Oval Definition:	oval:org.opensuse.security:def:56419
Revision Date: 2020-12-01 Version: 1 Title: Security update for ImageMagick (Moderate) Description: This update for ImageMagick fixes several issues. These security issues were fixed: - CVE-2018-5246: Fixed memory leak vulnerability in ReadPATTERNImage in coders/pattern.c (bsc#1074973) - CVE-2017-18022: Fixed memory leak vulnerability in MontageImageCommand in MagickWand/montage.c (bsc#1074975) - CVE-2018-5247: Fixed memory leak vulnerability in ReadRLAImage in coders/rla.c (bsc#1074969) - CVE-2017-12672: Fixed a memory leak vulnerability in the function ReadMATImage in coders/mat.c, which allowed attackers to cause a denial of service (bsc#1052720) - CVE-2017-13060: Fixed a memory leak vulnerability in the function ReadMATImage in coders/mat.c, which allowed attackers to cause a denial of service via a crafted file (bsc#1055065) - CVE-2017-11724: Fixed a memory leak vulnerability in the function ReadMATImage in coders/mat.c involving the quantum_info and clone_info data structures (bsc#1051446) - CVE-2017-12670: Added validation in coders/mat.c to prevent an assertion failure in the function DestroyImage in MagickCore/image.c, which allowed attackers to cause a denial of service (bsc#1052731) - CVE-2017-12667: Fixed a memory leak vulnerability in the function ReadMATImage in coders/mat.c (bsc#1052732) - CVE-2017-13146: Fixed a memory leak vulnerability in the function ReadMATImage in coders/mat.c (bsc#1055323) - CVE-2017-10800: Processing MATLAB images in coders/mat.c could have lead to a denial of service (OOM) in ReadMATImage() if the size specified for a MAT Object was larger than the actual amount of data (bsc#1047044) - CVE-2017-13648: Fixed a memory leak vulnerability in the function ReadMATImage in coders/mat.c (bsc#1055434) - CVE-2017-11141: Fixed a memory leak vulnerability in the function ReadMATImage in coders\mat.c that could have caused memory exhaustion via a crafted MAT file, related to incorrect ordering of a SetImageExtent call (bsc#1047898) - CVE-2017-11529: The ReadMATImage function in coders/mat.c allowed remote attackers to cause a denial of service (memory leak) via a crafted file (bsc#1050120) - CVE-2017-12564: Fixed a memory leak vulnerability in the function ReadMATImage in coders/mat.c, which allowed attackers to cause a denial of service (bsc#1052468) - CVE-2017-12434: Added a missing NULL check in the function ReadMATImage in coders/mat.c, which allowed attackers to cause a denial of service (assertion failure) in DestroyImageInfo in image.c (bsc#1052550) - CVE-2017-12675: Added a missing check for multidimensional data coders/mat.c, that could have lead to a memory leak in the function ReadImage in MagickCore/constitute.c, which allowed attackers to cause a denial of service (bsc#1052710) - CVE-2017-14326: Fixed a memory leak vulnerability in the function ReadMATImage in coders/mat.c, which allowed attackers to cause a denial of service via a crafted file (bsc#1058640) - CVE-2017-11644: Processesing a crafted file in convert could have lead to a memory leak in the ReadMATImage() function in coders/mat.c (bsc#1050606) - CVE-2017-13658: Added a missing NULL check in the ReadMATImage function in coders/mat.c, which could have lead to a denial of service (assertion failure and application exit) in the DestroyImageInfo function in MagickCore/image.c (bsc#1055855) - CVE-2017-14533: Fixed a memory leak vulnerability in the function ReadMATImage in coders/mat.c (bsc#1059751) - CVE-2017-17881: Fixed a memory leak vulnerability in the function ReadMATImage in coders/mat.c, which allowed attackers to cause a denial of service via a crafted MAT image file (bsc#1074123) Family: unix Class: patch Status: Reference(s): 1027519 1047044 1047898 1050120 1050606 1051446 1052468 1052550 1052710 1052720 1052731 1052732 1053153 1055047 1055065 1055323 1055434 1055855 1058640 1059751 1061075 1063123 1068032 1068187 1068191 1069708 1071471 1074123 1074969 1074973 1074975 1076017 1083488 1085114 1085447 1120114 1120115 1120116 1120117 1120118 1120119 1120120 1120121 1120122 991389 991390 991391 991746 997420 CVE-2011-1145 CVE-2011-2483 CVE-2011-3177 CVE-2013-0157 CVE-2013-2132 CVE-2013-6435 CVE-2014-8118 CVE-2014-9114 CVE-2014-9654 CVE-2015-1545 CVE-2015-1546 CVE-2015-5218 CVE-2016-1601 CVE-2016-5419 CVE-2016-5420 CVE-2016-5421 CVE-2016-7141 CVE-2017-10661 CVE-2017-10800 CVE-2017-11141 CVE-2017-11529 CVE-2017-11644 CVE-2017-11724 