Oval Definition:	oval:org.opensuse.security:def:56402
Revision Date: 2020-12-01 Version: 1 Title: Security update for ImageMagick (Moderate) Description: This update for ImageMagick fixes several issues. These security issues were fixed: - CVE-2018-8804: The WriteEPTImage function allowed remote attackers to cause a denial of service (double free and application crash) or possibly have unspecified other impact via a crafted file (bsc#1086011). - CVE-2017-11524: The WriteBlob function allowed remote attackers to cause a denial of service (assertion failure and application exit) via a crafted file (bsc#1050087). - CVE-2017-18209: Prevent NULL pointer dereference in the GetOpenCLCachedFilesDirectory function caused by a memory allocation result that was not checked, related to GetOpenCLCacheDirectory (bsc#1083628). - CVE-2017-18211: Prevent NULL pointer dereference in the function saveBinaryCLProgram caused by a program-lookup result not being checked, related to CacheOpenCLKernel (bsc#1083634). - CVE-2017-9500: Prevent assertion failure in the function ResetImageProfileIterator, which allowed attackers to cause a denial of service via a crafted file (bsc#1043290). - CVE-2017-14739: The AcquireResampleFilterThreadSet function mishandled failed memory allocation, which allowed remote attackers to cause a denial of service (NULL Pointer Dereference in DistortImage in MagickCore/distort.c, and application crash) via unspecified vectors (bsc#1060382). - CVE-2017-16353: Prevent memory information disclosure in the DescribeImage function caused by a heap-based buffer over-read. The portion of the code containing the vulnerability is responsible for printing the IPTC Profile information contained in the image. This vulnerability can be triggered with a specially crafted MIFF file. There is an out-of-bounds buffer dereference because certain increments were never checked (bsc#1066170). - CVE-2017-16352: Prevent a heap-based buffer overflow in the 'Display visual image directory' feature of the DescribeImage() function. One possible way to trigger the vulnerability is to run the identify command on a specially crafted MIFF format file with the verbose flag (bsc#1066168). - CVE-2017-14314: Prevent off-by-one error in the DrawImage function that allowed remote attackers to cause a denial of service (DrawDashPolygon heap-based buffer over-read and application crash) via a crafted file (bsc#1058630). - CVE-2017-13768: Prevent NULL pointer dereference in the IdentifyImage function that allowed an attacker to perform denial of service by sending a crafted image file (bsc#1056434). - CVE-2017-14505: Fixed handling of NULL arrays, which allowed attackers to perform Denial of Service (NULL pointer dereference and application crash in AcquireQuantumMemory within MagickCore/memory.c) by providing a crafted Image File as input (bsc#1059735). - CVE-2018-7470: The IsWEBPImageLossless function allowed attackers to cause a denial of service (segmentation violation) via a crafted file (bsc#1082837). - CVE-2018-7443: The ReadTIFFImage function did not properly validate the amount of image data in a file, which allowed remote attackers to cause a denial of service (memory allocation failure in the AcquireMagickMemory function in MagickCore/memory.c) (bsc#1082792). - CVE-2017-15016: Prevent NULL pointer dereference vulnerability in ReadEnhMetaFile allowing for denial of service (bsc#1082291). - CVE-2017-15017: Prevent NULL pointer dereference vulnerability in ReadOneMNGImage allowing for denial of service (bsc#1082283). - CVE-2017-12692: The ReadVIFFImage function allowed remote attackers to cause a denial of service (memory consumption) via a crafted VIFF file (bsc#1082362). - CVE-2017-12693: The ReadBMPImage function allowed remote attackers to cause a denial of service (memory consumption) via a crafted BMP file (bsc#1082348). Family: unix Class: patch Status: Reference(s): 1012568 1019251 1021669 1043290 1047873 1050087 1056434 1057247 1058630 1059735 1060382 1063671 1064392 1065641 1066168 1066170 1066471 1066472 1079798 1079799 1079800 1079801 1082283 1082291 1082348 1082362 1082792 1082837 1083628 1083634 1086011 1096564 1097108 1099306 1119947 912607 980364 