OVAL Reference oval:org.opensuse.security:def:54742

Oval Definition:

oval:org.opensuse.security:def:54742

Revision Date:	2021-01-22	Version:	1
Title:	Security update for ImageMagick (Important)
Description:	This update for ImageMagick fixes the following issues: - CVE-2020-19667: Fixed a stack buffer overflow in XPM coder could result in a crash (bsc#1179103). - CVE-2020-25664: Fixed a heap-based buffer overflow in PopShortPixel (bsc#1179202). - CVE-2020-25665: Fixed a heap-based buffer overflow in WritePALMImage (bsc#1179208). - CVE-2020-25666: Fixed an outside the range of representable values of type 'int' and signed integer overflow (bsc#1179212). - CVE-2020-25674: Fixed a heap-based buffer overflow in WriteOnePNGImage (bsc#1179223). - CVE-2020-25675: Fixed an outside the range of representable values of type 'long' and integer overflow (bsc#1179240). - CVE-2020-25676: Fixed an outside the range of representable values of type 'long' and integer overflow at MagickCore/pixel.c (bsc#1179244). - CVE-2020-27750: Fixed an division by zero in MagickCore/colorspace-private.h (bsc#1179260). - CVE-2020-27751: Fixed an integer overflow in MagickCore/quantum-export.c (bsc#1179269). - CVE-2020-27752: Fixed a heap-based buffer overflow in PopShortPixel in MagickCore/quantum-private.h (bsc#1179346). - CVE-2020-27753: Fixed memory leaks in AcquireMagickMemory function (bsc#1179397). - CVE-2020-27754: Fixed an outside the range of representable values of type 'long' and signed integer overflow at MagickCore/quantize.c (bsc#1179336). - CVE-2020-27755: Fixed memory leaks in ResizeMagickMemory function in ImageMagick/MagickCore/memory.c (bsc#1179345). - CVE-2020-27757: Fixed an outside the range of representable values of type 'unsigned long long' at MagickCore/quantum-private.h (bsc#1179268). - CVE-2020-27759: Fixed an outside the range of representable values of type 'int' at MagickCore/quantize.c (bsc#1179313). - CVE-2020-27760: Fixed a division by zero at MagickCore/enhance.c (bsc#1179281). - CVE-2020-27761: Fixed an outside the range of representable values of type 'unsigned long' at coders/palm.c (bsc#1179315). - CVE-2020-27762: Fixed an outside the range of representable values of type 'unsigned char' (bsc#1179278). - CVE-2020-27763: Fixed a division by zero at MagickCore/resize.c (bsc#1179312). - CVE-2020-27764: Fixed an outside the range of representable values of type 'unsigned long' at MagickCore/statistic.c (bsc#1179317). - CVE-2020-27765: Fixed a division by zero at MagickCore/segment.c (bsc#1179311). - CVE-2020-27766: Fixed an outside the range of representable values of type 'unsigned long' at MagickCore/statistic.c (bsc#1179361). - CVE-2020-27767: Fixed an outside the range of representable values of type 'float' at MagickCore/quantum.h (bsc#1179322). - CVE-2020-27768: Fixed an outside the range of representable values of type 'unsigned int' at MagickCore/quantum-private.h (bsc#1179339). - CVE-2020-27769: Fixed an outside the range of representable values of type 'float' at MagickCore/quantize.c (bsc#1179321). - CVE-2020-27770: Fixed an unsigned offset overflowed at MagickCore/string.c (bsc#1179343). - CVE-2020-27771: Fixed an outside the range of representable values of type 'unsigned char' at coders/pdf.c (bsc#1179327). - CVE-2020-27772: Fixed an outside the range of representable values of type 'unsigned int' at coders/bmp.c (bsc#1179347). - CVE-2020-27773: Fixed a division by zero at MagickCore/gem-private.h (bsc#1179285). - CVE-2020-27774: Fixed an integer overflow at MagickCore/statistic.c (bsc#1179333). - CVE-2020-27775: Fixed an outside the range of representable values of type 'unsigned char' at MagickCore/quantum.h (bsc#1179338). - CVE-2020-27776: Fixed an outside the range of representable values of type 'unsigned long' at MagickCore/statistic.c (bsc#1179362).
