Oval Definition:oval:org.opensuse.security:def:51378
Revision Date:2020-12-01Version:1
Title:Security update for ImageMagick (Low)
Description:

This update for ImageMagick fixes the following security issues:

- CVE-2018-16413: Prevent heap-based buffer over-read in the PushShortPixel function leading to DoS (bsc#1106989) - CVE-2018-16329: Prevent NULL pointer dereference in the GetMagickProperty function leading to DoS (bsc#1106858). - CVE-2018-16328: Prevent NULL pointer dereference exists in the CheckEventLogging function leading to DoS (bsc#1106857). - CVE-2018-16323: ReadXBMImage left data uninitialized when processing an XBM file that has a negative pixel value. If the affected code was used as a library loaded into a process that includes sensitive information, that information sometimes can be leaked via the image data (bsc#1106855) - CVE-2018-16642: The function InsertRow allowed remote attackers to cause a denial of service via a crafted image file due to an out-of-bounds write (bsc#1107616) - CVE-2018-16640: Prevent memory leak in the function ReadOneJNGImage (bsc#1107619) - CVE-2018-16641: Prevent memory leak in the TIFFWritePhotoshopLayers function (bsc#1107618). - CVE-2018-16643: The functions ReadDCMImage, ReadPWPImage, ReadCALSImage, and ReadPICTImage did check the return value of the fputc function, which allowed remote attackers to cause a denial of service via a crafted image file (bsc#1107612) - CVE-2018-16644: Added missing check for length in the functions ReadDCMImage and ReadPICTImage, which allowed remote attackers to cause a denial of service via a crafted image (bsc#1107609) - CVE-2018-16645: Prevent excessive memory allocation issue in the functions ReadBMPImage and ReadDIBImage, which allowed remote attackers to cause a denial of service via a crafted image file (bsc#1107604)
Family:unixClass:patch
Status:Reference(s):1027282
1029377
1029902
1040164
1042670
1046299
1046303
1046305
1050244
1050536
1050545
1051510
1054914
1055117
1055186
1058115
1061840
1064802
1065600
1065729
1066129
1070853
1071995
1073513
1079761
1081750
1082555
1082635
1083507
1083647
1086001
1086323
1087092
1088004
1088009
1088573
1089644
1090631
1093205
1093536
1094462
1094814
1096254
1097583
1097584
1097585
1097586
1097587
1097588
1098291
1100352
1101674
1104967
1106855
1106857
1106858
1106989
1107030
1107604
1107609
1107612
1107616
1107618
1107619
1107874
1109158
1109663
1109845
1109847
1111666
1112178
1113722
1113994
1114279
1117665
1119086
1119461
1119465
1120644
1122191
1123034
1123080
1127988
1129346
1129715
1130840
1131304
1133140
1133452
1134303
1135642
1135854
1135873
1135967
1137040
1137069
1137526
1137799
1137861
1137865
1137942
1137959
1137982
1138190
1138459
1140090
1140155
1140729
1140845
1140883
1141013
1141600
1141853
1142076
1142635
1142667
1143706
1144338
1144375
1144449
1144903
1145099
1146042
1146519
1146540
1146612
1146664
1148133
1148410
1148712
1148868
1149119
1149121
1149313
1149446
1149555
1149651
1149792
1149841
1149853
1149955
1150305
1150381
1150423
1150452
1150457
1150465
1150846
1150875
1151021
1151067
1151192
1151350
1151490
1151508
1151610
1151661
1151662
1151667
1151680
1151807
1151891
1151955
1152024
1152025
1152026
1152033
1152161
1152187
1152243
1152325
1152457
1152460
1152466
1152525
1152624
1152665
1152685
