Oval Definition:	oval:org.opensuse.security:def:56204
Revision Date: 2020-12-01 Version: 1 Title: Security update for ImageMagick (Moderate) Description: This update for ImageMagick fixes the following issues: Security issues fixed: CVE-2017-15033: A denial of service attack (memory leak) was fixed in ReadYUVImage in coders/yuv.c [bsc#1061873] * CVE-2017-11446: An infinite loop in ReadPESImage was fixed. (bsc#1049379) * CVE-2017-12433: A memory leak in ReadPESImage in coders/pes.c was fixed. (bsc#1052545) * CVE-2017-12428: A memory leak in ReadWMFImage in coders/wmf.c was fixed. (bsc#1052249) * CVE-2017-12431: A use-after-free in ReadWMFImage was fixed. (bsc#1052253) * CVE-2017-11534: A memory leak in the lite_font_map() in coders/wmf.c was fixed. (bsc#1050135) * CVE-2017-13133: A memory exhaustion in load_level function in coders/xcf.c was fixed. (bsc#1055219) * CVE-2017-13139: A out-of-bounds read in the ReadOneMNGImage was fixed. (bsc#1055430) This update also reverts an incorrect fix for CVE-2016-7530 [bsc#1054924]. Family: unix Class: patch Status: Reference(s): 1014136 1014172 1015348 1022555 1026236 1027519 1028235 1029128 1029827 1030050 1030144 1030442 1045327 1049379 1050135 1052249 1052253 1052545 1054924 1055219 1055430 1057950 1061873 1112039 1131493 930189 937787 955762 957174 958789 CVE-2008-4225 CVE-2008-4226 CVE-2008-4409 CVE-2009-0758 CVE-2010-2244 CVE-2010-4494 CVE-2011-0460 CVE-2011-1002 CVE-2011-1944 CVE-2012-0247 CVE-2012-0248 CVE-2012-1185 CVE-2012-1186 CVE-2012-5134 CVE-2012-6698 CVE-2012-6699 CVE-2012-6700 CVE-2013-0338 CVE-2013-1969 CVE-2013-2069 CVE-2013-7440 CVE-2014-0040 CVE-2014-0041 CVE-2014-0042 CVE-2014-0191 CVE-2014-3660 CVE-2014-7300 CVE-2014-8354 CVE-2014-8355 CVE-2014-8562 CVE-2014-8716 CVE-2015-2590 CVE-2015-2597 CVE-2015-2601 CVE-2015-2613 CVE-2015-2619 CVE-2015-2621 CVE-2015-2625 CVE-2015-2627 CVE-2015-2628 CVE-2015-2632 CVE-2015-2637 CVE-2015-2638 CVE-2015-2659 CVE-2015-2664 CVE-2015-2808 CVE-2015-4000 CVE-2015-4729 CVE-2015-4731 CVE-2015-4732 CVE-2015-4733 CVE-2015-4734 CVE-2015-4736 CVE-2015-4748 CVE-2015-4749 CVE-2015-4760 CVE-2015-4792 CVE-2015-4802 CVE-2015-4803 CVE-2015-4805 CVE-2015-4806 CVE-2015-4807 CVE-2015-4810 CVE-2015-4815 CVE-2015-4826 CVE-2015-4830 CVE-2015-4835 CVE-2015-4836 CVE-2015-4840 CVE-2015-4842 CVE-2015-4843 CVE-2015-4844 CVE-2015-4858 CVE-2015-4860 CVE-2015-4861 CVE-2015-4868 CVE-2015-4870 CVE-2015-4872 CVE-2015-4881 CVE-2015-4882 CVE-2015-4883 CVE-2015-4893 CVE-2015-4901 CVE-2015-4902 CVE-2015-4903 CVE-2015-4906 CVE-2015-4908 CVE-2015-4911 CVE-2015-4913 CVE-2015-4916 CVE-2015-5969 CVE-2015-7575 CVE-2015-8126 CVE-2016-0402 CVE-2016-0448 CVE-2016-0466 CVE-2016-0475 CVE-2016-0483 CVE-2016-0494 CVE-2016-0636 CVE-2016-0686 CVE-2016-0687 CVE-2016-0695 CVE-2016-3425 CVE-2016-3426 CVE-2016-3427 CVE-2016-3458 CVE-2016-3485 CVE-2016-3498 CVE-2016-3500 CVE-2016-3503 CVE-2016-3508 CVE-2016-3511 CVE-2016-3550 CVE-2016-3552 CVE-2016-3587 CVE-2016-3598 CVE-2016-3606 CVE-2016-3610 CVE-2016-7530 CVE-2016-9042 CVE-2017-1000251 CVE-2017-11446 CVE-2017-11534 CVE-2017-12428 CVE-2017-12431 CVE-2017-12433 CVE-2017-13133 CVE-2017-13139 CVE-2017-15033 CVE-2017-15274 CVE-2017-6451 CVE-2017-6458 CVE-2017-6460 CVE-2017-6462 CVE-2017-6463 CVE-2017-6464 CVE-2017-6505 CVE-2017-7228 CVE-2018-18386 CVE-2019-5953 SUSE-SU-2015:1651-1 SUSE-SU-2015:2174-1 SUSE-SU-2016:0296-1 SUSE-SU-2017:0983-1 SUSE-SU-2017:1048-1 SUSE-SU-2017:2786-1 