Family:	unix	Class:	patch
Status:		Reference(s):	1005778 1005780 1005781 1009062 1009085 1009966 1011348 1012382 1014437 1014441 1014442 1015336 1015337 1015340 1015342 1015343 1022062 1022604 1022743 1024296 1028744 1031247 1031249 1031250 1031254 1031255 1031262 1031263 1031492 1032144 1036215 1039513 1043598 1044016 1044596 1049379 1050135 1050947 1052249 1052253 1052545 1054924 1055219 1055430 1056415 1056427 1060799 1061873 1063269 1068032 1075087 1075091 1075994 1076263 1080157 1082153 1082299 1082485 1082962 1083125 1083635 1083650 1083900 1084721 1085058 1085185 1085511 1085958 1087082 1088242 1088865 1089023 1089115 1089198 1089393 1089608 1089644 1089752 1089895 1089925 1090225 1090643 1090658 1090663 1090708 1090718 1090734 1090953 1091041 1091325 1091728 1091925 1091960 1092289 1092497 1092566 1092904 1093008 1093144 1093215 1094019 1131945 1144621 1179103 1179202 1179208 1179212 1179223 1179240 1179244 1179260 1179268 1179269 1179278 1179281 1179285 1179311 1179312 1179313 1179315 1179317 1179321 1179322 1179327 1179333 1179336 1179338 1179339 1179343 1179345 1179346 1179347 1179361 1179362 1179397 802154 847708 910252 910253 913650 913651 917152 946744 951391 952188 952196 960674 966170 966172 966186 966191 969476 969477 981348 988274 996511 CVE-2013-1739 CVE-2014-5044 CVE-2014-8116 CVE-2014-8117 CVE-2014-9620 CVE-2014-9621 CVE-2014-9653 CVE-2015-0286 CVE-2015-0288 CVE-2015-1335 CVE-2015-1789 CVE-2015-1793 CVE-2015-2695 CVE-2015-4730 CVE-2015-4766 CVE-2015-4792 CVE-2015-4800 CVE-2015-4802 CVE-2015-4815 CVE-2015-4816 CVE-2015-4819 CVE-2015-4826 CVE-2015-4830 CVE-2015-4833 CVE-2015-4836 CVE-2015-4858 CVE-2015-4861 CVE-2015-4862 CVE-2015-4864 CVE-2015-4866 CVE-2015-4870 CVE-2015-4879 CVE-2015-4890 CVE-2015-4895 CVE-2015-4904 CVE-2015-4905 CVE-2015-4910 CVE-2015-4913 CVE-2015-5276 CVE-2015-8710 CVE-2016-10266 CVE-2016-10267 CVE-2016-10268 CVE-2016-10269 CVE-2016-10270 CVE-2016-10271 CVE-2016-10272 CVE-2016-2123 CVE-2016-2125 CVE-2016-2126 CVE-2016-5759 CVE-2016-7530 CVE-2017-11446 CVE-2017-11534 CVE-2017-11671 CVE-2017-12428 CVE-2017-12431 CVE-2017-12433 CVE-2017-13133 CVE-2017-13139 CVE-2017-15033 CVE-2017-5950 CVE-2018-1000199 CVE-2018-10087 CVE-2018-10124 CVE-2018-1065 CVE-2018-1130 CVE-2018-3639 CVE-2018-5803 CVE-2018-7492 CVE-2018-8781 CVE-2019-10216 CVE-2019-10894 CVE-2019-10895 CVE-2019-10896 CVE-2019-10899 CVE-2019-10901 CVE-2019-10903 CVE-2020-19667 CVE-2020-25664 CVE-2020-25665 CVE-2020-25666 CVE-2020-25674 CVE-2020-25675 CVE-2020-25676 CVE-2020-27750 CVE-2020-27751 CVE-2020-27752 CVE-2020-27753 CVE-2020-27754 CVE-2020-27755 CVE-2020-27757 CVE-2020-27759 CVE-2020-27760 CVE-2020-27761 CVE-2020-27762 CVE-2020-27763 CVE-2020-27764 CVE-2020-27765 CVE-2020-27766 CVE-2020-27767 CVE-2020-27768 CVE-2020-27769 CVE-2020-27770 CVE-2020-27771 CVE-2020-27772 CVE-2020-27773 CVE-2020-27774 CVE-2020-27775 CVE-2020-27776 SUSE-SU-2015:1829-1 SUSE-SU-2015:1898-1 SUSE-SU-2015:2303-1 SUSE-SU-2016:0187-1 SUSE-SU-2016:3271-1 SUSE-SU-2017:1044-1 SUSE-SU-2017:2526-1 SUSE-SU-2017:2949-1 SUSE-SU-2017:3048-1 SUSE-SU-2018:0631-1 SUSE-SU-2018:1366-1 SUSE-SU-2019:1038-1 SUSE-SU-2019:2347-1 SUSE-SU-2021:0199-1
