Oval Definition:	oval:org.opensuse.security:def:5399
Revision Date: 2021-01-18 Version: 1 Title: Security update for ImageMagick (Moderate) Description: This update for ImageMagick fixes the following issues: - CVE-2020-19667: Fixed a stack buffer overflow in XPM coder could result in a crash (bsc#1179103). - CVE-2020-25664: Fixed a heap-based buffer overflow in PopShortPixel (bsc#1179202). - CVE-2020-25665: Fixed a heap-based buffer overflow in WritePALMImage (bsc#1179208). - CVE-2020-25666: Fixed an outside the range of representable values of type 'int' and signed integer overflow (bsc#1179212). - CVE-2020-25674: Fixed a heap-based buffer overflow in WriteOnePNGImage (bsc#1179223). - CVE-2020-25675: Fixed an outside the range of representable values of type 'long' and integer overflow (bsc#1179240). - CVE-2020-25676: Fixed an outside the range of representable values of type 'long' and integer overflow at MagickCore/pixel.c (bsc#1179244). - CVE-2020-27750: Fixed a division by zero in MagickCore/colorspace-private.h (bsc#1179260). - CVE-2020-27751: Fixed an integer overflow in MagickCore/quantum-export.c (bsc#1179269). - CVE-2020-27752: Fixed a heap-based buffer overflow in PopShortPixel in MagickCore/quantum-private.h (bsc#1179346). - CVE-2020-27753: Fixed memory leaks in AcquireMagickMemory function (bsc#1179397). - CVE-2020-27754: Fixed an outside the range of representable values of type 'long' and signed integer overflow at MagickCore/quantize.c (bsc#1179336). - CVE-2020-27755: Fixed memory leaks in ResizeMagickMemory function in ImageMagick/MagickCore/memory.c (bsc#1179345). - CVE-2020-27756: Fixed a division by zero at MagickCore/geometry.c (bsc#1179221). - CVE-2020-27757: Fixed an outside the range of representable values of type 'unsigned long long' at MagickCore/quantum-private.h (bsc#1179268). - CVE-2020-27758: Fixed an outside the range of representable values of type 'unsigned long long' (bsc#1179276). - CVE-2020-27759: Fixed an outside the range of representable values of type 'int' at MagickCore/quantize.c (bsc#1179313). - CVE-2020-27760: Fixed a division by zero at MagickCore/enhance.c (bsc#1179281). - CVE-2020-27761: Fixed an outside the range of representable values of type 'unsigned long' at coders/palm.c (bsc#1179315). - CVE-2020-27762: Fixed an outside the range of representable values of type 'unsigned char' (bsc#1179278). - CVE-2020-27763: Fixed a division by zero at MagickCore/resize.c (bsc#1179312). - CVE-2020-27764: Fixed an outside the range of representable values of type 'unsigned long' at MagickCore/statistic.c (bsc#1179317). - CVE-2020-27765: Fixed a division by zero at MagickCore/segment.c (bsc#1179311). - CVE-2020-27766: Fixed an outside the range of representable values of type 'unsigned long' at MagickCore/statistic.c (bsc#1179361). - CVE-2020-27767: Fixed an outside the range of representable values of type 'float' at MagickCore/quantum.h (bsc#1179322). - CVE-2020-27768: Fixed an outside the range of representable values of type 'unsigned int' at MagickCore/quantum-private.h (bsc#1179339). - CVE-2020-27769: Fixed an outside the range of representable values of type 'float' at MagickCore/quantize.c (bsc#1179321). - CVE-2020-27770: Fixed an unsigned offset overflowed at MagickCore/string.c (bsc#1179343). - CVE-2020-27771: Fixed an outside the range of representable values of type 'unsigned