OVAL Reference oval:org.opensuse.security:def:56773

Oval Definition:

oval:org.opensuse.security:def:56773

Revision Date:	2020-12-01	Version:	1
Title:	Security update for ImageMagick (Moderate)
Description:	This update for ImageMagick fixes several issues. These security issues were fixed: - CVE-2018-5246: Fixed memory leak vulnerability in ReadPATTERNImage in coders/pattern.c (bsc#1074973) - CVE-2017-18022: Fixed memory leak vulnerability in MontageImageCommand in MagickWand/montage.c (bsc#1074975) - CVE-2018-5247: Fixed memory leak vulnerability in ReadRLAImage in coders/rla.c (bsc#1074969) - CVE-2017-12672: Fixed a memory leak vulnerability in the function ReadMATImage in coders/mat.c, which allowed attackers to cause a denial of service (bsc#1052720) - CVE-2017-13060: Fixed a memory leak vulnerability in the function ReadMATImage in coders/mat.c, which allowed attackers to cause a denial of service via a crafted file (bsc#1055065) - CVE-2017-11724: Fixed a memory leak vulnerability in the function ReadMATImage in coders/mat.c involving the quantum_info and clone_info data structures (bsc#1051446) - CVE-2017-12670: Added validation in coders/mat.c to prevent an assertion failure in the function DestroyImage in MagickCore/image.c, which allowed attackers to cause a denial of service (bsc#1052731) - CVE-2017-12667: Fixed a memory leak vulnerability in the function ReadMATImage in coders/mat.c (bsc#1052732) - CVE-2017-13146: Fixed a memory leak vulnerability in the function ReadMATImage in coders/mat.c (bsc#1055323) - CVE-2017-10800: Processing MATLAB images in coders/mat.c could have lead to a denial of service (OOM) in ReadMATImage() if the size specified for a MAT Object was larger than the actual amount of data (bsc#1047044) - CVE-2017-13648: Fixed a memory leak vulnerability in the function ReadMATImage in coders/mat.c (bsc#1055434) - CVE-2017-11141: Fixed a memory leak vulnerability in the function ReadMATImage in coders\mat.c that could have caused memory exhaustion via a crafted MAT file, related to incorrect ordering of a SetImageExtent call (bsc#1047898) - CVE-2017-11529: The ReadMATImage function in coders/mat.c allowed remote attackers to cause a denial of service (memory leak) via a crafted file (bsc#1050120) - CVE-2017-12564: Fixed a memory leak vulnerability in the function ReadMATImage in coders/mat.c, which allowed attackers to cause a denial of service (bsc#1052468) - CVE-2017-12434: Added a missing NULL check in the function ReadMATImage in coders/mat.c, which allowed attackers to cause a denial of service (assertion failure) in DestroyImageInfo in image.c (bsc#1052550) - CVE-2017-12675: Added a missing check for multidimensional data coders/mat.c, that could have lead to a memory leak in the function ReadImage in MagickCore/constitute.c, which allowed attackers to cause a denial of service (bsc#1052710) - CVE-2017-14326: Fixed a memory leak vulnerability in the function ReadMATImage in coders/mat.c, which allowed attackers to cause a denial of service via a crafted file (bsc#1058640) - CVE-2017-11644: Processesing a crafted file in convert could have lead to a memory leak in the ReadMATImage() function in coders/mat.c (bsc#1050606) - CVE-2017-13658: Added a missing NULL check in the ReadMATImage function in coders/mat.c, which could have lead to a denial of service (assertion failure and application exit) in the DestroyImageInfo function in MagickCore/image.c (bsc#1055855) - CVE-2017-14533: Fixed a memory leak vulnerability in the function ReadMATImage in coders/mat.c (bsc#1059751) - CVE-2017-17881: Fixed a memory leak vulnerability in the function ReadMATImage in coders/mat.c, which allowed attackers to cause a denial of service via a crafted MAT image file (bsc#1074123)
