OVAL Reference oval:org.opensuse.security:def:56592

Oval Definition:

oval:org.opensuse.security:def:56592

Revision Date:	2020-12-01	Version:	1
Title:	Security update for ImageMagick (Moderate)
Description:	This update for ImageMagick fixes the following issues: The following security vulnerabilities were fixed: - CVE-2018-16329: Prevent NULL pointer dereference in the GetMagickProperty function leading to DoS (bsc#1106858) - CVE-2018-16323: ReadXBMImage left data uninitialized when processing an XBM file that has a negative pixel value. If the affected code was used as a library loaded into a process that includes sensitive information, that information sometimes can be leaked via the image data (bsc#1106855) - CVE-2018-14434: Fixed a memory leak for a colormap in WriteMPCImage (bsc#1102003) - CVE-2018-14435: Fixed a memory leak in DecodeImage in coders/pcd.c (bsc#1102007) - CVE-2018-14436: Fixed a memory leak in ReadMIFFImage in coders/miff.c (bsc#1102005) - CVE-2018-14437: Fixed a memory leak in parse8BIM in coders/meta.c (bsc#1102004) - Disable PS, PS2, PS3, XPS and PDF coders in default policy.xml (bsc#1105592)
Family:	unix	Class:	patch
Status:		Reference(s):	1002639 1004728 1007853 1007854 1007855 1007857 1007858 1010893 1011805 1011812 1019021 1027519 1038785 1039348 1039496 1042419 1045340 1045406 1056094 1058565 1058622 1058624 1069708 1071471 1076390 1077993 1078806 1078813 1082810 1102003 1102004 1102005 1102007 1105528 1105592 1106855 1106858 1108940 1114423 1115040 1115045 1115047 1116380 1117632 1117756 1120114 1120115 1120116 1120117 1120118 1120119 1120120 1120121 1120122 1127223 1127308 1128481 1128574 1136570 929900 955131 974407 991444 991445 991872 CVE-2009-0159 CVE-2009-0316 CVE-2009-1252 CVE-2009-5155 CVE-2013-5211 CVE-2014-9293 CVE-2014-9294 CVE-2014-9295 CVE-2014-9296 CVE-2014-9297 CVE-2014-9298 CVE-2015-1798 CVE-2015-1799 CVE-2015-3405 CVE-2015-7691 CVE-2015-7692 CVE-2015-7701 CVE-2015-7702 CVE-2015-7703 CVE-2015-7704 CVE-2015-7705 CVE-2015-7848 CVE-2015-7849 CVE-2015-7850 CVE-2015-7851 CVE-2015-7852 CVE-2015-7853 CVE-2015-7854 CVE-2015-7855 CVE-2015-7871 CVE-2016-0762 CVE-2016-5010 CVE-2016-5018 CVE-2016-5131 CVE-2016-6491 CVE-2016-6520 CVE-2016-6794 CVE-2016-6796 CVE-2016-6797 CVE-2016-6816 CVE-2016-8735 CVE-2016-9587 CVE-2017-1000364 CVE-2017-12150 CVE-2017-12151 CVE-2017-12163 CVE-2017-15412 CVE-2017-15868 CVE-2017-16939 CVE-2017-5130 CVE-2017-7466 CVE-2017-7481 CVE-2018-14434 CVE-2018-14435 CVE-2018-14436 CVE-2018-14437 CVE-2018-15126 CVE-2018-15127 CVE-2018-16323 CVE-2018-16329 CVE-2018-16476 CVE-2018-18849 CVE-2018-19665 CVE-2018-19961 CVE-2018-19962 CVE-2018-19965 CVE-2018-19966 CVE-2018-20019 CVE-2018-20020 CVE-2018-20021 CVE-2018-20022 CVE-2018-20023 CVE-2018-20024 CVE-2018-2579 CVE-2018-2582 CVE-2018-2588 CVE-2018-2599 CVE-2018-2602 CVE-2018-2603 CVE-2018-2618 CVE-2018-2633 CVE-2018-2634 CVE-2018-2637 CVE-2018-2638 CVE-2018-2639 CVE-2018-2641 CVE-2018-2663 CVE-2018-2677 CVE-2018-2678 CVE-2018-6307 CVE-2019-3860 CVE-2019-9169 SUSE-SU-2016:2076-1 SUSE-SU-2016:3079-1 SUSE-SU-2017:1915-1 SUSE-SU-2017:2726-1 SUSE-SU-2017:3029-1 SUSE-SU-2018:0276-1 SUSE-SU-2018:0401-1 SUSE-SU-2018:0665-1 SUSE-SU-2018:2778-1 SUSE-SU-2019:0020-1 SUSE-SU-2019:0060-1 SUSE-SU-2019:0152-1 SUSE-SU-2019:1606-1 SUSE-SU-2019:1958-1