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND Package Information cracklib-2.9.6-lp150.2 is installed OR libcrack2-2.9.6-lp150.2 is installed OR libcrack2-32bit-2.9.6-lp150.2 is installed
Definition Synopsis
openSUSE Leap 15.1 is installed AND Package Information bind-9.11.2-lp151.11.3 is installed OR bind-chrootenv-9.11.2-lp151.11.3 is installed OR bind-devel-9.11.2-lp151.11.3 is installed OR bind-devel-32bit-9.11.2-lp151.11.3 is installed OR bind-doc-9.11.2-lp151.11.3 is installed OR bind-lwresd-9.11.2-lp151.11.3 is installed OR bind-utils-9.11.2-lp151.11.3 is installed OR libbind9-160-9.11.2-lp151.11.3 is installed OR libbind9-160-32bit-9.11.2-lp151.11.3 is installed OR libdns169-9.11.2-lp151.11.3 is installed OR libdns169-32bit-9.11.2-lp151.11.3 is installed OR libirs-devel-9.11.2-lp151.11.3 is installed OR libirs160-9.11.2-lp151.11.3 is installed OR libirs160-32bit-9.11.2-lp151.11.3 is installed OR libisc166-9.11.2-lp151.11.3 is installed OR libisc166-32bit-9.11.2-lp151.11.3 is installed OR libisccc160-9.11.2-lp151.11.3 is installed OR libisccc160-32bit-9.11.2-lp151.11.3 is installed OR libisccfg160-9.11.2-lp151.11.3 is installed OR libisccfg160-32bit-9.11.2-lp151.11.3 is installed OR liblwres160-9.11.2-lp151.11.3 is installed OR liblwres160-32bit-9.11.2-lp151.11.3 is installed OR python3-bind-9.11.2-lp151.11.3 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information MozillaFirefox-17.0.10esr-0.4.2 is installed OR MozillaFirefox-branding-SLED-7-0.6.9 is installed OR MozillaFirefox-translations-17.0.10esr-0.4.2 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information libmysql55client18-5.5.46-0.14 is installed OR libmysql55client18-32bit-5.5.46-0.14 is installed OR libmysql55client_r18-5.5.46-0.14 is installed OR libmysql55client_r18-32bit-5.5.46-0.14 is installed OR mysql-5.5.46-0.14 is installed OR mysql-client-5.5.46-0.14 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information krb5-1.6.3-133.49.97 is installed OR krb5-32bit-1.6.3-133.49.97 is installed OR krb5-client-1.6.3-133.49.97 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information libdcerpc-binding0-4.4.2-31 is installed OR libdcerpc-binding0-32bit-4.4.2-31 is installed OR libdcerpc0-4.4.2-31 is installed OR libdcerpc0-32bit-4.4.2-31 is installed OR libndr-krb5pac0-4.4.2-31 is installed OR libndr-krb5pac0-32bit-4.4.2-31 is installed OR libndr-nbt0-4.4.2-31 is installed OR libndr-nbt0-32bit-4.4.2-31 is installed OR libndr-standard0-4.4.2-31 is installed OR libndr-standard0-32bit-4.4.2-31 is installed OR libndr0-4.4.2-31 is installed OR libndr0-32bit-4.4.2-31 is installed OR libnetapi0-4.4.2-31 is installed OR libnetapi0-32bit-4.4.2-31 is installed OR libsamba-credentials0-4.4.2-31 is installed OR libsamba-credentials0-32bit-4.4.2-31 is installed OR libsamba-errors0-4.4.2-31 is installed OR libsamba-errors0-32bit-4.4.2-31 is installed OR libsamba-hostconfig0-4.4.2-31 is installed OR