1152696
1152697
1152788
1152790
1152791
1152972
1152974
1152975
1153112
1153158
1153236
1153238
1153263
1153476
1153509
1153607
1153646
1153681
1153713
1153717
1153718
1153719
1153811
1153969
1154064
1154108
1154189
1154242
1154268
1154354
1154366
1154372
1154521
1154578
1154607
1154608
1154610
1154611
1154651
1154737
1154747
1154848
1154858
1154905
1154956
1155061
1155178
1155179
1155184
1155186
1155671
1159035
1159622
1161883
1165629
1165631
1171988
1172428
1173798
1173998
1174205
1174458
1174757
1175112
1175122
1175128
1175204
1175213
1175515
1175518
1175691
1175992
1176012
1176069
1176072
1176382
1176896
1177513
1177729
1178003
637176
658604
673071
709442
743787
747125
751718
754447
754677
787526
809831
831629
834601
871152
885662
885882
917607
942751
951166
983582
984751
985177
985348
989523
CVE-2002-2443
CVE-2009-0844
CVE-2009-0845
CVE-2009-0846
CVE-2009-0847
CVE-2009-3295
CVE-2009-4212
CVE-2010-0283
CVE-2010-0628
CVE-2010-1320
CVE-2010-1321
CVE-2010-1322
CVE-2010-1323
CVE-2010-1324
CVE-2010-3609
CVE-2010-4020
CVE-2010-4021
CVE-2010-4022
CVE-2011-0281
CVE-2011-0282
CVE-2011-0284
CVE-2011-0285
CVE-2011-1527
CVE-2011-1528
CVE-2011-1529
CVE-2011-1530
CVE-2011-3389
CVE-2011-4944
CVE-2012-0845
CVE-2012-1012
CVE-2012-1013
CVE-2012-1016
CVE-2012-1150
CVE-2013-1415
CVE-2013-1417
CVE-2013-1418
CVE-2013-1752
CVE-2013-1991
CVE-2013-2000
CVE-2013-2001
CVE-2013-4238
CVE-2014-2667
CVE-2014-4341
CVE-2014-4342
CVE-2014-4343
CVE-2014-4344
CVE-2014-4345
CVE-2014-4650
CVE-2014-5351
CVE-2014-5352
CVE-2014-5353
CVE-2014-5354
CVE-2014-5355
CVE-2014-9421
CVE-2014-9422
CVE-2014-9423
CVE-2015-2694
CVE-2015-2695
CVE-2015-2696
CVE-2015-2697
CVE-2016-0772
CVE-2016-1000110
CVE-2016-5636
CVE-2016-5699
CVE-2017-18207
CVE-2017-18595
CVE-2018-1000802
CVE-2018-1060
CVE-2018-1061
CVE-2018-10811
CVE-2018-12207
CVE-2018-13301
CVE-2018-14647
CVE-2018-16151
CVE-2018-16152
CVE-2018-16323
CVE-2018-16328
CVE-2018-16329
CVE-2018-16413
CVE-2018-16640
CVE-2018-16641
CVE-2018-16642
CVE-2018-16643
CVE-2018-16644
CVE-2018-16645
CVE-2018-17540
CVE-2018-20406
CVE-2018-20852
CVE-2018-5388
CVE-2019-10160
CVE-2019-10220
CVE-2019-11135
CVE-2019-12730
CVE-2019-14821
CVE-2019-14835
CVE-2019-15291
CVE-2019-15903
CVE-2019-16056
CVE-2019-16232
CVE-2019-16233
CVE-2019-16234
CVE-2019-16935
CVE-2019-16995
CVE-2019-17056
CVE-2019-17133
CVE-2019-17542
CVE-2019-17666
CVE-2019-5010
CVE-2019-9506
CVE-2019-9636
CVE-2019-9718
CVE-2019-9947
CVE-2020-0430
CVE-2020-0431
CVE-2020-10135
CVE-2020-12351
CVE-2020-13753
CVE-2020-14314
CVE-2020-14331
CVE-2020-14339
CVE-2020-14356
CVE-2020-14381
CVE-2020-14386
CVE-2020-14386
CVE-2020-16166
CVE-2020-1749
CVE-2020-24394
CVE-2020-24394
CVE-2020-25212
CVE-2020-25645
CVE-2020-9802
CVE-2020-9803
CVE-2020-9805
CVE-2020-9806
CVE-2020-9807
CVE-2020-9843
CVE-2020-9850
SUSE-SU-2018:2977-1
SUSE-SU-2019:2710-1
SUSE-SU-2019:2952-1
SUSE-SU-2019:3056-1
SUSE-SU-2019:3184-1
SUSE-SU-2020:0114-1
SUSE-SU-2020:1990-1
SUSE-SU-2020:2269-1
SUSE-SU-2020:2610-1
SUSE-SU-2020:3180-1
SUSE-SU-2020:3441-1
Platform(s):openSUSE Leap 15.0
SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 11 SP4
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise Module for additional PackageHub packages 15
SUSE Linux Enterprise Module for Development Tools 15
SUSE Linux Enterprise Module for Live Patching 15
