Oval Definition:	oval:org.opensuse.security:def:57943
Revision Date: 2021-01-22 Version: 1 Title: Security update for ImageMagick (Important) Description: This update for ImageMagick fixes the following issues: - CVE-2020-19667: Fixed a stack buffer overflow in XPM coder could result in a crash (bsc#1179103). - CVE-2020-25664: Fixed a heap-based buffer overflow in PopShortPixel (bsc#1179202). - CVE-2020-25665: Fixed a heap-based buffer overflow in WritePALMImage (bsc#1179208). - CVE-2020-25666: Fixed an outside the range of representable values of type 'int' and signed integer overflow (bsc#1179212). - CVE-2020-25674: Fixed a heap-based buffer overflow in WriteOnePNGImage (bsc#1179223). - CVE-2020-25675: Fixed an outside the range of representable values of type 'long' and integer overflow (bsc#1179240). - CVE-2020-25676: Fixed an outside the range of representable values of type 'long' and integer overflow at MagickCore/pixel.c (bsc#1179244). - CVE-2020-27750: Fixed an division by zero in MagickCore/colorspace-private.h (bsc#1179260). - CVE-2020-27751: Fixed an integer overflow in MagickCore/quantum-export.c (bsc#1179269). - CVE-2020-27752: Fixed a heap-based buffer overflow in PopShortPixel in MagickCore/quantum-private.h (bsc#1179346). - CVE-2020-27753: Fixed memory leaks in AcquireMagickMemory function (bsc#1179397). - CVE-2020-27754: Fixed an outside the range of representable values of type 'long' and signed integer overflow at MagickCore/quantize.c (bsc#1179336). - CVE-2020-27755: Fixed memory leaks in ResizeMagickMemory function in ImageMagick/MagickCore/memory.c (bsc#1179345). - CVE-2020-27757: Fixed an outside the range of representable values of type 'unsigned long long' at MagickCore/quantum-private.h (bsc#1179268). - CVE-2020-27759: Fixed an outside the range of representable values of type 'int' at MagickCore/quantize.c (bsc#1179313). - CVE-2020-27760: Fixed a division by zero at MagickCore/enhance.c (bsc#1179281). - CVE-2020-27761: Fixed an outside the range of representable values of type 'unsigned long' at coders/palm.c (bsc#1179315). - CVE-2020-27762: Fixed an outside the range of representable values of type 'unsigned char' (bsc#1179278). - CVE-2020-27763: Fixed a division by zero at MagickCore/resize.c (bsc#1179312). - CVE-2020-27764: Fixed an outside the range of representable values of type 'unsigned long' at MagickCore/statistic.c (bsc#1179317). - CVE-2020-27765: Fixed a division by zero at MagickCore/segment.c (bsc#1179311). - CVE-2020-27766: Fixed an outside the range of representable values of type 'unsigned long' at MagickCore/statistic.c (bsc#1179361). - CVE-2020-27767: Fixed an outside the range of representable values of type 'float' at MagickCore/quantum.h (bsc#1179322). - CVE-2020-27768: Fixed an outside the range of representable values of type 'unsigned int' at MagickCore/quantum-private.h (bsc#1179339). - CVE-2020-27769: Fixed an outside the range of representable values of type 'float' at MagickCore/quantize.c (bsc#1179321). - CVE-2020-27770: Fixed an unsigned offset overflowed at MagickCore/string.c (bsc#1179343). - CVE-2020-27771: Fixed an outside the range of representable values of type 'unsigned char' at coders/pdf.c (bsc#1179327). - CVE-2020-27772: Fixed an outside the range of representable values of type 'unsigned int' at coders/bmp.c (bsc#1179347). - CVE-2020-27773: Fixed a division by zero at MagickCore/gem-private.h (bsc#1179285). - CVE-2020-27774: Fixed an integer overflow at MagickCore/statistic.c (bsc#1179333). - CVE-2020-27775: Fixed an outside the range of representable values of type 'unsigned char' at MagickCore/quantum.h (bsc#1179338). - CVE-2020-27776: