OVAL Reference oval:org.opensuse.security:def:56639

Oval Definition:

oval:org.opensuse.security:def:56639

Revision Date:	2020-12-01	Version:	1
Title:	Security update for ImageMagick (Moderate)
Description:	This update for ImageMagick fixes several issues. These security issues were fixed: - CVE-2017-18027: Prevent memory leak vulnerability in the function ReadMATImage which allowed remote attackers to cause a denial of service via a crafted file (bsc#1076051) - CVE-2017-18029: Prevent memory leak in the function ReadMATImage which allowed remote attackers to cause a denial of service via a crafted file (bsc#1076021) - CVE-2017-17681: Prevent infinite loop in the function ReadPSDChannelZip in coders/psd.c, which allowed attackers to cause a denial of service (CPU exhaustion) via a crafted psd image file (bsc#1072901). - CVE-2017-18008: Prevent memory Leak in ReadPWPImage which allowed attackers to cause a denial of service via a PWP file (bsc#1074309). - CVE-2018-5685: Prevent infinite loop and application hang in the ReadBMPImage function. Remote attackers could leverage this vulnerability to cause a denial of service via an image file with a crafted bit-field mask value (bsc#1075939) - CVE-2017-11639: Prevent heap-based buffer over-read in the WriteCIPImage() function, related to the GetPixelLuma function in MagickCore/pixel-accessor.h (bsc#1050635) - CVE-2017-11525: Prevent memory consumption in the ReadCINImage function that allowed remote attackers to cause a denial of service (bsc#1050098) - CVE-2017-9262: The ReadJNGImage function in coders/png.c allowed attackers to cause a denial of service (memory leak) via a crafted file (bsc#1043353). - CVE-2017-9261: The ReadMNGImage function in coders/png.c allowed attackers to cause a denial of service (memory leak) via a crafted file (bsc#1043354). - CVE-2017-10995: The mng_get_long function in coders/png.c allowed remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted MNG image (bsc#1047908). - CVE-2017-11539: Prevent memory leak in the ReadOnePNGImage() function in coders/png.c (bsc#1050037). - CVE-2017-11505: The ReadOneJNGImage function in coders/png.c allowed remote attackers to cause a denial of service (large loop and CPU consumption) via a crafted file (bsc#1050072). - CVE-2017-11526: The ReadOneMNGImage function in coders/png.c allowed remote attackers to cause a denial of service (large loop and CPU consumption) via a crafted file (bsc#1050100). - CVE-2017-11750: The ReadOneJNGImage function in coders/png.c allowed remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file (bsc#1051442). - CVE-2017-12565: Prevent memory leak in the function ReadOneJNGImage in coders/png.c, which allowed attackers to cause a denial of service (bsc#1052470). - CVE-2017-12676: Prevent memory leak in the function ReadOneJNGImage in coders/png.c, which allowed attackers to cause a denial of service (bsc#1052708). - CVE-2017-12673: Prevent memory leak in the function ReadOneMNGImage in coders/png.c, which allowed attackers to cause a denial of service (bsc#1052717). - CVE-2017-12671: Added NULL assignment in coders/png.c to prevent an invalid free in the function RelinquishMagickMemory in MagickCore/memory.c, which allowed attackers to cause a denial of service (bsc#1052721). - CVE-2017-12643: Prevent