OVAL Reference oval:org.opensuse.security:def:56934

Oval Definition:

oval:org.opensuse.security:def:56934

Revision Date:	2020-12-01	Version:	1
Title:	Security update for ImageMagick (Moderate)
Description:	This update for ImageMagick fixes the following issues: Security issues fixed: - CVE-2019-9956: Fixed a stack-based buffer overflow in PopHexPixel() (bsc#1130330). - CVE-2019-10650: Fixed a heap-based buffer over-read in WriteTIFFImage() (bsc#1131317). - CVE-2019-7175: Fixed multiple memory leaks in DecodeImage function (bsc#1128649). - CVE-2018-20467: Fixed infinite loop in coders/bmp.c (bsc#1120381). - CVE-2019-7398: Fixed a memory leak in the function WriteDIBImage (bsc#1124365). - CVE-2019-7397: Fixed a memory leak in the function WritePDFImage (bsc#1124366). - CVE-2019-7395: Fixed a memory leak in the function WritePSDChannel (bsc#1124368). - CVE-2018-16413: Fixed a heap-based buffer over-read in PushShortPixel() (bsc#1106989). - CVE-2018-16412: Fixed a heap-based buffer over-read in ParseImageResourceBlocks() (bsc#1106996). - CVE-2018-16644: Fixed a regression in dcm coder (bsc#1107609). - CVE-2019-11007: Fixed a heap-based buffer overflow in ReadMNGImage() (bsc#1132060). - CVE-2019-11008: Fixed a heap-based buffer overflow in WriteXWDImage() (bsc#1132054). - CVE-2019-11009: Fixed a heap-based buffer over-read in ReadXWDImage() (bsc#1132053). - Added extra -config- packages with Postscript/EPS/PDF readers still enabled. Removing the PS decoders is used to harden ImageMagick against security issues within ghostscript. Enabling them might impact security. (bsc#1122033) These are two packages that can be selected: - ImageMagick-config-6-SUSE: This has the PS decoders disabled. - ImageMagick-config-6-upstream: This has the PS decoders enabled. Depending on your local needs install either one of them. The default is the -SUSE configuration.
Family:	unix	Class:	patch
Status:		Reference(s):	1013669 1025950 1025951 1034674 1034678 1038564 1041783 1042802 1042803 1042892 1043088 1044887 1044894 1045327 1045719 1045721 1051684 1051685 1052311 1052368 1053259 1067203 1068565 1072193 1077999 1082216 1082233 1082234 1087932 1096718 1106989 1106996 1107609 1112039 1120381 1122033 1124365 1124366 1124368 1128649 1130330 1131317 1132053 1132054 1132060 1140868 1159646 1173160 1174120 924519 929629 936862 968973 971965 972197 973031 973032 973033 973034 973036 973832 974092 974629 990636 CVE-2014-3618 CVE-2014-8146 CVE-2014-8147 CVE-2014-9273 CVE-2015-5370 CVE-2016-2110 CVE-2016-2111 CVE-2016-2112 CVE-2016-2113 CVE-2016-2115 CVE-2016-2118 CVE-2016-6293 CVE-2016-9811 CVE-2017-1000112 CVE-2017-14952 CVE-2017-15274 CVE-2017-15422 CVE-2017-17484 CVE-2017-7375 CVE-2017-7376 CVE-2017-7511 CVE-2017-7515 CVE-2017-7546 CVE-2017-7547 CVE-2017-7548 CVE-2017-7867 CVE-2017-7868 CVE-2017-8890 CVE-2017-9242 CVE-2017-9406 CVE-2017-9408 CVE-2017-9775 CVE-2017-9776 CVE-2018-12015 CVE-2018-16412 CVE-2018-16413 CVE-2018-16644 CVE-2018-18386 CVE-2018-20467 CVE-2018-6797 CVE-2018-6798 CVE-2018-6913 CVE-2019-10650 CVE-2019-11007 CVE-2019-11008 CVE-2019-11009 CVE-2019-11709 CVE-2019-11711 CVE-2019-11712 CVE-2019-11713 CVE-2019-11715 CVE-2019-11717 CVE-2019-11719 CVE-2019-11729 CVE-2019-11730 CVE-2019-17571 CVE-2019-7175 CVE-2019-7395 CVE-2019-7397 CVE-2019-7398 CVE-2019-9811 CVE-2019-9956 CVE-2020-10745 SUSE-SU-2016:1024-1 SUSE-SU-2017:0242-1 SUSE-SU-2017:0695-1 SUSE-SU-2017:1999-1 SUSE-SU-2017:2355-1 SUSE-SU-2017:2791-1 SUSE-SU-2018:1401-1 SUSE-SU-2018:1972-1 SUSE-SU-2019:1033-1 SUSE-SU-2019:1861-1 SUSE-SU-2020:0054-1 SUSE-SU-2020:2312-1
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND Package Information libaudit1-2.8.1-lp150.3 is installed OR libaudit1-32bit-2.8.1-lp150.3 is installed OR libauparse0-2.8.1-lp150.3 is installed
Definition Synopsis