Fixed an outside the range of representable values of type 'unsigned long' at MagickCore/statistic.c (bsc#1179362). Family: unix Class: patch Status: Reference(s): 1005886 1012260 1021577 1024051 1026191 1026236 1041469 1041894 1049703 1056126 1056127 1056128 1056129 1056131 1056132 1056136 1057460 1061204 1064786 1065464 1066489 1073210 1073703 1076390 1078436 1081518 1082810 1083093 1085018 1091551 1092697 1093898 1094767 1096515 1096759 1098369 1102682 1103383 1104205 1107343 1108771 1108986 1109209 1109363 1109412 1109413 1109414 1109465 1110506 1110507 1111996 1112534 1112535 1113247 1113252 1113255 1114674 1114988 1116827 1118830 1118831 1118987 1120640 1121034 1121035 1121056 1123157 1126140 1126141 1126192 1126195 1126196 1126198 1126201 1127400 1129623 1133131 1133191 1133232 1138459 1141853 1141913 1142772 1151021 1153674 1162197 1162200 1172798 1172846 1173972 1174753 1174817 1175168 1179103 1179202 1179208 1179212 1179223 1179240 1179244 1179260 1179268 1179269 1179278 1179281 1179285 1179311 1179312 1179313 1179315 1179317 1179321 1179322 1179327 1179333 1179336 1179338 1179339 1179343 1179345 1179346 1179347 1179361 1179362 1179397 703591 839074 857131 893359 929900 955131 966304 CVE-2013-1976 CVE-2014-0050 CVE-2015-5174 CVE-2015-5345 CVE-2015-5346 CVE-2015-5351 CVE-2016-0706 CVE-2016-0714 CVE-2016-0763 CVE-2016-1601 CVE-2016-3092 CVE-2016-8611 CVE-2017-13728 CVE-2017-13729 CVE-2017-13730 CVE-2017-13731 CVE-2017-13732 CVE-2017-13733 CVE-2017-13734 CVE-2017-16541 CVE-2017-5838 CVE-2018-1000876 CVE-2018-11805 CVE-2018-12376 CVE-2018-12377 CVE-2018-12378 CVE-2018-12379 CVE-2018-12381 CVE-2018-12383 CVE-2018-12385 CVE-2018-12386 CVE-2018-12387 CVE-2018-14526 CVE-2018-17358 CVE-2018-17359 CVE-2018-17360 CVE-2018-17985 CVE-2018-18309 CVE-2018-18311 CVE-2018-18483 CVE-2018-18484 CVE-2018-18605 CVE-2018-18606 CVE-2018-18607 CVE-2018-19931 CVE-2018-19932 CVE-2018-19967 CVE-2018-20623 CVE-2018-20651 CVE-2018-20671 CVE-2018-20852 CVE-2018-2579 CVE-2018-2582 CVE-2018-2588 CVE-2018-2599 CVE-2018-2602 CVE-2018-2603 CVE-2018-2618 CVE-2018-2633 CVE-2018-2634 CVE-2018-2637 CVE-2018-2641 CVE-2018-2657 CVE-2018-2663 CVE-2018-2677 CVE-2018-2678 CVE-2018-3760 CVE-2018-5390 CVE-2019-1010180 CVE-2019-10160 CVE-2019-11487 CVE-2019-14287 CVE-2019-14835 CVE-2019-6778 CVE-2019-9824 CVE-2020-13844 CVE-2020-1930 CVE-2020-1931 CVE-2020-19667 CVE-2020-25664 CVE-2020-25665 CVE-2020-25666 CVE-2020-25674 CVE-2020-25675 CVE-2020-25676 CVE-2020-27750 CVE-2020-27751 CVE-2020-27752 CVE-2020-27753 CVE-2020-27754 CVE-2020-27755 CVE-2020-27757 CVE-2020-27759 CVE-2020-27760 CVE-2020-27761 CVE-2020-27762 CVE-2020-27763 CVE-2020-27764 CVE-2020-27765 CVE-2020-27766 CVE-2020-27767 CVE-2020-27768 CVE-2020-27769 CVE-2020-27770 CVE-2020-27771 CVE-2020-27772 CVE-2020-27773 CVE-2020-27774 CVE-2020-27775 CVE-2020-27776 SUSE-SU-2017:0966-1 SUSE-SU-2018:0284-1 SUSE-SU-2018:0743-1 SUSE-SU-2018:2603-1 SUSE-SU-2018:3591-1 SUSE-SU-2019:0921-1 SUSE-SU-2019:1088-1 SUSE-SU-2019:1767-1 SUSE-SU-2019:2091-1 SUSE-SU-2019:2264-1 SUSE-SU-2019:2650-1 SUSE-SU-2019:2667-1 SUSE-SU-2020:0810-1 SUSE-SU-2020:3263-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information dbus-1-glib-0.108-lp150.1 is installed OR dbus-1-glib-tool-0.108-lp150.1 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information libpolkit0-0.114-lp151.5.3 is installed OR libpolkit0-32bit-0.114-lp151.5.3 is installed OR polkit-0.114-lp151.5.3 is installed OR polkit-devel-0.114-lp151.5.3 is installed OR polkit-doc-0.114-lp151.5.3 is installed OR typelib-1_0-Polkit-1_0-0.114-lp151.5.