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud Crowbar 8	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND Package Information colord-1.4.2-lp150.1 is installed OR colord-color-profiles-1.4.2-lp150.1 is installed OR colord-gtk-lang-0.1.26-lp150.1 is installed OR colord-lang-1.4.2-lp150.1 is installed OR libcolord-gtk1-0.1.26-lp150.1 is installed OR libcolord2-1.4.2-lp150.1 is installed OR libcolorhug2-1.4.2-lp150.1 is installed
Definition Synopsis
openSUSE Leap 15.1 is installed AND Package Information libxslt-1.1.32-lp151.3.3 is installed OR libxslt-devel-1.1.32-lp151.3.3 is installed OR libxslt-devel-32bit-1.1.32-lp151.3.3 is installed OR libxslt-python-1.1.32-lp151.3.3 is installed OR libxslt-tools-1.1.32-lp151.3.3 is installed OR libxslt1-1.1.32-lp151.3.3 is installed OR libxslt1-32bit-1.1.32-lp151.3.3 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information ImageMagick-6.8.8.1-71.74 is installed OR libMagick++-6_Q16-3-6.8.8.1-71.74 is installed OR libMagickCore-6_Q16-1-6.8.8.1-71.74 is installed OR libMagickCore-6_Q16-1-32bit-6.8.8.1-71.74 is installed OR libMagickWand-6_Q16-1-6.8.8.1-71.74 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information ImageMagick-6.8.8.1-33 is installed OR libMagickCore-6_Q16-1-6.8.8.1-33 is installed OR libMagickWand-6_Q16-1-6.8.8.1-33 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kgraft-patch-3_12_74-60_64_45-default-2-2 is installed OR kgraft-patch-3_12_74-60_64_45-xen-2-2 is installed OR kgraft-patch-SLE12-SP1_Update_16-2-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information gvim-7.4.326-2 is installed OR vim-7.4.326-2 is installed OR vim-data-7.4.326-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information java-1_8_0-ibm-1.8.0_sr5.20-30.36 is installed OR java-1_8_0-ibm-alsa-1.8.0_sr5.20-30.36 is installed OR java-1_8_0-ibm-devel-1.8.0_sr5.20-30.36 is installed OR java-1_8_0-ibm-plugin-1.8.0_sr5.20-30.36 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information java-1_8_0-ibm-1.8.0_sr5.15-30.33 is installed OR java-1_8_0-ibm-alsa-1.8.0_sr5.15-30.33 is installed OR java-1_8_0-ibm-devel-1.8.0_sr5.15-30.33 is installed OR java-1_8_0-ibm-plugin-1.8.0_sr5.15-30.33 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_114-92_64-default-4-2 is installed OR kgraft-patch-SLE12-SP2_Update_18-4-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information augeas-1.2.0-15 is installed OR augeas-lenses-1.2.0-15 is installed OR libaugeas0-1.2.0-15 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information strongswan-5.1.3-26.13 is installed OR strongswan-doc-5.1.3-26.13 is installed OR strongswan-hmac-5.1.3-26.13 is installed OR strongswan-ipsec-5.1.3-26.13 is installed OR strongswan-libs0-5.1.3-26.13 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information ghostscript-9.27-23.31 is installed OR ghostscript-x11-9.27-23.31 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information DirectFB-1.7.1-6 is installed OR lib++dfb-1_7-1-1.7.1-6 is installed OR libdirectfb-1_7-1-1.7.1-6 is installed