a memory exhaustion vulnerability in ReadOneJNGImage in coders\png.c (bsc#1052768). - CVE-2017-12641: Prevent a memory leak vulnerability in ReadOneJNGImage in coders\png.c (bsc#1052777). - CVE-2017-12640: Prevent an out-of-bounds read vulnerability in ReadOneMNGImage in coders/png.c (bsc#1052781). - CVE-2017-12935: The ReadMNGImage function in coders/png.c mishandled large MNG images, leading to an invalid memory read in the SetImageColorCallBack function in magick/image.c (bsc#1054600). - CVE-2017-13059: Prevent memory leak in the function WriteOneJNGImage in coders/png.c, which allowed attackers to cause a denial of service (WriteJNGImage memory consumption) via a crafted file (bsc#1055068). - CVE-2017-13147: Prevent allocation failure in the function ReadMNGImage in coders/png.c when a small MNG file has a MEND chunk with a large length value (bsc#1055374). - CVE-2017-13142: Added additional checks for short files to prevent a crafted PNG file from triggering a crash (bsc#1055455). - CVE-2017-13141: Prevent memory leak in ReadOnePNGImage in coders/png.c (bsc#1055456). - CVE-2017-14103: The ReadJNGImage and ReadOneJNGImage functions in coders/png.c did not properly manage image pointers after certain error conditions, which allowed remote attackers to conduct use-after-free attacks via a crafted file, related to a ReadMNGImage out-of-order CloseBlob call (bsc#1057000). - CVE-2017-14649: ReadOneJNGImage in coders/png.c did not properly validate JNG data, leading to a denial of service (assertion failure in magick/pixel_cache.c, and application crash) (bsc#1060162). - CVE-2017-15218: Prevent memory leak in ReadOneJNGImage in coders/png.c (bsc#1062752). - CVE-2017-17504: Prevent heap-based buffer over-read via a crafted file in Magick_png_read_raw_profile, related to ReadOneMNGImage (bsc#1072362). - CVE-2017-17884: Prevent memory leak in the function WriteOnePNGImage in coders/png.c, which allowed attackers to cause a denial of service via a crafted PNG image file (bsc#1074120). - CVE-2017-17879: Prevent heap-based buffer over-read in ReadOneMNGImage in coders/png.c, related to length calculation and caused by an off-by-one error (bsc#1074125). - CVE-2017-17914: Prevent crafted files to cause a large loop in ReadOneMNGImage (bsc#1074185).
Family:	unix	Class:	patch
Status:		Reference(s):	1016715 1019074 1034560 1042146 1043353 1043354 1047908 1050037 1050072 1050098 1050100 1050635 1051442 1052286 1052470 1052708 1052717 1052721 1052768 1052777 1052781 1054600 1055068 1055374 1055455 1055456 1057000 1057389 1060162 1062752 1072362 1072901 1074120 1074125 1074185 1074309 1075939 1076021 1076051 1077291 1077355 1085276 1104826 1106515 1108033 1115960 1118159 1118900 1120657 1127558 1128954 1128987 1131053 1131961 1132860 1133719 1133722 1136784 1143475 1145796 1145867 1148383 1150733 1150895 1151021 1152916 1160467 1160468 864391 864655 864769 864805 864811 877642 897654 901508 902737 918089 918090 924018 927451 928393 932339 943214 945404 945989 951844 952347 954872 955753 956829 957162 957698 957988 958007 958009 958491 958523 958917 959005 959332 959387 959695 960334 960707 960725 960835 960861 960862 961332 961358 961691 962320 963782 963923 964206 964413 965315 965317 967012 967013 967969 967970 969121 969122 969350 970708 973213 974270 975500 