Oval Definition:oval:org.opensuse.security:def:56842
Revision Date:2020-12-01Version:1
Title:Security update for ImageMagick (Moderate)
Description:

This update for ImageMagick fixes the following issues:

Security issues fixed:

- CVE-2019-11597: Fixed a heap-based buffer over-read in the WriteTIFFImage() (bsc#1138464). - Fixed a file content disclosure via SVG and WMF decoding (bsc#1138425).- CVE-2019-11472: Fixed a denial of service in ReadXWDImage() (bsc#1133204). - CVE-2019-11470: Fixed a denial of service in ReadCINImage() (bsc#1133205). - CVE-2019-11506: Fixed a heap-based buffer overflow in the WriteMATLABImage() (bsc#1133498). - CVE-2019-11505: Fixed a heap-based buffer overflow in the WritePDBImage() (bsc#1133501). - CVE-2019-10131: Fixed a off-by-one read in formatIPTCfromBuffer function in coders/meta.c (bsc#1134075). - CVE-2017-12806: Fixed a denial of service through memory exhaustion in format8BIM() (bsc#1135232). - CVE-2017-12805: Fixed a denial of service through memory exhaustion in ReadTIFFImage() (bsc#1135236). - CVE-2019-11598: Fixed a heap-based buffer over-read in WritePNMImage() (bsc#1136732) We also now disable PCL in the -SUSE configuration, as it also uses ghostscript for decoding (bsc#1136183)
Family:unixClass:patch
Status:Reference(s):1001600
1021578
1025950
1025951
1051791
1058425
1064569
1064580
1064583
1068664
1082023
1084604
1087066
1090023
1090024
1090025
1090026
1090027
1090028
1090029
1090030
1090032
1090033
1094161
1111634
1111635
1113231
1116717
1117275
1119493
1123156
1133204
1133205
1133498
1133501
1134075
1135232
1135236
1136183
1136732
1138425
1138464
1154609
1158785
1158787
1158788
1158789
1158790
1158791
1158792
1158793
1158795
1159208
1159623
1168630
865241
974092
974655
979261
979906
980722
994989
CVE-2009-0793
CVE-2012-0876
CVE-2013-4276
CVE-2013-7447
CVE-2016-0718
CVE-2016-4472
CVE-2016-4574
CVE-2016-4579
CVE-2016-4912
CVE-2016-6855
CVE-2016-7567
CVE-2016-9063
CVE-2017-1000158
CVE-2017-12132
CVE-2017-12805
CVE-2017-12806
CVE-2017-13672
CVE-2017-13673
CVE-2017-14482
CVE-2017-15670
CVE-2017-15671
CVE-2017-15804
CVE-2017-9233
CVE-2018-1000807
CVE-2018-1000808
CVE-2018-11236
CVE-2018-16872
CVE-2018-19364
CVE-2018-19489
CVE-2018-2790
CVE-2018-2794
CVE-2018-2795
CVE-2018-2796
CVE-2018-2797
CVE-2018-2798
CVE-2018-2799
CVE-2018-2800
CVE-2018-2814
CVE-2018-2815
CVE-2018-7858
CVE-2019-10131
CVE-2019-11470
CVE-2019-11472
CVE-2019-11505
CVE-2019-11506
CVE-2019-11597
CVE-2019-11598
CVE-2019-1348
CVE-2019-1349
CVE-2019-1350
CVE-2019-1351
CVE-2019-1352
CVE-2019-1353
CVE-2019-1354
CVE-2019-1387
CVE-2019-18197
CVE-2019-19604
CVE-2019-6778
CVE-2020-6819
CVE-2020-6820
SUSE-SU-2016:1510-1
SUSE-SU-2016:2661-1
SUSE-SU-2017:0695-1
SUSE-SU-2017:2529-1
SUSE-SU-2018:1690-1
SUSE-SU-2018:2185-1
SUSE-SU-2018:4063-1
SUSE-SU-2019:0489-1
SUSE-SU-2019:1712-1
SUSE-SU-2019:3311-1
SUSE-SU-2020:0497-1
SUSE-SU-2020:0920-2
SUSE-SU-2020:0928-1
SUSE-SU-403
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud 9
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • evince-3.26.0+20180128.1bd86963-lp150.2 is installed
  • OR evince-lang-3.26.0+20180128.1bd86963-lp150.2 is installed
  • OR evince-plugin-pdfdocument-3.26.0+20180128.1bd86963-lp150.2 is installed
  • OR evince-plugin-psdocument-3.26.0+20180128.1bd86963-lp150.2 is installed
  • OR libevdocument3-4-3.26.0+20180128.1bd86963-lp150.2 is installed
  • OR libevview3-3-3.26.0+20180128.1bd86963-lp150.2 is installed
  • OR nautilus-evince-3.26.0+20180128.1bd86963-lp150.2 is installed
  • OR typelib-1_0-EvinceDocument-3_0-3.26.0+20180128.1bd86963-lp150.2 is installed
  • OR typelib-1_0-EvinceView-3_0-3.26.0+20180128.1bd86963-lp150.2 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND system-user-root-20190513-lp151.3.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND Package Information
  • ImageMagick-6.8.8.1-71.123 is installed
  • OR ImageMagick-config-6-SUSE-6.8.8.1-71.123 is installed