Definition Synopsis
SUSE OpenStack Cloud 6 is installed AND ntp-4.2.8p4-1 is installed
Definition Synopsis
SUSE OpenStack Cloud 7 is installed AND Package Information ansible-2.2.3.0-5 is installed OR monasca-installer-20170912_10.45-5 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information crowbar-core-5.0+git.1558533551.8d8ed2058-3.23 is installed OR crowbar-core-branding-SOC-5.0-10.6 is installed OR crowbar-core-branding-upstream-5.0+git.1558533551.8d8ed2058-3.23 is installed OR crowbar-ha-5.0+git.1559282566.6b06ca3-3.17 is installed OR crowbar-openstack-5.0+git.1559335140.62bb4c014-4.25 is installed OR documentation-suse-openstack-cloud-deployment-8.20190521-1.17 is installed OR documentation-suse-openstack-cloud-supplement-8.20190521-1.17 is installed OR documentation-suse-openstack-cloud-upstream-admin-8.20190521-1.17 is installed OR documentation-suse-openstack-cloud-upstream-user-8.20190521-1.17 is installed OR openstack-aodh-5.1.1~dev7-3.11 is installed OR openstack-aodh-api-5.1.1~dev7-3.11 is installed OR openstack-aodh-doc-5.1.1~dev7-3.11 is installed OR openstack-aodh-evaluator-5.1.1~dev7-3.11 is installed OR openstack-aodh-expirer-5.1.1~dev7-3.11 is installed OR openstack-aodh-listener-5.1.1~dev7-3.11 is installed OR openstack-aodh-notifier-5.1.1~dev7-3.11 is installed OR openstack-barbican-5.0.2~dev3-3.14 is installed OR openstack-barbican-api-5.0.2~dev3-3.14 is installed OR openstack-barbican-doc-5.0.2~dev3-3.14 is installed OR openstack-barbican-keystone-listener-5.0.2~dev3-3.14 is installed OR openstack-barbican-retry-5.0.2~dev3-3.14 is installed OR openstack-barbican-worker-5.0.2~dev3-3.14 is installed OR openstack-ceilometer-9.0.8~dev7-3.12 is installed OR openstack-ceilometer-agent-central-9.0.8~dev7-3.12 is installed OR openstack-ceilometer-agent-compute-9.0.8~dev7-3.12 is installed OR openstack-ceilometer-agent-ipmi-9.0.8~dev7-3.12 is installed OR openstack-ceilometer-agent-notification-9.0.8~dev7-3.12 is installed OR openstack-ceilometer-api-9.0.8~dev7-3.12 is installed OR openstack-ceilometer-collector-9.0.8~dev7-3.12 is installed OR openstack-ceilometer-doc-9.0.8~dev7-3.12 is installed OR openstack-ceilometer-polling-9.0.8~dev7-3.12 is installed OR openstack-cinder-11.2.3~dev5-3.15 is installed OR openstack-cinder-api-11.2.3~dev5-3.15 is installed OR openstack-cinder-backup-11.2.3~dev5-3.15 is installed OR openstack-cinder-doc-11.2.3~dev5-3.15 is installed OR openstack-cinder-scheduler-11.2.3~dev5-3.15 is installed OR openstack-cinder-volume-11.2.3~dev5-3.15 is installed OR openstack-dashboard-12.0.4~dev6-3.20 is installed OR openstack-dashboard-theme-SUSE-2017.2+git.1554906711.9dbe79b-7.11 is installed OR openstack-designate-5.0.3~dev7-3.11 is installed OR openstack-designate-agent-5.0.3~dev7-3.11 is installed OR openstack-designate-api-5.0.3~dev7-3.11 is installed OR openstack-designate-central-5.0.3~dev7-3.11 is installed OR openstack-designate-doc-5.0.3~dev7-3.11 is installed OR openstack-designate-producer-5.0.3~dev7-3.11 is installed OR openstack-designate-sink-5.0.3~dev7-3.11 is installed OR openstack-designate-worker-5.0.3~dev7-3.11 is installed OR openstack-heat-9.0.8~dev3-3.18 is installed