char' at coders/pdf.c (bsc#1179327). - CVE-2020-27772: Fixed an outside the range of representable values of type 'unsigned int' at coders/bmp.c (bsc#1179347). - CVE-2020-27773: Fixed a division by zero at MagickCore/gem-private.h (bsc#1179285). - CVE-2020-27774: Fixed an integer overflow at MagickCore/statistic.c (bsc#1179333). - CVE-2020-27775: Fixed an outside the range of representable values of type 'unsigned char' at MagickCore/quantum.h (bsc#1179338). - CVE-2020-27776: Fixed an outside the range of representable values of type 'unsigned long' at MagickCore/statistic.c (bsc#1179362). - CVE-2020-29599: Fixed a shell command injection in -authenticate (bsc#1179753). Family: unix Class: patch Status: Reference(s): 1168930 1178666 1178667 1178668 1179103 1179202 1179208 1179212 1179221 1179223 1179240 1179244 1179260 1179268 1179269 1179276 1179278 1179281 1179285 1179311 1179312 1179313 1179315 1179317 1179321 1179322 1179327 1179333 1179336 1179338 1179339 1179343 1179345 1179346 1179347 1179361 1179362 1179397 1179753 CVE-2002-2443 CVE-2009-0844 CVE-2009-0845 CVE-2009-0846 CVE-2009-0847 CVE-2009-3295 CVE-2009-4212 CVE-2010-0283 CVE-2010-0407 CVE-2010-0628 CVE-2010-1320 CVE-2010-1321 CVE-2010-1322 CVE-2010-1323 CVE-2010-1324 CVE-2010-4020 CVE-2010-4021 CVE-2010-4022 CVE-2010-4531 CVE-2011-0281 CVE-2011-0282 CVE-2011-0284 CVE-2011-0285 CVE-2011-1527 CVE-2011-1528 CVE-2011-1529 CVE-2011-1530 CVE-2011-1946 CVE-2011-2895 CVE-2011-3146 CVE-2011-3177 CVE-2012-1012 CVE-2012-1013 CVE-2012-1016 CVE-2012-2396 CVE-2012-2812 CVE-2012-2813 CVE-2012-2814 CVE-2012-2836 CVE-2012-2837 CVE-2012-2840 CVE-2012-2841 CVE-2013-1415 CVE-2013-1417 CVE-2013-1418 CVE-2013-1881 CVE-2013-1984 CVE-2013-1991 CVE-2013-1995 CVE-2013-1998 CVE-2013-2000 CVE-2013-6462 CVE-2014-0011 CVE-2014-0209 CVE-2014-0210 CVE-2014-0211 CVE-2014-2524 CVE-2014-4341 CVE-2014-4342 CVE-2014-4343 CVE-2014-4344 CVE-2014-4345 CVE-2014-5351 CVE-2014-5352 CVE-2014-5353 CVE-2014-5354 CVE-2014-5355 CVE-2014-6271 CVE-2014-6272 CVE-2014-6277 CVE-2014-6278 CVE-2014-7169 CVE-2014-7186 CVE-2014-7187 CVE-2014-8240 CVE-2014-9421 CVE-2014-9422 CVE-2014-9423 CVE-2015-0255 CVE-2015-1802 CVE-2015-1803 CVE-2015-1804 CVE-2015-2694 CVE-2015-2695 CVE-2015-2696 CVE-2015-2697 CVE-2020-19667 CVE-2020-25664 CVE-2020-25665 CVE-2020-25666 CVE-2020-25674 CVE-2020-25675 CVE-2020-25676 CVE-2020-25694 CVE-2020-25695 CVE-2020-25696 CVE-2020-27750 CVE-2020-27751 CVE-2020-27752 CVE-2020-27753 CVE-2020-27754 CVE-2020-27755 CVE-2020-27756 CVE-2020-27757 CVE-2020-27758 CVE-2020-27759 CVE-2020-27760 CVE-2020-27761 CVE-2020-27762 CVE-2020-27763 CVE-2020-27764 CVE-2020-27765 CVE-2020-27766 CVE-2020-27767 CVE-2020-27768 CVE-2020-27769 CVE-2020-27770 CVE-2020-27771 CVE-2020-27772 CVE-2020-27773 CVE-2020-27774 CVE-2020-27775 CVE-2020-27776 CVE-2020-29599 CVE-2020-5260 SUSE-SU-2020:0991-1 SUSE-SU-2020:3455-1 Platform(s): openSUSE 13.1 openSUSE 13.1 NonFree SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise for SAP 12 SUSE Linux Enterprise for SAP 12 SP1 SUSE Linux Enterprise for SAP 12 SP2 SUSE Linux Enterprise High Performance Computing 12 SP5 SUSE Linux Enterprise Live Patching 12 SUSE Linux Enterprise Live Patching 12 SP3 SUSE Linux Enterprise Module for Advanced Systems Management 12 SUSE Linux Enterprise Module for Containers 12 SUSE Linux Enterprise Module for Legacy Software 12 