980377 CVE-2009-1886 CVE-2009-1888 CVE-2009-2813 CVE-2009-2906 CVE-2009-2948 CVE-2010-0547 CVE-2010-0728 CVE-2010-0787 CVE-2010-0926 CVE-2010-1635 CVE-2010-1642 CVE-2010-2063 CVE-2010-2074 CVE-2010-3069 CVE-2011-0719 CVE-2011-2522 CVE-2011-2694 CVE-2012-0817 CVE-2012-0870 CVE-2012-1152 CVE-2012-1182 CVE-2012-2111 CVE-2012-4929 CVE-2012-6150 CVE-2013-0172 CVE-2013-0213 CVE-2013-0214 CVE-2013-0454 CVE-2013-1863 CVE-2013-1982 CVE-2013-4124 CVE-2013-4408 CVE-2013-4475 CVE-2013-4476 CVE-2013-4496 CVE-2013-6393 CVE-2013-6442 CVE-2014-0178 CVE-2014-0239 CVE-2014-0244 CVE-2014-2525 CVE-2014-3493 CVE-2014-3560 CVE-2014-3675 CVE-2014-3676 CVE-2014-3677 CVE-2014-5356 CVE-2014-8143 CVE-2014-9130 CVE-2014-9684 CVE-2015-0240 CVE-2015-1195 CVE-2015-1419 CVE-2015-3223 CVE-2015-5198 CVE-2015-5199 CVE-2015-5200 CVE-2015-5252 CVE-2015-5296 CVE-2015-5299 CVE-2015-5330 CVE-2015-5370 CVE-2015-7560 CVE-2015-8467 CVE-2015-8872 CVE-2016-2110 CVE-2016-2111 CVE-2016-2112 CVE-2016-2113 CVE-2016-2115 CVE-2016-2118 CVE-2016-2119 CVE-2016-4804 CVE-2016-9962 CVE-2017-11108 CVE-2017-11524 CVE-2017-11541 CVE-2017-11542 CVE-2017-11543 CVE-2017-11600 CVE-2017-12692 CVE-2017-12693 CVE-2017-12893 CVE-2017-12894 CVE-2017-12895 CVE-2017-12896 CVE-2017-12897 CVE-2017-12898 CVE-2017-12899 CVE-2017-12900 CVE-2017-12901 CVE-2017-12902 CVE-2017-12985 CVE-2017-12986 CVE-2017-12987 CVE-2017-12988 CVE-2017-12989 CVE-2017-12990 CVE-2017-12991 CVE-2017-12992 CVE-2017-12993 CVE-2017-12994 CVE-2017-12995 CVE-2017-12996 CVE-2017-12997 CVE-2017-12998 CVE-2017-12999 CVE-2017-13000 CVE-2017-13001 CVE-2017-13002 CVE-2017-13003 CVE-2017-13004 CVE-2017-13005 CVE-2017-13006 CVE-2017-13007 CVE-2017-13008 CVE-2017-13009 CVE-2017-13010 CVE-2017-13011 CVE-2017-13012 CVE-2017-13013 CVE-2017-13014 CVE-2017-13015 CVE-2017-13016 CVE-2017-13017 CVE-2017-13018 CVE-2017-13019 CVE-2017-13020 CVE-2017-13021 CVE-2017-13022 CVE-2017-13023 CVE-2017-13024 CVE-2017-13025 CVE-2017-13026 CVE-2017-13027 CVE-2017-13028 CVE-2017-13029 CVE-2017-13030 CVE-2017-13031 CVE-2017-13032 CVE-2017-13033 CVE-2017-13034 CVE-2017-13035 CVE-2017-13036 CVE-2017-13037 CVE-2017-13038 CVE-2017-13039 CVE-2017-13040 CVE-2017-13041 CVE-2017-13042 CVE-2017-13043 CVE-2017-13044 CVE-2017-13045 CVE-2017-13046 CVE-2017-13047 CVE-2017-13048 CVE-2017-13049 CVE-2017-13050 CVE-2017-13051 CVE-2017-13052 CVE-2017-13053 CVE-2017-13054 CVE-2017-13055 CVE-2017-13080 CVE-2017-13687 CVE-2017-13688 CVE-2017-13689 CVE-2017-13690 CVE-2017-13725 CVE-2017-13768 CVE-2017-14314 CVE-2017-14505 CVE-2017-14739 CVE-2017-15016 CVE-2017-15017 CVE-2017-15649 CVE-2017-16227 CVE-2017-16352 CVE-2017-16353 CVE-2017-18209 CVE-2017-18211 CVE-2017-5495 CVE-2017-9500 CVE-2018-10853 CVE-2018-16884 CVE-2018-3646 CVE-2018-5378 CVE-2018-5379 CVE-2018-5380 CVE-2018-5381 CVE-2018-7443 CVE-2018-7470 CVE-2018-8804 SUSE-SU-2016:2145-1 SUSE-SU-2017:1964-1 SUSE-SU-2017:2854-1 SUSE-SU-2017:3153-1 SUSE-SU-2018:0455-1 SUSE-SU-2018:0857-1 SUSE-SU-2018:2367-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information kbd-2.0.4-lp150.6 is installed OR kbd-legacy-2.0.4-lp150.6 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information apache2-2.4.33-lp151.8.6 is installed OR apache2-devel-2.4.33-lp151.8.6 is installed OR apache2-doc-2.4.33-lp151.8.6 is installed OR apache2-event-2.4.33-lp151.8.6 is installed OR apache2-example-pages-2.4.33-lp151.8.6 is installed OR apache2-prefork-2.4.33-lp151.8.6 is installed OR apache2-utils-2.4.33-lp151.8.6 is installed OR apache2-worker-2.4.33-lp151.8.6 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information ImageMagick-6.8.8.1-71.47 is installed OR libMagick++-6_Q16-3-6.8.8.1-71.47 is installed OR libMagickCore-6_Q16-1-6.8.8.1-71.47 is installed OR libMagickCore-6_Q16-1-32bit-6.8.8.1-71.47 is installed OR libMagickWand-6_Q16-1-6.8.8.1-71.47 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND tcpdump-4.9.2-14.5 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information libXext6-1.3.2-3 is installed OR libXext6-32bit-1.3.2-3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kgraft-patch-3_12_74-60_64_45-default-6-2 is installed OR kgraft-patch-3_12_74-60_64_45-xen-6-2 is installed OR