Oval Definition:oval:org.opensuse.security:def:58574
Revision Date:2020-12-01Version:1
Title:Security update for ImageMagick (Moderate)
Description:





This update for ImageMagick fixes the following issues:

Security issues fixed:

CVE-2017-15033: A denial of service attack (memory leak) was fixed in ReadYUVImage in coders/yuv.c [bsc#1061873] * CVE-2017-11446: An infinite loop in ReadPESImage was fixed. (bsc#1049379) * CVE-2017-12433: A memory leak in ReadPESImage in coders/pes.c was fixed. (bsc#1052545) * CVE-2017-12428: A memory leak in ReadWMFImage in coders/wmf.c was fixed. (bsc#1052249) * CVE-2017-12431: A use-after-free in ReadWMFImage was fixed. (bsc#1052253) * CVE-2017-11534: A memory leak in the lite_font_map() in coders/wmf.c was fixed. (bsc#1050135) * CVE-2017-13133: A memory exhaustion in load_level function in coders/xcf.c was fixed. (bsc#1055219) * CVE-2017-13139: A out-of-bounds read in the ReadOneMNGImage was fixed. (bsc#1055430)

This update also reverts an incorrect fix for CVE-2016-7530 [bsc#1054924].
Family:unixClass:patch
Status:Reference(s):1021578
1026978
1026979
1026980
1026981
1026982
1026983
1026984
1026985
1026986
1026987
1026988
1037559
1049379
1050135
1052249
1052253
1052545
1054924
1055219
1055430
1061873
1069496
1069702
1070805
1076957
1079869
1083125
1085447
1090368
1090646
1090869
1091427
1092548
1094325
1094725
1100112
1111622
1111634
1111635
1112142
1112143
1112144
1112146
1112147
1112148
1112152
1112153
1122292
1122293
1122299
1122668
1128158
1131291
1154212
1158442
1167890
1168930
949399
959329
CVE-2014-2977
CVE-2014-2978
CVE-2015-7747
CVE-2016-10708
CVE-2016-7530
CVE-2017-1000405
CVE-2017-11446
CVE-2017-11534
CVE-2017-12428
CVE-2017-12431
CVE-2017-12433
CVE-2017-13133
CVE-2017-13139
CVE-2017-13166
CVE-2017-15033
CVE-2017-16939
CVE-2017-5715
CVE-2017-6827
CVE-2017-6828
CVE-2017-6829
CVE-2017-6830
CVE-2017-6831
CVE-2017-6832
CVE-2017-6833
CVE-2017-6834
CVE-2017-6835
CVE-2017-6836
CVE-2017-6837
CVE-2017-6838
CVE-2017-6839
CVE-2017-8779
CVE-2018-1000807
CVE-2018-1000808
CVE-2018-1087
CVE-2018-11212
CVE-2018-13785
CVE-2018-16435
CVE-2018-18074
CVE-2018-1890
CVE-2018-3136
CVE-2018-3139
CVE-2018-3149
CVE-2018-3169
CVE-2018-3180
CVE-2018-3183
CVE-2018-3214
CVE-2018-5150
CVE-2018-5154
CVE-2018-5155
CVE-2018-5157
CVE-2018-5158
CVE-2018-5159
CVE-2018-5168
CVE-2018-5174
CVE-2018-5178
CVE-2018-5183
CVE-2018-8781
CVE-2018-8897
CVE-2019-17631
CVE-2019-2422
CVE-2019-2449
CVE-2019-2933
CVE-2019-2945
CVE-2019-2958
CVE-2019-2962
CVE-2019-2964
CVE-2019-2973
CVE-2019-2975
CVE-2019-2978
CVE-2019-2981
CVE-2019-2983
CVE-2019-2988
CVE-2019-2989
CVE-2019-2992
CVE-2019-2996
CVE-2019-2999
CVE-2020-5260
SUSE-SU-2017:0940-1
SUSE-SU-2017:1314-1
SUSE-SU-2017:2949-1
SUSE-SU-2017:3226-1
SUSE-SU-2018:1334-1
SUSE-SU-2018:1518-1
SUSE-SU-2018:2530-1
SUSE-SU-2018:4063-1
SUSE-SU-2019:0057-1
SUSE-SU-2019:1136-1
SUSE-SU-2020:0024-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
SUSE OpenStack Cloud Crowbar 9
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • gegl-0_3-0.3.34-lp150.1 is installed
  • OR gegl-0_3-lang-0.3.34-lp150.1 is installed
  • OR libgegl-0_3-0-0.3.34-lp150.1 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • tomcat-9.0.21-lp151.3.3 is installed
  • OR tomcat-admin-webapps-9.0.21-lp151.3.3 is installed
  • OR tomcat-docs-webapp-9.0.21-lp151.3.3 is installed
  • OR tomcat-el-3_0-api-9.0.21-lp151.3.3 is installed
  • OR tomcat-embed-9.0.21-lp151.3.3 is installed
  • OR tomcat-javadoc-9.0.21-lp151.3.3 is installed
  • OR tomcat-jsp-2_3-api-9.0.21-lp151.3.3 is installed
  • OR tomcat-jsvc-9.0.21-lp151.3.3 is installed
  • OR tomcat-lib-9.0.21-lp151.3.3 is installed
  • OR tomcat-servlet-4_0-api-9.0.21-lp151.3.3 is installed
  • OR tomcat-webapps-9.0.21-lp151.3.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • ImageMagick-6.8.8.1-71.12 is installed
  • OR libMagickCore-6_Q16-1-6.8.8.1-71.12 is installed
  • OR libMagickWand-6_Q16-1-6.8.8.1-71.12 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • libopenssl-devel-1.0.2j-60.52 is installed
  • OR libopenssl1_0_0-1.0.2j-60.52 is installed
  • OR libopenssl1_0_0-32bit-1.0.2j-60.52 is installed