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 SUSE Linux Enterprise Module for Public Cloud 12 SUSE Linux Enterprise Module for Web Scripting 12 SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Server 11 SP1-LTSS SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP3-LTSS SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 15-LTSS SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 SUSE Linux Enterprise Server for SAP Applications 12 SUSE Linux Enterprise Server for SAP Applications 12 SP1 SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Software Development Kit 12 SP3 SUSE Linux Enterprise Software Development Kit 12 SP4 SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Workstation Extension 12 SP1 SUSE OpenStack Cloud 5 Product(s): Definition Synopsis SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 is installed AND haproxy-1.5.4-2.4.1 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP3 is installed AND libssh2-1-1.2.9-4.2.4.1 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information flash-player-11.2.202.577-0.38.1 is installed OR flash-player-gnome-11.2.202.577-0.38.1 is installed OR flash-player-kde4-11.2.202.577-0.38.1 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information krb5-1.12.1-19 is installed OR krb5-32bit-1.12.1-19 is installed OR krb5-client-1.12.1-19 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information bash-4.3-78 is installed OR bash-doc-4.3-78 is installed OR bash-lang-4.3-78 is installed OR libreadline6-6.3-78 is installed OR libreadline6-32bit-6.3-78 is installed OR readline-doc-6.3-78 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND autofs-5.0.9-27 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information ceph-common-12.2.8+git.1536505967.080f2248ff-2.15 is installed OR libcephfs2-12.2.8+git.1536505967.080f2248ff-2.15 is installed OR librados2-12.2.8+git.1536505967.080f2248ff-2.15 is installed OR libradosstriper1-12.2.8+git.1536505967.080f2248ff-2.15 is installed OR librbd1-12.2.8+git.1536505967.080f2248ff-2.15 is installed OR librgw2-12.2.8+git.1536505967.080f2248ff-2.15 is installed OR python-cephfs-12.2.8+git.1536505967.080f2248ff-2.15 is installed OR python-rados-12.2.8+git.1536505967.080f2248ff-2.15 is installed OR python-rbd-12.2.8+git.1536505967.080f2248ff-2.15 is installed OR python-rgw-12.2.8+git.1536505967.080f2248ff-2.15 is installed Definition Synopsis SUSE Linux Enterprise for SAP 12 is installed AND Package Information compat-libldap-2_3-0-2.3.37-16.1 is installed OR openldap2-2.4.39-16.1 is installed Definition Synopsis SUSE Linux Enterprise for SAP 12 SP1 is installed AND Package Information compat-openssl098-0.9.8j-94.1 is installed OR libopenssl0_9_8-0.9.8j-94.1 is installed Definition Synopsis SUSE Linux Enterprise for SAP 12 SP2 is installed AND Package Information compat-openssl098-0.9.8j-105.1 is installed OR libopenssl0_9_8-0.9.8j-105.1 is installed Definition Synopsis SUSE Linux Enterprise High Performance Computing 12 SP5 is installed AND Package Information audiofile-0.3.6-11.3 is installed OR libaudiofile1-0.3.6-11.3 is installed OR libaudiofile1-32bit-0.3.6-11.3 is installed Definition Synopsis SUSE Linux Enterprise Live Patching 12 is installed AND Package Information kgraft-patch-3_12_57-60_35-default-9-2 is installed OR kgraft-patch-3_12_57-60_35-xen-9-2 is installed OR kgraft-patch-SLE12-SP1_Update_4-9-2 is installed