libsamba-hostconfig0-32bit-4.4.2-31 is installed OR libsamba-passdb0-4.4.2-31 is installed OR libsamba-passdb0-32bit-4.4.2-31 is installed OR libsamba-util0-4.4.2-31 is installed OR libsamba-util0-32bit-4.4.2-31 is installed OR libsamdb0-4.4.2-31 is installed OR libsamdb0-32bit-4.4.2-31 is installed OR libsmbclient0-4.4.2-31 is installed OR libsmbclient0-32bit-4.4.2-31 is installed OR libsmbconf0-4.4.2-31 is installed OR libsmbconf0-32bit-4.4.2-31 is installed OR libsmbldap0-4.4.2-31 is installed OR libsmbldap0-32bit-4.4.2-31 is installed OR libtevent-util0-4.4.2-31 is installed OR libtevent-util0-32bit-4.4.2-31 is installed OR libwbclient0-4.4.2-31 is installed OR libwbclient0-32bit-4.4.2-31 is installed OR samba-4.4.2-31 is installed OR samba-client-4.4.2-31 is installed OR samba-client-32bit-4.4.2-31 is installed OR samba-doc-4.4.2-31 is installed OR samba-libs-4.4.2-31 is installed OR samba-libs-32bit-4.4.2-31 is installed OR samba-winbind-4.4.2-31 is installed OR samba-winbind-32bit-4.4.2-31 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information cpp48-4.8.5-30 is installed OR gcc48-4.8.5-30 is installed OR gcc48-32bit-4.8.5-30 is installed OR gcc48-c++-4.8.5-30 is installed OR gcc48-gij-4.8.5-30 is installed OR gcc48-gij-32bit-4.8.5-30 is installed OR gcc48-info-4.8.5-30 is installed OR libasan0-4.8.5-30 is installed OR libasan0-32bit-4.8.5-30 is installed OR libgcj48-4.8.5-30 is installed OR libgcj48-32bit-4.8.5-30 is installed OR libgcj48-jar-4.8.5-30 is installed OR libgcj_bc1-4.8.5-30 is installed OR libstdc++48-devel-4.8.5-30 is installed OR libstdc++48-devel-32bit-4.8.5-30 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information libwireshark9-2.4.14-48.45 is installed OR libwiretap7-2.4.14-48.45 is installed OR libwscodecs1-2.4.14-48.45 is installed OR libwsutil8-2.4.14-48.45 is installed OR wireshark-2.4.14-48.45 is installed OR wireshark-gtk-2.4.14-48.45 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND libarchive13-3.1.2-9 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kgraft-patch-3_12_69-60_64_29-default-6-2 is installed OR kgraft-patch-3_12_69-60_64_29-xen-6-2 is installed OR kgraft-patch-SLE12-SP1_Update_12-6-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND autofs-5.0.9-21 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information openssh-7.2p2-74.25 is installed OR openssh-askpass-gnome-7.2p2-74.25 is installed OR openssh-fips-7.2p2-74.25 is installed OR openssh-helpers-7.2p2-74.25 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information kgraft-patch-4_4_120-92_70-default-8-2 is installed OR kgraft-patch-SLE12-SP2_Update_20-8-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information ImageMagick-config-6-SUSE-6.8.8.1-71.154.1 is installed OR ImageMagick-config-6-upstream-6.8.8.1-71.154.1 is installed OR libMagickCore-6_Q16-1-6.8.8.1-71.154.1 is installed OR libMagickWand-6_Q16-1-6.8.8.1-71.154.