Oval Definition:oval:org.opensuse.security:def:55207
Revision Date:2021-01-22Version:1
Title:Security update for ImageMagick (Important)
Description:

This update for ImageMagick fixes the following issues:

- CVE-2020-19667: Fixed a stack buffer overflow in XPM coder could result in a crash (bsc#1179103). - CVE-2020-25664: Fixed a heap-based buffer overflow in PopShortPixel (bsc#1179202). - CVE-2020-25665: Fixed a heap-based buffer overflow in WritePALMImage (bsc#1179208). - CVE-2020-25666: Fixed an outside the range of representable values of type 'int' and signed integer overflow (bsc#1179212). - CVE-2020-25674: Fixed a heap-based buffer overflow in WriteOnePNGImage (bsc#1179223). - CVE-2020-25675: Fixed an outside the range of representable values of type 'long' and integer overflow (bsc#1179240). - CVE-2020-25676: Fixed an outside the range of representable values of type 'long' and integer overflow at MagickCore/pixel.c (bsc#1179244). - CVE-2020-27750: Fixed an division by zero in MagickCore/colorspace-private.h (bsc#1179260). - CVE-2020-27751: Fixed an integer overflow in MagickCore/quantum-export.c (bsc#1179269). - CVE-2020-27752: Fixed a heap-based buffer overflow in PopShortPixel in MagickCore/quantum-private.h (bsc#1179346). - CVE-2020-27753: Fixed memory leaks in AcquireMagickMemory function (bsc#1179397). - CVE-2020-27754: Fixed an outside the range of representable values of type 'long' and signed integer overflow at MagickCore/quantize.c (bsc#1179336). - CVE-2020-27755: Fixed memory leaks in ResizeMagickMemory function in ImageMagick/MagickCore/memory.c (bsc#1179345). - CVE-2020-27757: Fixed an outside the range of representable values of type 'unsigned long long' at MagickCore/quantum-private.h (bsc#1179268). - CVE-2020-27759: Fixed an outside the range of representable values of type 'int' at MagickCore/quantize.c (bsc#1179313). - CVE-2020-27760: Fixed a division by zero at MagickCore/enhance.c (bsc#1179281). - CVE-2020-27761: Fixed an outside the range of representable values of type 'unsigned long' at coders/palm.c (bsc#1179315). - CVE-2020-27762: Fixed an outside the range of representable values of type 'unsigned char' (bsc#1179278). - CVE-2020-27763: Fixed a division by zero at MagickCore/resize.c (bsc#1179312). - CVE-2020-27764: Fixed an outside the range of representable values of type 'unsigned long' at MagickCore/statistic.c (bsc#1179317). - CVE-2020-27765: Fixed a division by zero at MagickCore/segment.c (bsc#1179311). - CVE-2020-27766: Fixed an outside the range of representable values of type 'unsigned long' at MagickCore/statistic.c (bsc#1179361). - CVE-2020-27767: Fixed an outside the range of representable values of type 'float' at MagickCore/quantum.h (bsc#1179322). - CVE-2020-27768: Fixed an outside the range of representable values of type 'unsigned int' at MagickCore/quantum-private.h (bsc#1179339). - CVE-2020-27769: Fixed an outside the range of representable values of type 'float' at MagickCore/quantize.c (bsc#1179321). - CVE-2020-27770: Fixed an unsigned offset overflowed at MagickCore/string.c (bsc#1179343). - CVE-2020-27771: Fixed an outside the range of representable values of type 'unsigned char' at coders/pdf.c (bsc#1179327). - CVE-2020-27772: Fixed an outside the range of representable values of type 'unsigned int' at coders/bmp.c (bsc#1179347). - CVE-2020-27773: Fixed a division by zero at MagickCore/gem-private.h (bsc#1179285). - CVE-2020-27774: Fixed an integer overflow at MagickCore/statistic.c (bsc#1179333). - CVE-2020-27775: Fixed an outside the range of representable values of type 'unsigned char' at MagickCore/quantum.h (bsc#1179338). - CVE-2020-27776: Fixed an outside the range of representable values of type 'unsigned long' at MagickCore/statistic.c (bsc#1179362).