976864 980328 984799 987862 989972 990200 CVE-2011-1006 CVE-2011-1022 CVE-2013-4533 CVE-2013-4534 CVE-2013-4537 CVE-2013-4538 CVE-2013-4539 CVE-2014-0222 CVE-2014-3640 CVE-2014-3689 CVE-2014-7815 CVE-2014-9718 CVE-2015-1142857 CVE-2015-1606 CVE-2015-1607 CVE-2015-1779 CVE-2015-5278 CVE-2015-6855 CVE-2015-7512 CVE-2015-7549 CVE-2015-8345 CVE-2015-8504 CVE-2015-8550 CVE-2015-8554 CVE-2015-8555 CVE-2015-8558 CVE-2015-8567 CVE-2015-8568 CVE-2015-8613 CVE-2015-8619 CVE-2015-8743 CVE-2015-8744 CVE-2015-8745 CVE-2015-8817 CVE-2015-8818 CVE-2016-10127 CVE-2016-1568 CVE-2016-1570 CVE-2016-1571 CVE-2016-1714 CVE-2016-1922 CVE-2016-1981 CVE-2016-2198 CVE-2016-2270 CVE-2016-2271 CVE-2016-2391 CVE-2016-2392 CVE-2016-2533 CVE-2016-2538 CVE-2016-2841 CVE-2016-4009 CVE-2016-4975 CVE-2016-5759 CVE-2016-8743 CVE-2017-1000251 CVE-2017-1000368 CVE-2017-10995 CVE-2017-11505 CVE-2017-11525 CVE-2017-11526 CVE-2017-11539 CVE-2017-11639 CVE-2017-11750 CVE-2017-12565 CVE-2017-12640 CVE-2017-12641 CVE-2017-12643 CVE-2017-12671 CVE-2017-12673 CVE-2017-12676 CVE-2017-12935 CVE-2017-13059 CVE-2017-13141 CVE-2017-13142 CVE-2017-13147 CVE-2017-14103 CVE-2017-14649 CVE-2017-15218 CVE-2017-17504 CVE-2017-17681 CVE-2017-17879 CVE-2017-17884 CVE-2017-17914 CVE-2017-18008 CVE-2017-18027 CVE-2017-18029 CVE-2017-9261 CVE-2017-9262 CVE-2018-15727 CVE-2018-19039 CVE-2018-5089 CVE-2018-5091 CVE-2018-5095 CVE-2018-5096 CVE-2018-5097 CVE-2018-5098 CVE-2018-5099 CVE-2018-5102 CVE-2018-5103 CVE-2018-5104 CVE-2018-5117 CVE-2018-5246 CVE-2018-558213 CVE-2018-5685 CVE-2018-7750 CVE-2019-14835 CVE-2019-14896 CVE-2019-14897 CVE-2019-15043 CVE-2019-3689 CVE-2019-5477 SUSE-SU-2015:2171-2 SUSE-SU-2016:0873-1 SUSE-SU-2016:2553-1 SUSE-SU-2017:1627-1 SUSE-SU-2017:2459-1 SUSE-SU-2018:0349-1 SUSE-SU-2018:0374-1 SUSE-SU-2018:0674-1 SUSE-SU-2018:0873-1 SUSE-SU-2018:2815-1 SUSE-SU-2019:2334-1 SUSE-SU-2019:2613-1 SUSE-SU-2019:2671-1 SUSE-SU-2019:2781-1
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud Crowbar 8	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND Package Information grub2-2.02-lp150.12 is installed OR grub2-i386-pc-2.02-lp150.12 is installed OR grub2-snapper-plugin-2.02-lp150.12 is installed OR grub2-systemd-sleep-plugin-2.02-lp150.12 is installed OR grub2-x86_64-efi-2.02-lp150.12 is installed
Definition Synopsis
openSUSE Leap 15.1 is installed AND Package Information kernel-debug-4.12.14-lp151.28.4 is installed OR kernel-debug-base-4.12.14-lp151.28.4 is installed OR kernel-debug-devel-4.12.14-lp151.28.4 is installed OR kernel-default-4.12.14-lp151.28.4 is installed OR kernel-default-base-4.12.14-lp151.28.4 is installed OR kernel-default-devel-4.12.14-lp151.28.4 is installed OR kernel-devel-4.12.14-lp151.28.4 is installed OR kernel-docs-4.12.14-lp151.28.4 is installed OR kernel-docs-html-4.12.14-lp151.28.4 is installed OR kernel-kvmsmall-4.12.14-lp151.28.4 is installed OR kernel-kvmsmall-base-4.12.14-lp151.28.4 is installed OR kernel-kvmsmall-devel-4.12.14-lp151.28.4 is installed OR kernel-macros-4.12.14-lp151.28.4 is installed OR kernel-obs-build-4.12.14-lp151.28.4 is installed OR kernel-obs-qa-4.12.14-lp151.28.4 is installed OR kernel-source-4.12.14-lp151.28.4 is installed OR kernel-source-vanilla-4.12.14-lp151.28.4 is installed OR kernel-syms-4.12.14-lp151.28.4 is installed