Family:	unix	Class:	patch
Status:		Reference(s):	1001203 1004455 1009085 1014437 1014441 1014442 1020905 1022053 1032248 1047044 1047898 1050120 1050606 1051446 1052468 1052550 1052710 1052720 1052731 1052732 1053043 1055065 1055323 1055434 1055855 1058640 1059751 1066223 1074123 1074969 1074973 1074975 1086598 1094555 1108382 1109137 1111188 1119086 1120902 1121263 1125580 1126961 1127155 1129770 1131335 1131336 1131645 1132390 1133140 1133190 1133191 1133738 1134395 1135642 1136598 1136889 1136922 1136935 1137004 1137194 1137597 1137739 1137749 1137752 1137915 1138291 1138293 1138374 1138681 1139751 1140575 1140577 1140747 1144524 1160305 1160498 1166847 1170715 1172698 1172704 1174633 1174635 1174638 854512 867943 932386 975299 982178 983232 983234 983253 983259 983292 983305 983308 983521 983523 983527 983533 983739 983746 983752 983774 983794 983796 983799 983803 984014 984018 984023 984028 984032 984035 984135 984137 984142 984144 984145 984149 984150 984160 984166 984172 984179 984181 984183 984184 984185 984186 984187 984191 984193 984370 984372 984373 984374 984375 984379 984394 984398 984400 984401 984404 984406 984408 984409 984427 984433 984436 985442 985448 985451 985456 985460 986608 986609 986675 991564 994500 997833 CVE-2013-2186 CVE-2014-0050 CVE-2014-9805 CVE-2014-9806 CVE-2014-9807 CVE-2014-9808 CVE-2014-9809 CVE-2014-9810 CVE-2014-9811 CVE-2014-9812 CVE-2014-9813 CVE-2014-9814 CVE-2014-9815 CVE-2014-9816 CVE-2014-9817 CVE-2014-9818 CVE-2014-9819 CVE-2014-9820 CVE-2014-9821 CVE-2014-9822 CVE-2014-9823 CVE-2014-9824 CVE-2014-9825 CVE-2014-9826 CVE-2014-9828 CVE-2014-9829 CVE-2014-9830 CVE-2014-9831 CVE-2014-9832 CVE-2014-9833 CVE-2014-9834 CVE-2014-9835 CVE-2014-9836 CVE-2014-9837 CVE-2014-9838 CVE-2014-9839 CVE-2014-9840 CVE-2014-9841 CVE-2014-9842 CVE-2014-9843 CVE-2014-9844 CVE-2014-9845 CVE-2014-9846 CVE-2014-9847 CVE-2014-9848 CVE-2014-9849 CVE-2014-9850 CVE-2014-9851 CVE-2014-9852 CVE-2014-9853 CVE-2014-9854 CVE-2015-7236 CVE-2015-8894 CVE-2015-8895 CVE-2015-8896 CVE-2015-8897 CVE-2015-8898 CVE-2015-8900 CVE-2015-8901 CVE-2015-8902 CVE-2015-8903 CVE-2016-2123 CVE-2016-2125 CVE-2016-2126 CVE-2016-2183 CVE-2016-4562 CVE-2016-4563 CVE-2016-4564 CVE-2016-5118 CVE-2016-5546 CVE-2016-5547 CVE-2016-5548 CVE-2016-5549 CVE-2016-5552 CVE-2016-5687 CVE-2016-5688 CVE-2016-5689 CVE-2016-5690 CVE-2016-5691 CVE-2016-5841 CVE-2016-5842 CVE-2017-10800 CVE-2017-11141 CVE-2017-11529 CVE-2017-11644 CVE-2017-11724 CVE-2017-12434 CVE-2017-12564 CVE-2017-12667 CVE-2017-12670 CVE-2017-12672 CVE-2017-12675 CVE-2017-13060 CVE-2017-13146 CVE-2017-13648 CVE-2017-13658 CVE-2017-14326 CVE-2017-14533 CVE-2017-17881 CVE-2017-18022 CVE-2017-2669 CVE-2017-3231 CVE-2017-3241 CVE-2017-3252 CVE-2017-3253 CVE-2017-3260 CVE-2017-3261 CVE-2017-3272 CVE-2017-3289 CVE-2018-20836 CVE-2018-3741 CVE-2018-5246 CVE-2018-5247 CVE-2019-10126 CVE-2019-10638 CVE-2019-10639 CVE-2019-11477 CVE-2019-11478 CVE-2019-11487 CVE-2019-11599 CVE-2019-12380 CVE-2019-12456 CVE-2019-12614 CVE-2019-12818 CVE-2019-12819 CVE-2019-13456 CVE-2019-17015 CVE-2019-17016 CVE-2019-17017 CVE-2019-17021 CVE-2019-17022 CVE-2019-17024 CVE-2019-17026 CVE-2019-17185 CVE-2020-14345 CVE-2020-14346 CVE-2020-14347 CVE-2020-8023 SUSE-SU-2016:1570-1 SUSE-SU-2016:1784-1 SUSE-SU-2016:2871-1 SUSE-SU-2016:3272-1 SUSE-SU-2017:0346-1 SUSE-SU-2017:1250-1 SUSE-SU-2018:0130-1 SUSE-SU-2019:1924-1 SUSE-SU-2019:2182-1 SUSE-SU-2020:0068-1 SUSE-SU-2020:1859-1 SUSE-SU-2020:2331-1 SUSE-SU-2020:2391-1