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information MozillaFirefox-60.2.2esr-109.46 is installed OR MozillaFirefox-branding-SLE-60-32.3 is installed OR MozillaFirefox-translations-common-60.2.2esr-109.46 is installed OR apache2-mod_nss-1.0.14-19.6 is installed OR libfreebl3-3.36.4-58.15 is installed OR libfreebl3-32bit-3.36.4-58.15 is installed OR libfreebl3-hmac-3.36.4-58.15 is installed OR libfreebl3-hmac-32bit-3.36.4-58.15 is installed OR libsoftokn3-3.36.4-58.15 is installed OR libsoftokn3-32bit-3.36.4-58.15 is installed OR libsoftokn3-hmac-3.36.4-58.15 is installed OR libsoftokn3-hmac-32bit-3.36.4-58.15 is installed OR mozilla-nspr-4.19-19.3 is installed OR mozilla-nspr-32bit-4.19-19.3 is installed OR mozilla-nss-3.36.4-58.15 is installed OR mozilla-nss-32bit-3.36.4-58.15 is installed OR mozilla-nss-certs-3.36.4-58.15 is installed OR mozilla-nss-certs-32bit-3.36.4-58.15 is installed OR mozilla-nss-sysinit-3.36.4-58.15 is installed OR mozilla-nss-sysinit-32bit-3.36.4-58.15 is installed OR mozilla-nss-tools-3.36.4-58.15 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND permissions-2015.09.28.1626-17.27 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information kgraft-patch-4_4_178-94_91-default-5-2 is installed OR kgraft-patch-SLE12-SP3_Update_25-5-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information python-cffi-1.11.2-5.11 is installed OR python-cryptography-2.1.4-7.28 is installed OR python-xattr-0.7.5-6.3 is installed OR python3-cffi-1.11.2-5.11 is installed OR python3-cryptography-2.1.4-7.28 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information libjavascriptcoregtk-4_0-18-2.24.2-2.44 is installed OR libwebkit2gtk-4_0-37-2.24.2-2.44 is installed OR typelib-1_0-JavaScriptCore-4_0-2.24.2-2.44 is installed OR typelib-1_0-WebKit2-4_0-2.24.2-2.44 is installed OR webkit2gtk-4_0-injected-bundles-2.24.2-2.44 is installed OR webkit2gtk3-2.24.2-2.44 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND apache2-mod_nss-1.0.14-19.3 is installed
Definition Synopsis
SUSE OpenStack Cloud 6 is installed AND Package Information java-1_8_0-ibm-1.8.0_sr5.10-30.16 is installed OR java-1_8_0-ibm-alsa-1.8.0_sr5.10-30.16 is installed OR java-1_8_0-ibm-devel-1.8.0_sr5.10-30.16 is installed OR java-1_8_0-ibm-plugin-1.8.0_sr5.10-30.16 is installed
Definition Synopsis
SUSE OpenStack Cloud 7 is installed AND Package Information java-1_7_1-ibm-1.7.1_sr4.45-38.37 is installed OR java-1_7_1-ibm-alsa-1.7.1_sr4.45-38.37 is installed OR java-1_7_1-ibm-devel-1.7.1_sr4.45-38.37 is installed OR java-1_7_1-ibm-jdbc-1.7.1_sr4.45-38.37 is installed OR java-1_7_1-ibm-plugin-1.7.1_sr4.45-38.37 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND Package Information postgresql96-9.6.15-3.29 is installed OR postgresql96-contrib-9.6.15-3.29 is installed OR postgresql96-docs-9.6.15-3.29 is installed OR postgresql96-libs-9.6.15-3.29 is installed OR postgresql96-plperl-9.6.15-3.29 is installed OR postgresql96-plpython-9.6.15-3.29 is installed OR postgresql96-pltcl-9.6.15-3.29 is installed OR postgresql96-server-9.6.15-3.29 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND binutils-2.32-9.33 is installed

BACK