Family:unixClass:patch
Status:Reference(s):1021578
1034674
1034678
1042829
1067203
1068032
1072193
1077375
1077999
1080249
1083213
1083993
1085295
1085297
1085583
1085584
1085585
1085589
1087932
1088662
1089124
1092548
1100365
1111634
1111635
1132160
1133204
1133205
1133498
1133501
1134075
1135232
1135236
1136183
1136732
1138425
1138464
1179103
1179202
1179208
1179212
1179223
1179240
1179244
1179260
1179268
1179269
1179278
1179281
1179285
1179311
1179312
1179313
1179315
1179317
1179321
1179322
1179327
1179333
1179336
1179338
1179339
1179343
1179345
1179346
1179347
1179361
1179362
1179397
812525
856832
859158
899303
905245
905246
905247
905248
929629
990636
CVE-2009-0946
CVE-2010-0405
CVE-2010-2252
CVE-2010-2497
CVE-2010-2805
CVE-2010-3053
CVE-2010-3054
CVE-2010-3311
CVE-2010-3814
CVE-2010-3855
CVE-2011-0226
CVE-2011-2721
CVE-2011-3256
CVE-2011-3439
CVE-2011-3627
CVE-2012-1126
CVE-2012-1127
CVE-2012-1128
CVE-2012-1129
CVE-2012-1130
CVE-2012-1131
CVE-2012-1132
CVE-2012-1133
CVE-2012-1134
CVE-2012-1135
CVE-2012-1136
CVE-2012-1137
CVE-2012-1138
CVE-2012-1139
CVE-2012-1140
CVE-2012-1141
CVE-2012-1142
CVE-2012-1143
CVE-2012-1144
CVE-2012-1457
CVE-2012-1458
CVE-2012-1459
CVE-2012-4929
CVE-2012-5668
CVE-2012-5669
CVE-2012-5670
CVE-2013-1899
CVE-2013-1900
CVE-2013-1901
CVE-2013-4549
CVE-2013-6497
CVE-2014-2240
CVE-2014-2241
CVE-2014-3566
CVE-2014-4877
CVE-2014-4975
CVE-2014-8080
CVE-2014-8090
CVE-2014-8146
CVE-2014-8147
CVE-2014-8710
CVE-2014-8711
CVE-2014-8712
CVE-2014-8713
CVE-2014-8714
CVE-2014-9050
CVE-2014-9328
CVE-2014-9656
CVE-2014-9657
CVE-2014-9658
CVE-2014-9659
CVE-2014-9660
CVE-2014-9661
CVE-2014-9662
CVE-2014-9663
CVE-2014-9664
CVE-2014-9665
CVE-2014-9666
CVE-2014-9667
CVE-2014-9668
CVE-2014-9669
CVE-2014-9670
CVE-2014-9671
CVE-2014-9672
CVE-2014-9673
CVE-2014-9674
CVE-2014-9675
CVE-2015-1461
CVE-2015-1462
CVE-2015-1463
CVE-2015-1855
CVE-2015-2170
CVE-2015-2221
CVE-2015-2222
CVE-2015-2305
CVE-2015-2668
CVE-2015-3900
CVE-2015-7551
CVE-2016-10244
CVE-2016-2339
CVE-2016-6293
CVE-2017-12805
CVE-2017-12806
CVE-2017-14952
CVE-2017-15422
CVE-2017-17484
CVE-2017-18233
CVE-2017-18234
CVE-2017-18236
CVE-2017-18238
CVE-2017-5715
CVE-2017-7867
CVE-2017-7868
CVE-2017-8105
CVE-2017-8287
CVE-2017-9432
CVE-2017-9433
CVE-2018-1000807
CVE-2018-1000808
CVE-2018-1055
CVE-2018-14348
CVE-2018-5150
CVE-2018-5154
CVE-2018-5155
CVE-2018-5157
CVE-2018-5158
CVE-2018-5159
CVE-2018-5168
CVE-2018-5174
CVE-2018-5178
CVE-2018-5183
CVE-2018-6871
CVE-2018-7728
CVE-2018-7730
CVE-2019-10131
CVE-2019-11068
CVE-2019-11470
CVE-2019-11472
CVE-2019-11505
CVE-2019-11506
CVE-2019-11597
CVE-2019-11598
CVE-2020-19667
CVE-2020-25664
CVE-2020-25665
CVE-2020-25666
CVE-2020-25674
CVE-2020-25675
CVE-2020-25676
CVE-2020-27750
CVE-2020-27751
CVE-2020-27752
CVE-2020-27753
CVE-2020-27754
CVE-2020-27755
CVE-2020-27757
CVE-2020-27759
CVE-2020-27760
CVE-2020-27761
CVE-2020-27762
CVE-2020-27763
CVE-2020-27764
CVE-2020-27765
CVE-2020-27766
CVE-2020-27767
CVE-2020-27768
CVE-2020-27769
CVE-2020-27770
CVE-2020-27771
CVE-2020-27772
CVE-2020-27773
CVE-2020-27774
CVE-2020-27775
CVE-2020-27776
SUSE-SU-2015:0426-1
SUSE-SU-2018:0056-1
SUSE-SU-2018:1076-1
SUSE-SU-2018:2143-1
SUSE-SU-2018:3389-1
SUSE-SU-2018:4063-1
SUSE-SU-2019:1232-1
SUSE-SU-2019:1712-1
SUSE-SU-2021:0199-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 6
SUSE OpenStack Cloud 6-LTSS
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 9
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • libKF5Auth5-5.45.0-lp150.2 is installed