OR kernel-vanilla-4.12.14-lp151.28.4 is installed OR kernel-vanilla-base-4.12.14-lp151.28.4 is installed OR kernel-vanilla-devel-4.12.14-lp151.28.4 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information ImageMagick-6.8.8.1-71.33 is installed OR libMagick++-6_Q16-3-6.8.8.1-71.33 is installed OR libMagickCore-6_Q16-1-6.8.8.1-71.33 is installed OR libMagickCore-6_Q16-1-32bit-6.8.8.1-71.33 is installed OR libMagickWand-6_Q16-1-6.8.8.1-71.33 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information gpg2-2.0.24-3 is installed OR gpg2-lang-2.0.24-3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kernel-default-3.12.74-60.64.60 is installed OR kernel-default-base-3.12.74-60.64.60 is installed OR kernel-default-devel-3.12.74-60.64.60 is installed OR kernel-default-man-3.12.74-60.64.60 is installed OR kernel-devel-3.12.74-60.64.60 is installed OR kernel-macros-3.12.74-60.64.60 is installed OR kernel-source-3.12.74-60.64.60 is installed OR kernel-syms-3.12.74-60.64.60 is installed OR kernel-xen-3.12.74-60.64.60 is installed OR kernel-xen-base-3.12.74-60.64.60 is installed OR kernel-xen-devel-3.12.74-60.64.60 is installed OR kgraft-patch-3_12_74-60_64_60-default-1-2 is installed OR kgraft-patch-3_12_74-60_64_60-xen-1-2 is installed OR kgraft-patch-SLE12-SP1_Update_21-1-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information libcgroup-tools-0.41.rc1-4 is installed OR libcgroup1-0.41.rc1-4 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND atftp-0.7.0-160.8 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information glibc-2.22-62.13 is installed OR glibc-32bit-2.22-62.13 is installed OR glibc-devel-2.22-62.13 is installed OR glibc-devel-32bit-2.22-62.13 is installed OR glibc-html-2.22-62.13 is installed OR glibc-i18ndata-2.22-62.13 is installed OR glibc-info-2.22-62.13 is installed OR glibc-locale-2.22-62.13 is installed OR glibc-locale-32bit-2.22-62.13 is installed OR glibc-profile-2.22-62.13 is installed OR glibc-profile-32bit-2.22-62.13 is installed OR nscd-2.22-62.13 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information java-1_8_0-openjdk-1.8.0.171-27.19 is installed OR java-1_8_0-openjdk-demo-1.8.0.171-27.19 is installed OR java-1_8_0-openjdk-devel-1.8.0.171-27.19 is installed OR java-1_8_0-openjdk-headless-1.8.0.171-27.19 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND ft2demos-2.6.3-7.10 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND mutt-1.10.1-55.11 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information libpython3_4m1_0-3.4.10-25.39 is installed OR python3-3.4.10-25.39 is installed OR python3-base-3.4.10-25.39 is installed OR python3-curses-3.4.10-25.39 is installed OR python3-devel-3.4.10-25.39 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND davfs2-1.5.2-2 is installed
Definition Synopsis
SUSE OpenStack Cloud 6 is installed AND sudo-1.8.10p3-2.16 is installed
Definition Synopsis
SUSE OpenStack Cloud 7 is installed AND Package Information apache2-2.4.23-29.24 is installed OR apache2-doc-2.4.23-29.24 is installed OR apache2-example-pages-2.4.23-29.24 is installed OR apache2-prefork-2.4.23-29.24 is installed OR apache2-utils-2.4.23-29.24 is installed OR apache2-worker-2.4.23-29.24 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND gdb-8.3.1-2.14 is installed

BACK