  • OR libopenssl1_0_0-hmac-1.0.2j-60.52 is installed
  • OR libopenssl1_0_0-hmac-32bit-1.0.2j-60.52 is installed
  • OR openssl-1.0.2j-60.52 is installed
  • OR openssl-doc-1.0.2j-60.52 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • libvirt-2.0.0-27.45 is installed
  • OR libvirt-client-2.0.0-27.45 is installed
  • OR libvirt-daemon-2.0.0-27.45 is installed
  • OR libvirt-daemon-config-network-2.0.0-27.45 is installed
  • OR libvirt-daemon-config-nwfilter-2.0.0-27.45 is installed
  • OR libvirt-daemon-driver-interface-2.0.0-27.45 is installed
  • OR libvirt-daemon-driver-libxl-2.0.0-27.45 is installed
  • OR libvirt-daemon-driver-lxc-2.0.0-27.45 is installed
  • OR libvirt-daemon-driver-network-2.0.0-27.45 is installed
  • OR libvirt-daemon-driver-nodedev-2.0.0-27.45 is installed
  • OR libvirt-daemon-driver-nwfilter-2.0.0-27.45 is installed
  • OR libvirt-daemon-driver-qemu-2.0.0-27.45 is installed
  • OR libvirt-daemon-driver-secret-2.0.0-27.45 is installed
  • OR libvirt-daemon-driver-storage-2.0.0-27.45 is installed
  • OR libvirt-daemon-hooks-2.0.0-27.45 is installed
  • OR libvirt-daemon-lxc-2.0.0-27.45 is installed
  • OR libvirt-daemon-qemu-2.0.0-27.45 is installed
  • OR libvirt-daemon-xen-2.0.0-27.45 is installed
  • OR libvirt-doc-2.0.0-27.45 is installed
  • OR libvirt-lock-sanlock-2.0.0-27.45 is installed
  • OR libvirt-nss-2.0.0-27.45 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_103-92_53-default-6-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_16-6-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • DirectFB-1.7.1-6 is installed
  • OR lib++dfb-1_7-1-1.7.1-6 is installed
  • OR libdirectfb-1_7-1-1.7.1-6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • ibus-1.5.13-15.11 is installed
  • OR ibus-gtk-1.5.13-15.11 is installed
  • OR ibus-gtk3-1.5.13-15.11 is installed
  • OR ibus-lang-1.5.13-15.11 is installed
  • OR libibus-1_0-5-1.5.13-15.11 is installed
  • OR typelib-1_0-IBus-1_0-1.5.13-15.11 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • java-1_8_0-openjdk-1.8.0.242-27.41 is installed
  • OR java-1_8_0-openjdk-demo-1.8.0.242-27.41 is installed
  • OR java-1_8_0-openjdk-devel-1.8.0.242-27.41 is installed
  • OR java-1_8_0-openjdk-headless-1.8.0.242-27.41 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_175-94_79-default-5-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_23-5-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • ntp-4.2.8p12-64.8 is installed
  • OR ntp-doc-4.2.8p12-64.8 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • libgnomesu-2.0.0-353.6 is installed
  • OR libgnomesu-lang-2.0.0-353.6 is installed
  • OR libgnomesu0-2.0.0-353.6 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • libpython2_7-1_0-2.7.17-28.42 is installed
  • OR libpython2_7-1_0-32bit-2.7.17-28.42 is installed
  • OR python-2.7.17-28.42 is installed
  • OR python-32bit-2.7.17-28.42 is installed
  • OR python-base-2.7.17-28.42 is installed
  • OR python-base-32bit-2.7.17-28.42 is installed
  • OR python-curses-2.7.17-28.42 is installed
  • OR python-demo-2.7.17-28.42 is installed
  • OR python-devel-2.7.17-28.42 is installed
  • OR python-doc-2.7.17-28.42 is installed
  • OR python-doc-pdf-2.7.17-28.42 is installed
  • OR python-gdbm-2.7.17-28.42 is installed
  • OR python-idle-2.7.17-28.42 is installed
  • OR python-rpm-macros-20200207.5feb6c1-3.19 is installed
  • OR python-tk-2.7.17-28.42 is installed
  • OR python-xml-2.7.17-28.42 is installed
  • OR shared-python-startup-0.1-1.3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • kernel-default-4.4.180-94.124 is installed
  • OR kernel-default-base-4.4.180-94.124 is installed
  • OR kernel-default-devel-4.4.180-94.124 is installed
  • OR kernel-default-kgraft-4.4.180-94.124 is installed
  • OR kernel-devel-4.4.180-94.124 is installed
  • OR kernel-macros-4.4.180-94.124 is installed
  • OR kernel-source-4.4.180-94.124 is installed
  • OR kernel-syms-4.4.180-94.124 is installed
  • OR kgraft-patch-4_4_180-94_124-default-1-4.3 is installed
  • OR kgraft-patch-SLE12-SP3_Update_33-1-4.3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 9 is installed
  • AND nodejs6-6.17.1-11.37 is installed
    • BACK