.13.0-1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information gvim-7.4.326-17.3 is installed OR vim-7.4.326-17.3 is installed OR vim-data-7.4.326-17.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information java-1_8_0-openjdk-1.8.0.101-14 is installed OR java-1_8_0-openjdk-demo-1.8.0.101-14 is installed OR java-1_8_0-openjdk-devel-1.8.0.101-14 is installed OR java-1_8_0-openjdk-headless-1.8.0.101-14 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information gnutls-3.2.15-18.6 is installed OR libgnutls-openssl27-3.2.15-18.6 is installed OR libgnutls28-3.2.15-18.6 is installed OR libgnutls28-32bit-3.2.15-18.6 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information MozillaFirefox-52.8.1esr-109.34 is installed OR MozillaFirefox-devel-52.8.1esr-109.34 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_121-92_73-default-7-2 is installed OR kgraft-patch-SLE12-SP2_Update_21-7-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND apache2-mod_nss-1.0.14-18 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND gdb-8.3.1-2.14 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information libjavascriptcoregtk-4_0-18-2.24.4-2.47 is installed OR libwebkit2gtk-4_0-37-2.24.4-2.47 is installed OR libwebkit2gtk3-lang-2.24.4-2.47 is installed OR typelib-1_0-JavaScriptCore-4_0-2.24.4-2.47 is installed OR typelib-1_0-WebKit2-4_0-2.24.4-2.47 is installed OR webkit2gtk-4_0-injected-bundles-2.24.4-2.47 is installed OR webkit2gtk3-2.24.4-2.47 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information glibc-2.22-62.22 is installed OR glibc-32bit-2.22-62.22 is installed OR glibc-devel-2.22-62.22 is installed OR glibc-devel-32bit-2.22-62.22 is installed OR glibc-html-2.22-62.22 is installed OR glibc-i18ndata-2.22-62.22 is installed OR glibc-info-2.22-62.22 is installed OR glibc-locale-2.22-62.22 is installed OR glibc-locale-32bit-2.22-62.22 is installed OR glibc-profile-2.22-62.22 is installed OR glibc-profile-32bit-2.22-62.22 is installed OR nscd-2.22-62.22 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND ant-1.9.4-3.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information libldap-2_4-2-2.4.41-18.40 is installed OR libldap-2_4-2-32bit-2.4.41-18.40 is installed OR openldap2-2.4.41-18.40 is installed OR openldap2-back-meta-2.4.41-18.40 is installed OR openldap2-client-2.4.41-18.40 is installed Definition Synopsis SUSE Linux Enterprise Server 15-LTSS is installed AND Package Information kernel-default-4.12.14-150.58 is installed OR kernel-default-base-4.12.14-150.58 is installed OR kernel-default-devel-4.12.14-150.58 is installed OR kernel-default-man-4.12.14-150.58 is installed OR kernel-devel-4.12.14-150.58 is installed OR kernel-docs-4.12.14-150.58 is installed OR kernel-macros-4.12.14-150.58 is installed OR kernel-obs-build-4.12.14-150.58 is installed OR kernel-source-4.12.14-150.58 is installed OR kernel-syms-4.12.14-150.58 is installed OR kernel-vanilla-4.12.14-150.58 is installed OR kernel-vanilla-base-4.12.14-150.58 is installed OR kernel-zfcpdump-4.12.14-150.58 is installed OR reiserfs-kmp-default-4.12.14-150.58 is installed Definition Synopsis SUSE Linux Enterprise Server for SAP Applications 15 is installed AND Package Information libjavascriptcoregtk-4_0-18-2.28.3-3.57 is installed OR libwebkit2gtk-4_0-37-2.28.3-3.57 is installed OR libwebkit2gtk3-lang-2.28.3-3.57 is installed OR webkit2gtk-4_0-injected-bundles-2.28.3-3.57 is installed OR webkit2gtk3-2.28.3-3.57 is installed OR webkit2gtk3-devel-2.28.3-3.57 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 15 SP1 is installed AND Package Information ffmpeg-3.4.2-4.27 is installed OR libavcodec-devel-3.4.2-4.27 is installed OR libavformat-devel-3.4.2-4.27 is installed OR libavformat57-3.4.2-4.27 is installed OR libavresample-devel-3.4.2-4.27 is installed OR libavresample3-3.4.2-4.27 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND Package Information gpg2-2.0.24-9.3 is installed OR gpg2-lang-2.0.24-9.3 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND binutils-2.32-9.33 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information ruby2.1-rubygem-activejob-4_2-4.2.9-3.6 is installed OR rubygem-activejob-4_2-4.2.9-3.6 is installed
BACK