CVE-2017-12434 CVE-2017-12564 CVE-2017-12667 CVE-2017-12670 CVE-2017-12672 CVE-2017-12675 CVE-2017-13060 CVE-2017-13146 CVE-2017-13166 CVE-2017-13648 CVE-2017-13658 CVE-2017-14326 CVE-2017-14533 CVE-2017-15289 CVE-2017-15597 CVE-2017-15868 CVE-2017-16939 CVE-2017-17881 CVE-2017-18022 CVE-2017-5715 CVE-2018-1000004 CVE-2018-1068 CVE-2018-15126 CVE-2018-15127 CVE-2018-20019 CVE-2018-20020 CVE-2018-20021 CVE-2018-20022 CVE-2018-20023 CVE-2018-20024 CVE-2018-5246 CVE-2018-5247 CVE-2018-6307 CVE-2018-7566 SUSE-SU-2016:2330-1 SUSE-SU-2017:3115-1 SUSE-SU-2017:3323-1 SUSE-SU-2018:0041-1 SUSE-SU-2018:0130-1 SUSE-SU-2018:0267-1 SUSE-SU-2018:0992-1 SUSE-SU-2019:0060-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information libFLAC++6-1.3.2-lp150.1 is installed OR libFLAC8-1.3.2-lp150.1 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information nodejs10-10.16.3-lp151.2.6 is installed OR nodejs10-devel-10.16.3-lp151.2.6 is installed OR nodejs10-docs-10.16.3-lp151.2.6 is installed OR npm10-10.16.3-lp151.2.6 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information ImageMagick-6.8.8.1-71.26 is installed OR libMagick++-6_Q16-3-6.8.8.1-71.26 is installed OR libMagickCore-6_Q16-1-6.8.8.1-71.26 is installed OR libMagickCore-6_Q16-1-32bit-6.8.8.1-71.26 is installed OR libMagickWand-6_Q16-1-6.8.8.1-71.26 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information xen-4.9.1_02-3.21 is installed OR xen-libs-4.9.1_02-3.21 is installed OR xen-libs-32bit-4.9.1_02-3.21 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information libblkid1-2.25-30 is installed OR libblkid1-32bit-2.25-30 is installed OR libmount1-2.25-30 is installed OR libmount1-32bit-2.25-30 is installed OR libsmartcols1-2.25-30 is installed OR libuuid1-2.25-30 is installed OR libuuid1-32bit-2.25-30 is installed OR python-libmount-2.25-30 is installed OR util-linux-2.25-30 is installed OR util-linux-lang-2.25-30 is installed OR util-linux-systemd-2.25-30 is installed OR uuidd-2.25-30 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kgraft-patch-3_12_67-60_64_24-default-11-2 is installed OR kgraft-patch-3_12_67-60_64_24-xen-11-2 is installed OR kgraft-patch-SLE12-SP1_Update_11-11-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information libicu-doc-52.1-7 is installed OR libicu52_1-52.1-7 is installed OR libicu52_1-32bit-52.1-7 is installed OR libicu52_1-data-52.1-7 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND binutils-2.31-9.26 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information kgraft-patch-4_4_121-92_109-default-4-2 is installed OR kgraft-patch-SLE12-SP2_Update_29-4-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_59-92_20-default-12-2 is installed OR kgraft-patch-SLE12-SP2_Update_8-12-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information cups-pk-helper-0.2.5-5 is installed OR cups-pk-helper-lang-0.2.5-5 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information glibc-2.22-62.22 is installed OR glibc-32bit-2.22-62.22 is installed OR glibc-devel-2.22-62.22 is installed OR glibc-devel-32bit-2.22-62.22 is installed OR glibc-html-2.22-62.22 is installed OR glibc-i18ndata-2.22-62.22 is installed OR glibc-info-2.22-62.22 is installed OR glibc-locale-2.22-62.22 is installed OR glibc-locale-32bit-2.22-62.22 is installed OR glibc-profile-2.22-62.22 is installed OR glibc-profile-32bit-2.22-62.22 is installed OR nscd-2.22-62.22 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information LibVNCServer-0.9.9-17.11 is installed OR libvncclient0-0.9.9-17.11 is installed OR libvncserver0-0.9.9-17.11 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information fetchmail-6.3.26-12 is installed OR fetchmailconf-6.3.26-12 is installed Definition Synopsis SUSE OpenStack Cloud 6 is installed AND python-pymongo-3.0.3-1 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND Package Information openstack-magnum-3.1.2~a0~dev20-9 is installed OR openstack-magnum-api-3.1.2~a0~dev20-9 is installed OR openstack-magnum-conductor-3.1.2~a0~dev20-9 is installed OR openstack-magnum-doc-3.1.2~a0~dev20-9 is installed OR python-magnum-3.1.2~a0~dev20-9 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information dovecot22-2.2.31-19.17 is installed OR dovecot22-backend-mysql-2.2.31-19.17 is installed OR dovecot22-backend-pgsql-2.2.31-19.17 is installed OR dovecot22-backend-sqlite-2.2.31-19.17 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND squid-3.5.21-26.23 is installed
BACK