  • OR ImageMagick-config-6-upstream-6.8.8.1-71.123 is installed
  • OR libMagick++-6_Q16-3-6.8.8.1-71.123 is installed
  • OR libMagickCore-6_Q16-1-6.8.8.1-71.123 is installed
  • OR libMagickCore-6_Q16-1-32bit-6.8.8.1-71.123 is installed
  • OR libMagickWand-6_Q16-1-6.8.8.1-71.123 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND Package Information
  • python-cryptography-1.3.1-7.13 is installed
  • OR python-pyOpenSSL-16.0.0-4.11 is installed
  • OR python-setuptools-18.0.1-4.8 is installed
  • OR python3-cryptography-1.3.1-7.13 is installed
  • OR python3-pyOpenSSL-16.0.0-4.11 is installed
  • OR python3-setuptools-18.0.1-4.8 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • openslp-2.0.0-17 is installed
  • OR openslp-32bit-2.0.0-17 is installed
  • OR openslp-server-2.0.0-17 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • emacs-24.3-25.3 is installed
  • OR emacs-el-24.3-25.3 is installed
  • OR emacs-info-24.3-25.3 is installed
  • OR emacs-nox-24.3-25.3 is installed
  • OR emacs-x11-24.3-25.3 is installed
  • OR etags-24.3-25.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • eog-3.20.4-7 is installed
  • OR eog-lang-3.20.4-7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • ntp-4.2.8p12-64.8 is installed
  • OR ntp-doc-4.2.8p12-64.8 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • libvirt-2.0.0-27.45 is installed
  • OR libvirt-client-2.0.0-27.45 is installed
  • OR libvirt-daemon-2.0.0-27.45 is installed
  • OR libvirt-daemon-config-network-2.0.0-27.45 is installed
  • OR libvirt-daemon-config-nwfilter-2.0.0-27.45 is installed
  • OR libvirt-daemon-driver-interface-2.0.0-27.45 is installed
  • OR libvirt-daemon-driver-libxl-2.0.0-27.45 is installed
  • OR libvirt-daemon-driver-lxc-2.0.0-27.45 is installed
  • OR libvirt-daemon-driver-network-2.0.0-27.45 is installed
  • OR libvirt-daemon-driver-nodedev-2.0.0-27.45 is installed
  • OR libvirt-daemon-driver-nwfilter-2.0.0-27.45 is installed
  • OR libvirt-daemon-driver-qemu-2.0.0-27.45 is installed
  • OR libvirt-daemon-driver-secret-2.0.0-27.45 is installed
  • OR libvirt-daemon-driver-storage-2.0.0-27.45 is installed
  • OR libvirt-daemon-hooks-2.0.0-27.45 is installed
  • OR libvirt-daemon-lxc-2.0.0-27.45 is installed
  • OR libvirt-daemon-qemu-2.0.0-27.45 is installed
  • OR libvirt-daemon-xen-2.0.0-27.45 is installed
  • OR libvirt-doc-2.0.0-27.45 is installed
  • OR libvirt-lock-sanlock-2.0.0-27.45 is installed
  • OR libvirt-nss-2.0.0-27.45 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_114-92_64-default-4-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_18-4-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • libidn-tools-1.28-4 is installed
  • OR libidn11-1.28-4 is installed
  • OR libidn11-32bit-1.28-4 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • LibVNCServer-0.9.9-17.19 is installed
  • OR libvncclient0-0.9.9-17.19 is installed
  • OR libvncserver0-0.9.9-17.19 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • libgcrypt-1.6.1-16.68 is installed
  • OR libgcrypt20-1.6.1-16.68 is installed
  • OR libgcrypt20-32bit-1.6.1-16.68 is installed
  • OR libgcrypt20-hmac-1.6.1-16.68 is installed
  • OR libgcrypt20-hmac-32bit-1.6.1-16.68 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_180-94_97-default-10-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_26-10-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • libtag1-1.9.1-1 is installed
  • OR libtag_c0-1.9.1-1 is installed
  • OR taglib-1.9.1-1 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • java-1_8_0-openjdk-1.8.0.171-27.19 is installed
  • OR java-1_8_0-openjdk-demo-1.8.0.171-27.19 is installed
  • OR java-1_8_0-openjdk-devel-1.8.0.171-27.19 is installed
  • OR java-1_8_0-openjdk-headless-1.8.0.171-27.19 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND python-Werkzeug-0.12.2-3.3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 9 is installed
  • AND python-Werkzeug-0.14.1-3.3 is installed
    • BACK