Definition Synopsis SUSE Linux Enterprise Live Patching 12 SP3 is installed AND Package Information kgraft-patch-4_4_82-6_3-default-1-2.1 is installed OR kgraft-patch-SLE12-SP3_Update_1-1-2.1 is installed Definition Synopsis SUSE Linux Enterprise Module for Advanced Systems Management 12 is installed AND Package Information puppet-3.8.5-15.3.3 is installed OR puppet-server-3.8.5-15.3.3 is installed Definition Synopsis SUSE Linux Enterprise Module for Containers 12 is installed AND docker-1.8.3-49.1 is installed Definition Synopsis SUSE Linux Enterprise Module for Legacy Software 12 is installed AND Package Information java-1_6_0-ibm-1.6.0_sr16.2-8.1 is installed OR java-1_6_0-ibm-fonts-1.6.0_sr16.2-8.1 is installed OR java-1_6_0-ibm-jdbc-1.6.0_sr16.2-8.1 is installed OR java-1_6_0-ibm-plugin-1.6.0_sr16.2-8.1 is installed Definition Synopsis SUSE Linux Enterprise Module for Public Cloud 12 is installed AND Package Information kernel-ec2-3.12.44-52.10.1 is installed OR kernel-ec2-devel-3.12.44-52.10.1 is installed OR kernel-ec2-extra-3.12.44-52.10.1 is installed Definition Synopsis SUSE Linux Enterprise Module for Web Scripting 12 is installed AND Package Information apache2-mod_php5-5.5.14-15.1 is installed OR php5-5.5.14-15.1 is installed OR php5-bcmath-5.5.14-15.1 is installed OR php5-bz2-5.5.14-15.1 is installed OR php5-calendar-5.5.14-15.1 is installed OR php5-ctype-5.5.14-15.1 is installed OR php5-curl-5.5.14-15.1 is installed OR php5-dba-5.5.14-15.1 is installed OR php5-dom-5.5.14-15.1 is installed OR php5-enchant-5.5.14-15.1 is installed OR php5-exif-5.5.14-15.1 is installed OR php5-fastcgi-5.5.14-15.1 is installed OR php5-fileinfo-5.5.14-15.1 is installed OR php5-fpm-5.5.14-15.1 is installed OR php5-ftp-5.5.14-15.1 is installed OR php5-gd-5.5.14-15.1 is installed OR php5-gettext-5.5.14-15.1 is installed OR php5-gmp-5.5.14-15.1 is installed OR php5-iconv-5.5.14-15.1 is installed OR php5-intl-5.5.14-15.1 is installed OR php5-json-5.5.14-15.1 is installed OR php5-ldap-5.5.14-15.1 is installed OR php5-mbstring-5.5.14-15.1 is installed OR php5-mcrypt-5.5.14-15.1 is installed OR php5-mysql-5.5.14-15.1 is installed OR php5-odbc-5.5.14-15.1 is installed OR php5-openssl-5.5.14-15.1 is installed OR php5-pcntl-5.5.14-15.1 is installed OR php5-pdo-5.5.14-15.1 is installed OR php5-pear-5.5.14-15.1 is installed OR php5-pgsql-5.5.14-15.1 is installed OR php5-pspell-5.5.14-15.1 is installed OR php5-shmop-5.5.14-15.1 is installed OR php5-snmp-5.5.14-15.1 is installed OR php5-soap-5.5.14-15.1 is installed OR php5-sockets-5.5.14-15.1 is installed OR php5-sqlite-5.5.14-15.1 is installed OR php5-suhosin-5.5.14-15.1 is installed OR php5-sysvmsg-5.5.14-15.1 is installed OR php5-sysvsem-5.5.14-15.1 is installed OR php5-sysvshm-5.5.14-15.1 is installed OR php5-tokenizer-5.5.14-15.1 is installed OR php5-wddx-5.5.14-15.1 is installed OR php5-xmlreader-5.5.14-15.1 is installed OR php5-xmlrpc-5.5.14-15.1 is installed OR php5-xmlwriter-5.5.14-15.1 is installed OR php5-xsl-5.5.14-15.1 is installed OR php5-zip-5.5.14-15.1 is installed OR php5-zlib-5.5.14-15.1 is installed Definition Synopsis SUSE Linux Enterprise Server 11 is installed AND Package Information gnome-screensaver-2.24.0-14.27.1 is installed OR gnome-screensaver-lang-2.24.0-14.27.1 is installed Definition Synopsis SUSE Linux Enterprise Server 11 SP2 is installed AND NetworkManager-gnome-0.7.1-5.22.28 