SUSE Linux Enterprise Module for Live Patching 15 SP1
SUSE Linux Enterprise Module for Public Cloud 15 SP1
SUSE Linux Enterprise Module for Server Applications 15 SP2
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 15-LTSS
SUSE Linux Enterprise Server for SAP Applications 15
SUSE Linux Enterprise Workstation Extension 15 SP1
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • kbd-2.0.4-lp150.6 is installed
  • OR kbd-legacy-2.0.4-lp150.6 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP2 is installed
  • AND kvm-0.15.1-0.27 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP3 is installed
  • AND Package Information
  • MozillaFirefox-38.2.1esr-19 is installed
  • OR MozillaFirefox-branding-SLED-31.0-0.12 is installed
  • OR MozillaFirefox-translations-38.2.1esr-19 is installed
  • OR libfreebl3-3.19.2.0-0.16 is installed
  • OR libfreebl3-32bit-3.19.2.0-0.16 is installed
  • OR libsoftokn3-3.19.2.0-0.16 is installed
  • OR libsoftokn3-32bit-3.19.2.0-0.16 is installed
  • OR mozilla-nss-3.19.2.0-0.16 is installed
  • OR mozilla-nss-32bit-3.19.2.0-0.16 is installed
  • OR mozilla-nss-tools-3.19.2.0-0.16 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP4 is installed
  • AND Package Information
  • flash-player-11.2.202.577-0.38 is installed
  • OR flash-player-gnome-11.2.202.577-0.38 is installed
  • OR flash-player-kde4-11.2.202.577-0.38 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 is installed
  • AND Package Information
  • openslp-2.0.0-2 is installed
  • OR openslp-32bit-2.0.0-2 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP1 is installed
  • AND Package Information
  • krb5-1.12.1-19 is installed
  • OR krb5-32bit-1.12.1-19 is installed
  • OR krb5-client-1.12.1-19 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • AND facter-2.0.2-6 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND Package Information
  • cpio-2.11-35 is installed
  • OR cpio-lang-2.11-35 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND Package Information
  • cracklib-2.9.0-7 is installed
  • OR libcrack2-2.9.0-7 is installed
  • OR libcrack2-32bit-2.9.0-7 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Module for additional PackageHub packages 15 is installed
  • AND Package Information
  • strongswan-5.6.0-4.3 is installed
  • OR strongswan-nm-5.6.0-4.3 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Module for Development Tools 15 is installed
  • AND Package Information
  • ImageMagick-7.0.7.34-3.24 is installed
  • OR perl-PerlMagick-7.0.7.34-3.24 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Module for Live Patching 15 is installed
  • AND Package Information
  • kernel-livepatch-4_12_14-150_17-default-4-2 is installed
  • OR kernel-livepatch-SLE15_Update_10-4-2 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Module for Live Patching 15 SP1 is installed
  • AND Package Information
  • kernel-default-4.12.14-197.21 is installed
  • OR kernel-default-livepatch-4.12.14-197.21 is installed
  • OR kernel-default-livepatch-devel-4.12.14-197.21 is installed
  • OR kernel-livepatch-4_12_14-197_21-default-1-3.3 is installed
  • OR kernel-livepatch-SLE15-SP1_Update_6-1-3.3 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Module for Public Cloud 15 SP1 is installed
  • AND Package Information