  • OR libKF5Auth5-lang-5.45.0-lp150.2 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • libu2f-host-1.1.6-lp151.2.6 is installed
  • OR libu2f-host-devel-1.1.6-lp151.2.6 is installed
  • OR libu2f-host-doc-1.1.6-lp151.2.6 is installed
  • OR libu2f-host0-1.1.6-lp151.2.6 is installed
  • OR pam_u2f-1.0.8-lp151.2.3 is installed
  • OR u2f-host-1.1.6-lp151.2.6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP2 is installed
  • AND Package Information
  • libecpg6-9.1.9-0.3 is installed
  • OR libpq5-9.1.9-0.3 is installed
  • OR libpq5-32bit-9.1.9-0.3 is installed
  • OR postgresql91-9.1.9-0.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP3 is installed
  • AND Package Information
  • libQtWebKit4-4.6.3-5.29 is installed
  • OR libQtWebKit4-32bit-4.6.3-5.29 is installed
  • OR libqt4-4.6.3-5.29 is installed
  • OR libqt4-32bit-4.6.3-5.29 is installed
  • OR libqt4-qt3support-4.6.3-5.29 is installed
  • OR libqt4-qt3support-32bit-4.6.3-5.29 is installed
  • OR libqt4-sql-4.6.3-5.29 is installed
  • OR libqt4-sql-32bit-4.6.3-5.29 is installed
  • OR libqt4-sql-mysql-4.6.3-5.29 is installed
  • OR libqt4-sql-mysql-32bit-4.6.3-5.29 is installed
  • OR libqt4-sql-postgresql-4.6.3-5.29 is installed
  • OR libqt4-sql-postgresql-32bit-4.6.3-5.29 is installed
  • OR libqt4-sql-sqlite-4.6.3-5.29 is installed
  • OR libqt4-sql-sqlite-32bit-4.6.3-5.29 is installed
  • OR libqt4-sql-unixODBC-4.6.3-5.29 is installed
  • OR libqt4-sql-unixODBC-32bit-4.6.3-5.29 is installed
  • OR libqt4-x11-4.6.3-5.29 is installed
  • OR libqt4-x11-32bit-4.6.3-5.29 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND Package Information
  • libcgroup-0.41.rc1-10.3 is installed
  • OR libcgroup1-0.41.rc1-10.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND Package Information
  • libfreetype6-2.6.3-7.15 is installed
  • OR libfreetype6-32bit-2.6.3-7.15 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND clamav-0.98.7-13 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • xen-4.5.5_14-22.25 is installed
  • OR xen-doc-html-4.5.5_14-22.25 is installed
  • OR xen-kmp-default-4.5.5_14_k3.12.74_60.64.54-22.25 is installed
  • OR xen-libs-4.5.5_14-22.25 is installed
  • OR xen-libs-32bit-4.5.5_14-22.25 is installed
  • OR xen-tools-4.5.5_14-22.25 is installed
  • OR xen-tools-domU-4.5.5_14-22.25 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND busybox-1.21.1-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • ImageMagick-config-6-SUSE-6.8.8.1-71.154.1 is installed
  • OR ImageMagick-config-6-upstream-6.8.8.1-71.154.1 is installed
  • OR libMagickCore-6_Q16-1-6.8.8.1-71.154.1 is installed
  • OR libMagickWand-6_Q16-1-6.8.8.1-71.154.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • java-1_7_1-ibm-1.7.1_sr4.50-38.41 is installed
  • OR java-1_7_1-ibm-alsa-1.7.1_sr4.50-38.41 is installed
  • OR java-1_7_1-ibm-devel-1.7.1_sr4.50-38.41 is installed
  • OR java-1_7_1-ibm-jdbc-1.7.1_sr4.50-38.41 is installed
  • OR java-1_7_1-ibm-plugin-1.7.1_sr4.50-38.41 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_121-92_73-default-6-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_21-6-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • at-3.1.14-7 is installed
  • OR flex-2.5.37-8 is installed
  • OR flex-32bit-2.5.37-8 is installed
  • OR libQtWebKit4-4.8.6+2.3.3-3 is installed
  • OR libQtWebKit4-32bit-4.8.6+2.3.3-3 is installed
  • OR libbonobo-2.32.1-16 is installed
  • OR libbonobo-32bit-2.32.1-16 is installed