SUSE-SU-2017:2949-1 SUSE-SU-2019:0956-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND argyllcms-1.9.2-lp150.2 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information libecpg6-10.9-lp151.2.3 is installed OR libecpg6-32bit-10.9-lp151.2.3 is installed OR libpq5-10.9-lp151.2.3 is installed OR libpq5-32bit-10.9-lp151.2.3 is installed OR postgresql10-10.9-lp151.2.3 is installed OR postgresql10-contrib-10.9-lp151.2.3 is installed OR postgresql10-devel-10.9-lp151.2.3 is installed OR postgresql10-docs-10.9-lp151.2.3 is installed OR postgresql10-plperl-10.9-lp151.2.3 is installed OR postgresql10-plpython-10.9-lp151.2.3 is installed OR postgresql10-pltcl-10.9-lp151.2.3 is installed OR postgresql10-server-10.9-lp151.2.3 is installed OR postgresql10-test-10.9-lp151.2.3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP4 is installed AND dhcpcd-3.2.3-45.5 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information ImageMagick-6.8.8.1-71.12 is installed OR libMagick++-6_Q16-3-6.8.8.1-71.12 is installed OR libMagickCore-6_Q16-1-6.8.8.1-71.12 is installed OR libMagickCore-6_Q16-1-32bit-6.8.8.1-71.12 is installed OR libMagickWand-6_Q16-1-6.8.8.1-71.12 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information avahi-0.6.31-20 is installed OR avahi-lang-0.6.31-20 is installed OR avahi-utils-0.6.31-20 is installed OR libavahi-client3-0.6.31-20 is installed OR libavahi-client3-32bit-0.6.31-20 is installed OR libavahi-common3-0.6.31-20 is installed OR libavahi-common3-32bit-0.6.31-20 is installed OR libavahi-core7-0.6.31-20 is installed OR libdns_sd-0.6.31-20 is installed OR libdns_sd-32bit-0.6.31-20 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kgraft-patch-3_12_67-60_64_24-default-9-4 is installed OR kgraft-patch-3_12_67-60_64_24-xen-9-4 is installed OR kgraft-patch-SLE12-SP1_Update_11-9-4 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information gnome-settings-daemon-3.20.1-40 is installed OR gnome-settings-daemon-lang-3.20.1-40 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information apache2-2.4.23-29.27 is installed OR apache2-doc-2.4.23-29.27 is installed OR apache2-example-pages-2.4.23-29.27 is installed OR apache2-prefork-2.4.23-29.27 is installed OR apache2-utils-2.4.23-29.27 is installed OR apache2-worker-2.4.23-29.27 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information kgraft-patch-4_4_103-92_56-default-10-2 is installed OR kgraft-patch-SLE12-SP2_Update_17-10-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_90-92_50-default-8-2 is installed OR kgraft-patch-SLE12-SP2_Update_15-8-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information libnetpbm11-10.66.3-7 is installed OR libnetpbm11-32bit-10.66.3-7 is installed OR netpbm-10.66.3-7 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND mailman-2.1.17-3.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information libtasn1-4.9-3.5 is installed OR libtasn1-6-4.9-3.5 is installed OR libtasn1-6-32bit-4.9-3.5 is installed Definition Synopsis SUSE OpenStack Cloud 6 is installed AND openstack-heat-templates-0.0.0+git.1452795102.e53f5d3-1 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND Package Information openslp-2.0.0-18.17 is installed OR openslp-32bit-2.0.0-18.17 is installed OR openslp-server-2.0.0-18.17 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information pam_radius-1.3.16-239.4 is installed OR pam_radius-32bit-1.3.16-239.4 is installed
BACK