  • kernel-azure-4.12.14-8.19 is installed
  • OR kernel-azure-base-4.12.14-8.19 is installed
  • OR kernel-azure-devel-4.12.14-8.19 is installed
  • OR kernel-devel-azure-4.12.14-8.19 is installed
  • OR kernel-source-azure-4.12.14-8.19 is installed
  • OR kernel-syms-azure-4.12.14-8.19 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Module for Server Applications 15 SP2 is installed
  • AND Package Information
  • libvirt-6.0.0-13.3 is installed
  • OR libvirt-admin-6.0.0-13.3 is installed
  • OR libvirt-bash-completion-6.0.0-13.3 is installed
  • OR libvirt-client-6.0.0-13.3 is installed
  • OR libvirt-daemon-6.0.0-13.3 is installed
  • OR libvirt-daemon-config-network-6.0.0-13.3 is installed
  • OR libvirt-daemon-config-nwfilter-6.0.0-13.3 is installed
  • OR libvirt-daemon-driver-interface-6.0.0-13.3 is installed
  • OR libvirt-daemon-driver-libxl-6.0.0-13.3 is installed
  • OR libvirt-daemon-driver-lxc-6.0.0-13.3 is installed
  • OR libvirt-daemon-driver-network-6.0.0-13.3 is installed
  • OR libvirt-daemon-driver-nodedev-6.0.0-13.3 is installed
  • OR libvirt-daemon-driver-nwfilter-6.0.0-13.3 is installed
  • OR libvirt-daemon-driver-qemu-6.0.0-13.3 is installed
  • OR libvirt-daemon-driver-secret-6.0.0-13.3 is installed
  • OR libvirt-daemon-driver-storage-6.0.0-13.3 is installed
  • OR libvirt-daemon-driver-storage-core-6.0.0-13.3 is installed
  • OR libvirt-daemon-driver-storage-disk-6.0.0-13.3 is installed
  • OR libvirt-daemon-driver-storage-iscsi-6.0.0-13.3 is installed
  • OR libvirt-daemon-driver-storage-logical-6.0.0-13.3 is installed
  • OR libvirt-daemon-driver-storage-mpath-6.0.0-13.3 is installed
  • OR libvirt-daemon-driver-storage-rbd-6.0.0-13.3 is installed
  • OR libvirt-daemon-driver-storage-scsi-6.0.0-13.3 is installed
  • OR libvirt-daemon-hooks-6.0.0-13.3 is installed
  • OR libvirt-daemon-lxc-6.0.0-13.3 is installed
  • OR libvirt-daemon-qemu-6.0.0-13.3 is installed
  • OR libvirt-daemon-xen-6.0.0-13.3 is installed
  • OR libvirt-devel-6.0.0-13.3 is installed
  • OR libvirt-doc-6.0.0-13.3 is installed
  • OR libvirt-lock-sanlock-6.0.0-13.3 is installed
  • OR libvirt-nss-6.0.0-13.3 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND opensc-0.13.0-1 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • gvim-7.4.326-17.3 is installed
  • OR vim-7.4.326-17.3 is installed
  • OR vim-data-7.4.326-17.3 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • java-1_8_0-openjdk-1.8.0.101-14 is installed
  • OR java-1_8_0-openjdk-demo-1.8.0.101-14 is installed
  • OR java-1_8_0-openjdk-devel-1.8.0.101-14 is installed
  • OR java-1_8_0-openjdk-headless-1.8.0.101-14 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • gnutls-3.2.15-18.6 is installed
  • OR libgnutls-openssl27-3.2.15-18.6 is installed
  • OR libgnutls28-3.2.15-18.6 is installed
  • OR libgnutls28-32bit-3.2.15-18.6 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • MozillaFirefox-52.8.1esr-109.34 is installed
  • OR MozillaFirefox-devel-52.8.1esr-109.34 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_121-92_73-default-7-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_21-7-2 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND apache2-mod_nss-1.0.14-18 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND gdb-8.3.1-2.14 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • libjavascriptcoregtk-4_0-18-2.24.4-2.47 is installed