  • OR libbonobo-doc-2.32.1-16 is installed
  • OR libbonobo-lang-2.32.1-16 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • java-1_8_0-openjdk-1.8.0.222-27.35 is installed
  • OR java-1_8_0-openjdk-demo-1.8.0.222-27.35 is installed
  • OR java-1_8_0-openjdk-devel-1.8.0.222-27.35 is installed
  • OR java-1_8_0-openjdk-headless-1.8.0.222-27.35 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • python-PyYAML-5.1.2-26.12 is installed
  • OR python3-PyYAML-5.1.2-26.12 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • libX11-1.6.2-12.5 is installed
  • OR libX11-6-1.6.2-12.5 is installed
  • OR libX11-6-32bit-1.6.2-12.5 is installed
  • OR libX11-data-1.6.2-12.5 is installed
  • OR libX11-xcb1-1.6.2-12.5 is installed
  • OR libX11-xcb1-32bit-1.6.2-12.5 is installed
  • OR libxcb-1.10-4.3 is installed
  • OR libxcb-dri2-0-1.10-4.3 is installed
  • OR libxcb-dri2-0-32bit-1.10-4.3 is installed
  • OR libxcb-dri3-0-1.10-4.3 is installed
  • OR libxcb-dri3-0-32bit-1.10-4.3 is installed
  • OR libxcb-glx0-1.10-4.3 is installed
  • OR libxcb-glx0-32bit-1.10-4.3 is installed
  • OR libxcb-present0-1.10-4.3 is installed
  • OR libxcb-present0-32bit-1.10-4.3 is installed
  • OR libxcb-randr0-1.10-4.3 is installed
  • OR libxcb-render0-1.10-4.3 is installed
  • OR libxcb-render0-32bit-1.10-4.3 is installed
  • OR libxcb-shape0-1.10-4.3 is installed
  • OR libxcb-shm0-1.10-4.3 is installed
  • OR libxcb-shm0-32bit-1.10-4.3 is installed
  • OR libxcb-sync1-1.10-4.3 is installed
  • OR libxcb-sync1-32bit-1.10-4.3 is installed
  • OR libxcb-xf86dri0-1.10-4.3 is installed
  • OR libxcb-xfixes0-1.10-4.3 is installed
  • OR libxcb-xfixes0-32bit-1.10-4.3 is installed
  • OR libxcb-xinerama0-1.10-4.3 is installed
  • OR libxcb-xkb1-1.10-4.3 is installed
  • OR libxcb-xkb1-32bit-1.10-4.3 is installed
  • OR libxcb-xv0-1.10-4.3 is installed
  • OR libxcb1-1.10-4.3 is installed
  • OR libxcb1-32bit-1.10-4.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • apache-commons-daemon-1.0.15-6 is installed
  • OR apache-commons-daemon-javadoc-1.0.15-6 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 6 is installed
  • AND Package Information
  • qemu-2.3.1-33.6 is installed
  • OR qemu-block-curl-2.3.1-33.6 is installed
  • OR qemu-block-rbd-2.3.1-33.6 is installed
  • OR qemu-guest-agent-2.3.1-33.6 is installed
  • OR qemu-ipxe-1.0.0-33.6 is installed
  • OR qemu-kvm-2.3.1-33.6 is installed
  • OR qemu-lang-2.3.1-33.6 is installed
  • OR qemu-seabios-1.8.1-33.6 is installed
  • OR qemu-sgabios-8-33.6 is installed
  • OR qemu-tools-2.3.1-33.6 is installed
  • OR qemu-vgabios-1.8.1-33.6 is installed
  • OR qemu-x86-2.3.1-33.6 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 6-LTSS is installed
  • AND python-pip-10.0.1-11.9 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • java-1_8_0-ibm-1.8.0_sr5.20-30.36 is installed
  • OR java-1_8_0-ibm-alsa-1.8.0_sr5.20-30.36 is installed
  • OR java-1_8_0-ibm-devel-1.8.0_sr5.20-30.36 is installed
  • OR java-1_8_0-ibm-plugin-1.8.0_sr5.20-30.36 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • strongswan-5.1.3-26.13 is installed
  • OR strongswan-doc-5.1.3-26.13 is installed
  • OR strongswan-hmac-5.1.3-26.13 is installed
  • OR strongswan-ipsec-5.1.3-26.13 is installed
  • OR strongswan-libs0-5.1.3-26.13 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 9 is installed
  • AND Package Information
  • mariadb-10.2.31-3.25 is installed
  • OR mariadb-galera-10.2.31-3.25 is installed
    • BACK