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND argyllcms-1.9.2-lp150.2 is installed
Definition Synopsis
openSUSE Leap 15.1 is installed AND Package Information libu2f-host-1.1.6-lp151.2.3 is installed OR libu2f-host-devel-1.1.6-lp151.2.3 is installed OR libu2f-host-doc-1.1.6-lp151.2.3 is installed OR libu2f-host0-1.1.6-lp151.2.3 is installed OR u2f-host-1.1.6-lp151.2.3 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information ImageMagick-6.8.8.1-71.26 is installed OR libMagick++-6_Q16-3-6.8.8.1-71.26 is installed OR libMagickCore-6_Q16-1-6.8.8.1-71.26 is installed OR libMagickCore-6_Q16-1-32bit-6.8.8.1-71.26 is installed OR libMagickWand-6_Q16-1-6.8.8.1-71.26 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information ImageMagick-6.8.8.1-30 is installed OR libMagickCore-6_Q16-1-6.8.8.1-30 is installed OR libMagickWand-6_Q16-1-6.8.8.1-30 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kgraft-patch-3_12_74-60_64_99-default-10-2 is installed OR kgraft-patch-3_12_74-60_64_99-xen-10-2 is installed OR kgraft-patch-SLE12-SP1_Update_30-10-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information jakarta-commons-fileupload-1.1.1-120 is installed OR jakarta-commons-fileupload-javadoc-1.1.1-120 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information ntp-4.2.8p11-64.5 is installed OR ntp-doc-4.2.8p11-64.5 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information kgraft-patch-4_4_121-92_73-default-7-2 is installed OR kgraft-patch-SLE12-SP2_Update_21-7-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_103-92_56-default-8-2 is installed OR kgraft-patch-SLE12-SP2_Update_17-8-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information hplip-3.16.11-1 is installed OR hplip-hpijs-3.16.11-1 is installed OR hplip-sane-3.16.11-1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information MozillaFirefox-78.0.1-112.3 is installed OR MozillaFirefox-branding-SLE-78-35.3 is installed OR MozillaFirefox-devel-78.0.1-112.3 is installed OR MozillaFirefox-translations-common-78.0.1-112.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information libldap-2_4-2-2.4.41-18.68 is installed OR libldap-2_4-2-32bit-2.4.41-18.68 is installed OR openldap2-2.4.41-18.68 is installed OR openldap2-back-meta-2.4.41-18.68 is installed OR openldap2-client-2.4.41-18.68 is installed OR openldap2-doc-2.4.41-18.68 is installed OR openldap2-ppolicy-check-password-1.2-18.68 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information kgraft-patch-4_4_180-94_103-default-6-2 is installed OR kgraft-patch-SLE12-SP3_Update_28-6-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information libjasper1-1.900.14-195.8 is installed OR libjasper1-32bit-1.900.14-195.8 is installed
Definition Synopsis
SUSE OpenStack Cloud 7 is installed AND Package Information ruby2.1-rubygem-rails-html-sanitizer-1.0.3-8.8 is installed OR rubygem-rails-html-sanitizer-1.0.3-8.8 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND python-urllib3-1.22-5.6 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information libecpg6-10.12-1.18 is installed OR libpq5-10.12-1.18 is installed OR libpq5-32bit-10.12-1.18 is installed OR postgresql10-10.12-1.18 is installed OR postgresql10-contrib-10.12-1.18 is installed OR postgresql10-docs-10.12-1.18 is installed OR postgresql10-libs-10.12-1.18 is installed OR postgresql10-plperl-10.12-1.18 is installed OR postgresql10-plpython-10.12-1.18 is installed OR postgresql10-pltcl-10.12-1.18 is installed OR postgresql10-server-10.12-1.18 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 9 is installed AND python-Django1-1.11.20-3.3 is installed

BACK