is installed Definition Synopsis SUSE Linux Enterprise Server 11 SP3 is installed AND Package Information Mesa-9.0.3-0.17.1 is installed OR Mesa-32bit-9.0.3-0.17.1 is installed OR Mesa-x86-9.0.3-0.17.1 is installed Definition Synopsis SUSE Linux Enterprise Server 11 SP4 is installed AND Package Information strongswan-4.4.0-6.25.1 is installed OR strongswan-doc-4.4.0-6.25.1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 is installed AND Package Information alsa-1.0.27.2-11 is installed OR alsa-docs-1.0.27.2-11 is installed OR libasound2-1.0.27.2-11 is installed OR libasound2-32bit-1.0.27.2-11 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND autofs-5.0.9-8 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information libdcerpc-atsvc0-4.2.4-28.3.1 is installed OR samba-4.2.4-28.3.1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information libjavascriptcoregtk-4_0-18-2.12.5-1 is installed OR libwebkit2gtk-4_0-37-2.12.5-1 is installed OR typelib-1_0-JavaScriptCore-4_0-2.12.5-1 is installed OR typelib-1_0-WebKit2-4_0-2.12.5-1 is installed OR webkit2gtk-4_0-injected-bundles-2.12.5-1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND ant-1.9.4-3.3 is installed Definition Synopsis SUSE Linux Enterprise Server 15-LTSS is installed AND Package Information libecpg6-10.15-4.28 is installed OR libpq5-10.15-4.28 is installed OR libpq5-32bit-10.15-4.28 is installed OR postgresql10-10.15-4.28 is installed OR postgresql10-contrib-10.15-4.28 is installed OR postgresql10-devel-10.15-4.28 is installed OR postgresql10-docs-10.15-4.28 is installed OR postgresql10-plperl-10.15-4.28 is installed OR postgresql10-plpython-10.15-4.28 is installed OR postgresql10-pltcl-10.15-4.28 is installed OR postgresql10-server-10.15-4.28 is installed Definition Synopsis SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 is installed AND binutils-2.26.1-9.12 is installed Definition Synopsis SUSE Linux Enterprise Server for SAP Applications 12 is installed AND Package Information kgraft-patch-3_12_61-52_72-default-3-2 is installed OR kgraft-patch-3_12_61-52_72-xen-3-2 is installed OR kgraft-patch-SLE12_Update_21-3-2 is installed Definition Synopsis SUSE Linux Enterprise Server for SAP Applications 12 SP1 is installed AND Package Information compat-openssl098-0.9.8j-94 is installed OR libopenssl0_9_8-0.9.8j-94 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 11 SP4 is installed AND MozillaFirefox-devel-31.7.0esr-0.8.1 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 is installed AND Package Information freerdp-devel-1.0.2-7 is installed OR libfreerdp-1_0-1.0.2-7 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 SP3 is installed AND java-1_8_0-ibm-devel-1.8.0_sr4.5-29 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 SP4 is installed AND Package Information FastCGI-2.4.0-168 is installed OR FastCGI-devel-2.4.0-168 is installed OR perl-FastCGI-2.4.0-168 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 12 is installed AND Package Information ImageMagick-6.8.8.1-5 is installed OR libMagick++-6_Q16-3-6.8.8.1-5 is installed OR libMagickCore-6_Q16-1-32bit-6.8.8.1-5 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 12 SP1 is installed AND Package Information ImageMagick-6.8.8.1-30.2 is installed OR libMagick++-6_Q16-3-6.8.8.1-30.2 is installed OR libMagickCore-6_Q16-1-32bit-6.8.8.1-30.2 is installed
BACK