  • OR libwebkit2gtk-4_0-37-2.24.4-2.47 is installed
  • OR libwebkit2gtk3-lang-2.24.4-2.47 is installed
  • OR typelib-1_0-JavaScriptCore-4_0-2.24.4-2.47 is installed
  • OR typelib-1_0-WebKit2-4_0-2.24.4-2.47 is installed
  • OR webkit2gtk-4_0-injected-bundles-2.24.4-2.47 is installed
  • OR webkit2gtk3-2.24.4-2.47 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • glibc-2.22-62.22 is installed
  • OR glibc-32bit-2.22-62.22 is installed
  • OR glibc-devel-2.22-62.22 is installed
  • OR glibc-devel-32bit-2.22-62.22 is installed
  • OR glibc-html-2.22-62.22 is installed
  • OR glibc-i18ndata-2.22-62.22 is installed
  • OR glibc-info-2.22-62.22 is installed
  • OR glibc-locale-2.22-62.22 is installed
  • OR glibc-locale-32bit-2.22-62.22 is installed
  • OR glibc-profile-2.22-62.22 is installed
  • OR glibc-profile-32bit-2.22-62.22 is installed
  • OR nscd-2.22-62.22 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND ant-1.9.4-3.3 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • libldap-2_4-2-2.4.41-18.40 is installed
  • OR libldap-2_4-2-32bit-2.4.41-18.40 is installed
  • OR openldap2-2.4.41-18.40 is installed
  • OR openldap2-back-meta-2.4.41-18.40 is installed
  • OR openldap2-client-2.4.41-18.40 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 15-LTSS is installed
  • AND Package Information
  • kernel-default-4.12.14-150.58 is installed
  • OR kernel-default-base-4.12.14-150.58 is installed
  • OR kernel-default-devel-4.12.14-150.58 is installed
  • OR kernel-default-man-4.12.14-150.58 is installed
  • OR kernel-devel-4.12.14-150.58 is installed
  • OR kernel-docs-4.12.14-150.58 is installed
  • OR kernel-macros-4.12.14-150.58 is installed
  • OR kernel-obs-build-4.12.14-150.58 is installed
  • OR kernel-source-4.12.14-150.58 is installed
  • OR kernel-syms-4.12.14-150.58 is installed
  • OR kernel-vanilla-4.12.14-150.58 is installed
  • OR kernel-vanilla-base-4.12.14-150.58 is installed
  • OR kernel-zfcpdump-4.12.14-150.58 is installed
  • OR reiserfs-kmp-default-4.12.14-150.58 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server for SAP Applications 15 is installed
  • AND Package Information
  • libjavascriptcoregtk-4_0-18-2.28.3-3.57 is installed
  • OR libwebkit2gtk-4_0-37-2.28.3-3.57 is installed
  • OR libwebkit2gtk3-lang-2.28.3-3.57 is installed
  • OR webkit2gtk-4_0-injected-bundles-2.28.3-3.57 is installed
  • OR webkit2gtk3-2.28.3-3.57 is installed
  • OR webkit2gtk3-devel-2.28.3-3.57 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 15 SP1 is installed
  • AND Package Information
  • ffmpeg-3.4.2-4.27 is installed
  • OR libavcodec-devel-3.4.2-4.27 is installed
  • OR libavformat-devel-3.4.2-4.27 is installed
  • OR libavformat57-3.4.2-4.27 is installed
  • OR libavresample-devel-3.4.2-4.27 is installed
  • OR libavresample3-3.4.2-4.27 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • gpg2-2.0.24-9.3 is installed
  • OR gpg2-lang-2.0.24-9.3 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND binutils-2.32-9.33 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • ruby2.1-rubygem-activejob-4_2-4.2.9-3.6 is installed
  • OR rubygem-activejob-4_2-4.2.9-3.6 is installed
  • BACK