openSUSE Leap 15.1 is installed AND Package Information exim-4.88-lp151.4.6 is installed OR eximon-4.88-lp151.4.6 is installed OR eximstats-html-4.88-lp151.4.6 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information ImageMagick-6.8.8.1-71.108 is installed OR ImageMagick-config-6-SUSE-6.8.8.1-71.108 is installed OR ImageMagick-config-6-upstream-6.8.8.1-71.108 is installed OR libMagick++-6_Q16-3-6.8.8.1-71.108 is installed OR libMagickCore-6_Q16-1-6.8.8.1-71.108 is installed OR libMagickCore-6_Q16-1-32bit-6.8.8.1-71.108 is installed OR libMagickWand-6_Q16-1-6.8.8.1-71.108 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information libdcerpc-binding0-4.2.4-16 is installed OR libdcerpc-binding0-32bit-4.2.4-16 is installed OR libdcerpc0-4.2.4-16 is installed OR libdcerpc0-32bit-4.2.4-16 is installed OR libgensec0-4.2.4-16 is installed OR libgensec0-32bit-4.2.4-16 is installed OR libndr-krb5pac0-4.2.4-16 is installed OR libndr-krb5pac0-32bit-4.2.4-16 is installed OR libndr-nbt0-4.2.4-16 is installed OR libndr-nbt0-32bit-4.2.4-16 is installed OR libndr-standard0-4.2.4-16 is installed OR libndr-standard0-32bit-4.2.4-16 is installed OR libndr0-4.2.4-16 is installed OR libndr0-32bit-4.2.4-16 is installed OR libnetapi0-4.2.4-16 is installed OR libnetapi0-32bit-4.2.4-16 is installed OR libregistry0-4.2.4-16 is installed OR libsamba-credentials0-4.2.4-16 is installed OR libsamba-credentials0-32bit-4.2.4-16 is installed OR libsamba-hostconfig0-4.2.4-16 is installed OR libsamba-hostconfig0-32bit-4.2.4-16 is installed OR libsamba-passdb0-4.2.4-16 is installed OR libsamba-passdb0-32bit-4.2.4-16 is installed OR libsamba-util0-4.2.4-16 is installed OR libsamba-util0-32bit-4.2.4-16 is installed OR libsamdb0-4.2.4-16 is installed OR libsamdb0-32bit-4.2.4-16 is installed OR libsmbclient-raw0-4.2.4-16 is installed OR libsmbclient-raw0-32bit-4.2.4-16 is installed OR libsmbclient0-4.2.4-16 is installed OR libsmbclient0-32bit-4.2.4-16 is installed OR libsmbconf0-4.2.4-16 is installed OR libsmbconf0-32bit-4.2.4-16 is installed OR libsmbldap0-4.2.4-16 is installed OR libsmbldap0-32bit-4.2.4-16 is installed OR libtevent-util0-4.2.4-16 is installed OR libtevent-util0-32bit-4.2.4-16 is installed OR libwbclient0-4.2.4-16 is installed OR libwbclient0-32bit-4.2.4-16 is installed OR samba-4.2.4-16 is installed OR samba-32bit-4.2.4-16 is installed OR samba-client-4.2.4-16 is installed OR samba-client-32bit-4.2.4-16 is installed OR samba-doc-4.2.4-16 is installed OR samba-libs-4.2.4-16 is installed OR samba-libs-32bit-4.2.4-16 is installed OR samba-winbind-4.2.4-16 is installed OR samba-winbind-32bit-4.2.4-16 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information postgresql94-9.4.13-21.5 is installed OR postgresql94-contrib-9.4.13-21.5 is installed OR postgresql94-docs-9.4.13-21.5 is installed OR postgresql94-server-9.4.13-21.5 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information libhivex0-1.3.10-4 is installed OR perl-Win-Hivex-1.3.10-4 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information libopenssl-devel-1.0.2j-60.30 is installed OR libopenssl1_0_0-1.0.2j-60.30 is installed OR libopenssl1_0_0-32bit-1.0.2j-60.30 is installed OR libopenssl1_0_0-hmac-1.0.2j-60.30 is installed OR libopenssl1_0_0-hmac-32bit-1.0.2j-60.30 is installed OR openssl-1.0.2j-60.30 is installed OR openssl-doc-1.0.2j-60.30 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information kgraft-patch-4_4_121-92_73-default-6-2 is installed OR kgraft-patch-SLE12-SP2_Update_21-6-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_90-92_45-default-7-2 is installed OR kgraft-patch-SLE12-SP2_Update_14-7-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND chrony-2.3-3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information ibus-1.5.13-15.11 is installed OR ibus-gtk-1.5.13-15.11 is installed OR ibus-gtk3-1.5.13-15.11 is installed OR ibus-lang-1.5.13-15.11 is installed OR libibus-1_0-5-1.5.13-15.11 is installed OR typelib-1_0-IBus-1_0-1.5.13-15.11 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information libpolkit0-0.113-5.18 is installed OR polkit-0.113-5.18 is installed OR typelib-1_0-Polkit-1_0-0.113-5.18 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information libkpathsea6-6.2.0dev-22.3 is installed OR texlive-2013.20130620-22.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND sblim-sfcb-1.4.8-17.3 is installed
Definition Synopsis
SUSE OpenStack Cloud 7 is installed AND Package Information icu-52.1-8.7 is installed OR libicu-doc-52.1-8.7 is installed OR libicu52_1-52.1-8.7 is installed OR libicu52_1-32bit-52.1-8.7 is installed OR libicu52_1-data-52.1-8.7 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND python-Django-1.11.11-3.3 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND nodejs6-6.14.4-11.18 is installed

BACK