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kgraft-patch-3_12_74-60_64_115-default-2-2 is installed OR kgraft-patch-3_12_74-60_64_115-xen-2-2 is installed OR kgraft-patch-SLE12-SP1_Update_34-2-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information tomcat-8.0.36-11 is installed OR tomcat-admin-webapps-8.0.36-11 is installed OR tomcat-docs-webapp-8.0.36-11 is installed OR tomcat-el-3_0-api-8.0.36-11 is installed OR tomcat-javadoc-8.0.36-11 is installed OR tomcat-jsp-2_3-api-8.0.36-11 is installed OR tomcat-lib-8.0.36-11 is installed OR tomcat-servlet-3_1-api-8.0.36-11 is installed OR tomcat-webapps-8.0.36-11 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information libpython2_7-1_0-2.7.13-28.31 is installed OR libpython2_7-1_0-32bit-2.7.13-28.31 is installed OR python-2.7.13-28.31 is installed OR python-32bit-2.7.13-28.31 is installed OR python-base-2.7.13-28.31 is installed OR python-base-32bit-2.7.13-28.31 is installed OR python-curses-2.7.13-28.31 is installed OR python-demo-2.7.13-28.31 is installed OR python-doc-2.7.13-28.31 is installed OR python-doc-pdf-2.7.13-28.31 is installed OR python-gdbm-2.7.13-28.31 is installed OR python-idle-2.7.13-28.31 is installed OR python-tk-2.7.13-28.31 is installed OR python-xml-2.7.13-28.31 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information apache2-2.4.23-29.24 is installed OR apache2-doc-2.4.23-29.24 is installed OR apache2-example-pages-2.4.23-29.24 is installed OR apache2-prefork-2.4.23-29.24 is installed OR apache2-utils-2.4.23-29.24 is installed OR apache2-worker-2.4.23-29.24 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_121-92_109-default-5-2 is installed OR kgraft-patch-SLE12-SP2_Update_29-5-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information gstreamer-plugins-good-1.8.3-15 is installed OR gstreamer-plugins-good-lang-1.8.3-15 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND sudo-1.8.20p2-3.14 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information ImageMagick-config-6-SUSE-6.8.8.1-71.154.1 is installed OR ImageMagick-config-6-upstream-6.8.8.1-71.154.1 is installed OR libMagickCore-6_Q16-1-6.8.8.1-71.154.1 is installed OR libMagickWand-6_Q16-1-6.8.8.1-71.154.1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information kgraft-patch-4_4_156-94_57-default-7-2 is installed OR kgraft-patch-SLE12-SP3_Update_18-7-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information openslp-2.0.0-18.15 is installed OR openslp-32bit-2.0.0-18.15 is installed OR openslp-server-2.0.0-18.15 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information liblua5_2-5.2.4-6 is installed OR liblua5_2-32bit-5.2.4-6 is installed OR lua-5.2.4-6 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND Package Information crowbar-4.0+git.1528801103.f5708341-7.20 is installed OR crowbar-core-4.0+git.1534246408.3ab19c567-9.33 is installed OR crowbar-core-branding-upstream-4.0+git.1534246408.3ab19c567-9.33 is installed OR crowbar-devel-4.0+git.1528801103.f5708341-7.20 is installed OR crowbar-ha-4.0+git.1533750802.5768e73-4.34 is installed OR crowbar-openstack-4.0+git.1534254269.ce598a9fe-9.39 is installed OR crowbar-ui-1.1.0+git.1533844061.4ac8e723-4.3 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information libpython3_4m1_0-3.4.6-25.29 is installed OR python3-3.4.6-25.29 is installed OR python3-base-3.4.6-25.29 is installed OR python3-curses-3.4.6-25.29 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information curl-7.37.0-37.43 is installed OR libcurl4-7.37.0-37.43 is installed OR libcurl4-32bit-7.37.0-37.43 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 9 is installed AND Package Information mariadb-10.2.32-3.28 is installed OR mariadb-galera-10.2.32-3.28 is installed
BACK