kgraft-patch-SLE12-SP1_Update_16-6-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND libdcerpc-atsvc0-4.2.4-26 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information java-1_7_1-ibm-1.7.1_sr4.30-38.26 is installed OR java-1_7_1-ibm-alsa-1.7.1_sr4.30-38.26 is installed OR java-1_7_1-ibm-devel-1.7.1_sr4.30-38.26 is installed OR java-1_7_1-ibm-jdbc-1.7.1_sr4.30-38.26 is installed OR java-1_7_1-ibm-plugin-1.7.1_sr4.30-38.26 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information kgraft-patch-4_4_121-92_95-default-6-2 is installed OR kgraft-patch-SLE12-SP2_Update_25-6-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_74-92_35-default-10-2 is installed OR kgraft-patch-SLE12-SP2_Update_12-10-2 is installed Definition Synopsis Release Information SUSE Linux Enterprise Server 12 SP3 is installed AND kernel-default-4.4.180-94.100 is installed OR kernel-default-base-4.4.180-94.100 is installed OR kernel-default-devel-4.4.180-94.100 is installed OR kernel-default-man-4.4.180-94.100 is installed OR kernel-devel-4.4.180-94.100 is installed OR kernel-macros-4.4.180-94.100 is installed OR kernel-source-4.4.180-94.100 is installed OR kernel-syms-4.4.180-94.100 is installed OR kgraft-patch-4_4_180-94_100-default-1-4.3 is installed OR kgraft-patch-SLE12-SP3_Update_27-1-4.3 is installed OR Package Information SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND kernel-default-4.4.180-94.100 is installed OR kernel-default-base-4.4.180-94.100 is installed OR kernel-default-devel-4.4.180-94.100 is installed OR kernel-default-man-4.4.180-94.100 is installed OR kernel-devel-4.4.180-94.100 is installed OR kernel-macros-4.4.180-94.100 is installed OR kernel-source-4.4.180-94.100 is installed OR kernel-syms-4.4.180-94.100 is installed OR kgraft-patch-4_4_180-94_100-default-1-4.3 is installed OR kgraft-patch-SLE12-SP3_Update_27-1-4.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND binutils-2.26.1-9.12 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND ucode-intel-20191112-13.53 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND davfs2-1.5.2-2 is installed Definition Synopsis SUSE OpenStack Cloud 6 is installed AND Package Information openstack-glance-11.0.2~a0~dev2-1 is installed OR python-glance-11.0.2~a0~dev2-1 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND Package Information java-1_7_1-ibm-1.7.1_sr4.45-38.37 is installed OR java-1_7_1-ibm-alsa-1.7.1_sr4.45-38.37 is installed OR java-1_7_1-ibm-devel-1.7.1_sr4.45-38.37 is installed OR java-1_7_1-ibm-jdbc-1.7.1_sr4.45-38.37 is installed OR java-1_7_1-ibm-plugin-1.7.1_sr4.45-38.37 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information libvirt-3.3.0-5.40 is installed OR libvirt-admin-3.3.0-5.40 is installed OR libvirt-client-3.3.0-5.40 is installed OR libvirt-daemon-3.3.0-5.40 is installed OR libvirt-daemon-config-network-3.3.0-5.40 is installed OR libvirt-daemon-config-nwfilter-3.3.0-5.40 is installed OR libvirt-daemon-driver-interface-3.3.0-5.40 is installed OR libvirt-daemon-driver-libxl-3.3.0-5.40 is installed OR libvirt-daemon-driver-lxc-3.3.0-5.40 is installed OR libvirt-daemon-driver-network-3.3.0-5.40 is installed OR libvirt-daemon-driver-nodedev-3.3.0-5.40 is installed OR libvirt-daemon-driver-nwfilter-3.3.0-5.40 is installed OR libvirt-daemon-driver-qemu-3.3.0-5.40 is installed OR libvirt-daemon-driver-secret-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-core-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-disk-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-iscsi-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-logical-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-mpath-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-rbd-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-scsi-3.3.0-5.40 is installed OR libvirt-daemon-hooks-3.3.0-5.40 is installed OR libvirt-daemon-lxc-3.3.0-5.40 is installed OR libvirt-daemon-qemu-3.3.0-5.40 is installed OR libvirt-daemon-xen-3.3.0-5.40 is installed OR libvirt-doc-3.3.0-5.40 is installed OR libvirt-libs-3.3.0-5.40 is installed OR libvirt-lock-sanlock-3.3.0-5.40 is installed OR libvirt-nss-3.3.0-5.40 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND python-paramiko-2.2.4-4.3 is installed
BACK