OR openstack-heat-api-9.0.8~dev3-3.18 is installed OR openstack-heat-api-cfn-9.0.8~dev3-3.18 is installed OR openstack-heat-api-cloudwatch-9.0.8~dev3-3.18 is installed OR openstack-heat-doc-9.0.8~dev3-3.18 is installed OR openstack-heat-engine-9.0.8~dev3-3.18 is installed OR openstack-heat-gbp-7.0.1~dev1-3.3 is installed OR openstack-heat-plugin-heat_docker-9.0.8~dev3-3.18 is installed OR openstack-heat-test-9.0.8~dev3-3.18 is installed OR openstack-horizon-plugin-trove-ui-9.0.1~dev10-3.9 is installed OR openstack-ironic-9.1.8~dev5-3.18 is installed OR openstack-ironic-api-9.1.8~dev5-3.18 is installed OR openstack-ironic-conductor-9.1.8~dev5-3.18 is installed OR openstack-ironic-doc-9.1.8~dev5-3.18 is installed OR openstack-keystone-12.0.4~dev2-5.19 is installed OR openstack-keystone-doc-12.0.4~dev2-5.19 is installed OR openstack-monasca-agent-2.2.5~dev2-3.9 is installed OR openstack-monasca-api-2.2.1~dev26-3.12 is installed OR openstack-monasca-log-api-2.3.1~dev12-3.6 is installed OR openstack-neutron-11.0.9~dev28-3.18 is installed OR openstack-neutron-dhcp-agent-11.0.9~dev28-3.18 is installed OR openstack-neutron-doc-11.0.9~dev28-3.18 is installed OR openstack-neutron-fwaas-11.0.3~dev1-3.14 is installed OR openstack-neutron-fwaas-doc-11.0.3~dev1-3.14 is installed OR openstack-neutron-gbp-7.3.1~dev28-3.3 is installed OR openstack-neutron-ha-tool-11.0.9~dev28-3.18 is installed OR openstack-neutron-l3-agent-11.0.9~dev28-3.18 is installed OR openstack-neutron-lbaas-11.0.4~dev6-3.9 is installed OR openstack-neutron-lbaas-agent-11.0.4~dev6-3.9 is installed OR openstack-neutron-lbaas-doc-11.0.4~dev6-3.9 is installed OR openstack-neutron-linuxbridge-agent-11.0.9~dev28-3.18 is installed OR openstack-neutron-macvtap-agent-11.0.9~dev28-3.18 is installed OR openstack-neutron-metadata-agent-11.0.9~dev28-3.18 is installed OR openstack-neutron-metering-agent-11.0.9~dev28-3.18 is installed OR openstack-neutron-openvswitch-agent-11.0.9~dev28-3.18 is installed OR openstack-neutron-server-11.0.9~dev28-3.18 is installed OR openstack-neutron-vpn-agent-11.0.1~dev5-3.12 is installed OR openstack-neutron-vpnaas-11.0.1~dev5-3.12 is installed OR openstack-neutron-vpnaas-doc-11.0.1~dev5-3.12 is installed OR openstack-neutron-vyatta-agent-11.0.1~dev5-3.12 is installed OR openstack-nova-16.1.9~dev3-3.23 is installed OR openstack-nova-api-16.1.9~dev3-3.23 is installed OR openstack-nova-cells-16.1.9~dev3-3.23 is installed OR openstack-nova-compute-16.1.9~dev3-3.23 is installed OR openstack-nova-conductor-16.1.9~dev3-3.23 is installed OR openstack-nova-console-16.1.9~dev3-3.23 is installed OR openstack-nova-consoleauth-16.1.9~dev3-3.23 is installed OR openstack-nova-doc-16.1.9~dev3-3.23 is installed OR openstack-nova-novncproxy-16.1.9~dev3-3.23 is installed OR openstack-nova-placement-api-16.1.9~dev3-3.23 is installed OR openstack-nova-scheduler-16.1.9~dev3-3.23 is installed OR openstack-nova-serialproxy-16.1.9~dev3-3.23 is installed OR openstack-nova-vncproxy-16.1.9~dev3-3.23 is installed OR openstack-trove-8.0.1~dev13-3.9 is installed OR openstack-trove-api-8.0.1~dev13-3.9 is installed OR openstack-trove-conductor-8.0.1~dev13-3.9 is installed OR openstack-trove-doc-8.0.1~dev13-3.9 is installed OR openstack-trove-guestagent-8.0.1~dev13-3.9 is installed OR openstack-trove-taskmanager-8.0.1~dev13-3.9 is installed OR python-Django-1.11.20-3.7 is installed OR python-aodh-5.1.1~dev7-3.11 is installed OR python-barbican-5.0.2~dev3-3.14 is installed OR python-ceilometer-9.0.8~dev7-3.12 is installed OR python-cinder-11.2.3~dev5-3.15 is installed OR python-cliff-2.8.3-3.6 is installed OR python-designate-5.0.3~dev7-3.11 is installed OR python-freezerclient-1.5.1-3.3 is installed OR python-freezerclient-doc-1.5.1-3.3 is installed OR python-heat-9.0.8~dev3-3.18 is installed OR python-heat-gbp-7.0.1~dev1-3.3 is installed OR python-horizon-12.0.4~dev6-3.20 is installed OR python-horizon-plugin-trove-ui-9.0.1~dev10-3.9 is installed OR python-ironic-9.1.8~dev5-3.18 is installed OR python-ironicclient-1.17.2-3.3 is installed OR python-ironicclient-doc-1.17.2-3.3 is installed OR python-keystone-12.0.4~dev2-5.19 is installed OR python-magnumclient-2.7.1-3.3 is installed OR python-magnumclient-doc-2.7.1-3.3 is installed OR python-manilaclient-1.17.4-3.6 is installed OR python-manilaclient-doc-1.17.4-3.6 is installed OR python-monasca-agent-2.2.5~dev2-3.9 is installed OR python-monasca-api-2.2.1~dev26-3.12 is installed OR python-monasca-log-api-2.3.1~dev12-3.6 is installed OR python-muranoclient-0.14.1-3.3 is installed OR python-muranoclient-doc-0.14.1-3.3 is installed OR python-neutron-11.0.9~dev28-3.18 is installed OR python-neutron-fwaas-11.0.3~dev1-3.14 is installed OR python-neutron-gbp-7.3.1~dev28-3.3 is installed OR python-neutron-lbaas-11.0.4~dev6-3.9 is installed OR python-neutron-vpnaas-11.0.1~dev5-3.12 is installed OR python-nova-16.1.9~dev3-3.23 is installed OR python-novaclient-9.1.3-3.6 is installed OR python-novaclient-doc-9.1.3-3.6 is installed OR python-openstackclient-3.12.2-3.3 is installed OR python-os-brick-1.15.9-3.6 is installed OR python-os-client-config-1.28.1-3.3 is installed OR python-os-vif-1.7.2-3.3 is installed OR python-os-win-2.2.1-3.3 is installed OR python-oslo.cache-1.25.2-3.3 is installed OR python-oslo.concurrency-3.21.2-3.3 is installed OR python-oslo.config-4.11.2-3.3 is installed OR python-oslo.config-doc-4.11.2-3.3 is installed OR python-oslo.i18n-3.17.2-3.3 is installed OR python-oslo.log-3.30.3-3.3 is installed OR python-oslo.messaging-5.30.8-3.8 is installed OR python-oslo.middleware-3.30.2-3.3 is installed OR python-oslo.policy-1.25.4-3.6 is installed OR python-oslo.privsep-1.22.2-3.3 is installed OR python-oslo.reports-1.22.2-3.3 is installed OR python-oslo.utils-3.28.4-3.6 is installed OR python-oslo.versionedobjects-1.26.3-3.6 is installed OR python-oslo.vmware-2.23.2-3.3 is installed OR python-oslotest-2.17.2-3.3 is installed OR python-python-subunit-1.2.0-4.3 is installed OR python-saharaclient-1.3.1-3.3 is installed OR python-saharaclient-doc-1.3.1-3.3 is installed OR python-swiftclient-3.4.1-3.3 is installed OR python-swiftclient-doc-3.4.1-3.3 is installed OR python-trove-8.0.1~dev13-3.9 is installed OR python-zaqarclient-1.7.1-3.3 is installed OR supportutils-plugin-suse-openstack-cloud-8.0.1551262227.7a7deb6-3.3 is installed

BACK