Oval Definition:oval:org.opensuse.security:def:59002
Revision Date:2020-12-01Version:1
Title:Security update for ImageMagick (Moderate)
Description:

This update for ImageMagick fixes several issues.

These security issues were fixed:

- CVE-2018-5246: Fixed memory leak vulnerability in ReadPATTERNImage in coders/pattern.c (bsc#1074973) - CVE-2017-18022: Fixed memory leak vulnerability in MontageImageCommand in MagickWand/montage.c (bsc#1074975) - CVE-2018-5247: Fixed memory leak vulnerability in ReadRLAImage in coders/rla.c (bsc#1074969) - CVE-2017-12672: Fixed a memory leak vulnerability in the function ReadMATImage in coders/mat.c, which allowed attackers to cause a denial of service (bsc#1052720) - CVE-2017-13060: Fixed a memory leak vulnerability in the function ReadMATImage in coders/mat.c, which allowed attackers to cause a denial of service via a crafted file (bsc#1055065) - CVE-2017-11724: Fixed a memory leak vulnerability in the function ReadMATImage in coders/mat.c involving the quantum_info and clone_info data structures (bsc#1051446) - CVE-2017-12670: Added validation in coders/mat.c to prevent an assertion failure in the function DestroyImage in MagickCore/image.c, which allowed attackers to cause a denial of service (bsc#1052731) - CVE-2017-12667: Fixed a memory leak vulnerability in the function ReadMATImage in coders/mat.c (bsc#1052732) - CVE-2017-13146: Fixed a memory leak vulnerability in the function ReadMATImage in coders/mat.c (bsc#1055323) - CVE-2017-10800: Processing MATLAB images in coders/mat.c could have lead to a denial of service (OOM) in ReadMATImage() if the size specified for a MAT Object was larger than the actual amount of data (bsc#1047044) - CVE-2017-13648: Fixed a memory leak vulnerability in the function ReadMATImage in coders/mat.c (bsc#1055434) - CVE-2017-11141: Fixed a memory leak vulnerability in the function ReadMATImage in coders\mat.c that could have caused memory exhaustion via a crafted MAT file, related to incorrect ordering of a SetImageExtent call (bsc#1047898) - CVE-2017-11529: The ReadMATImage function in coders/mat.c allowed remote attackers to cause a denial of service (memory leak) via a crafted file (bsc#1050120) - CVE-2017-12564: Fixed a memory leak vulnerability in the function ReadMATImage in coders/mat.c, which allowed attackers to cause a denial of service (bsc#1052468) - CVE-2017-12434: Added a missing NULL check in the function ReadMATImage in coders/mat.c, which allowed attackers to cause a denial of service (assertion failure) in DestroyImageInfo in image.c (bsc#1052550) - CVE-2017-12675: Added a missing check for multidimensional data coders/mat.c, that could have lead to a memory leak in the function ReadImage in MagickCore/constitute.c, which allowed attackers to cause a denial of service (bsc#1052710) - CVE-2017-14326: Fixed a memory leak vulnerability in the function ReadMATImage in coders/mat.c, which allowed attackers to cause a denial of service via a crafted file (bsc#1058640) - CVE-2017-11644: Processesing a crafted file in convert could have lead to a memory leak in the ReadMATImage() function in coders/mat.c (bsc#1050606) - CVE-2017-13658: Added a missing NULL check in the ReadMATImage function in coders/mat.c, which could have lead to a denial of service (assertion failure and application exit) in the DestroyImageInfo function in MagickCore/image.c (bsc#1055855) - CVE-2017-14533: Fixed a memory leak vulnerability in the function ReadMATImage in coders/mat.c (bsc#1059751) - CVE-2017-17881: Fixed a memory leak vulnerability in the function ReadMATImage in coders/mat.c, which allowed attackers to cause a denial of service via a crafted MAT image file (bsc#1074123)

Family:unixClass:patch
Status:Reference(s):1012382
1027519
1042286
1047044
1047898
1050120
1050606
1051446
1052468
1052550
1052710
1052720
1052731
1052732
1055065
1055323
1055434
1055855
1058640
1059751
1062604
1064232
1065364
1074123
1074969
1074973
1074975
1082519
1082863
1084536
1085042
1088810
1089066
1092903
1094466
1095344
1096547
1097104
1099597
1099811
1099813
1099844
1099845
1099846
1099849
1099863
1099864
1099922
1099993
1099999
1100000
1100001
1100152
1102517
1102715
1102870
1103445
1104319
1104495
1105292
1105296
1105322
1105348
1105396
1105536
1106016
1106095
1106369
1106509
1106511
1106512
1106594
1107689
1107735
1107966
1108239
1108399
1109333
1109663
1109847
1111331
1116380
1124211
1124729
1124734
1128378
1129180
1130680
1131863
1133818
1134156
1136446
1137597
1138459
1140359
1140747
1141493
1144504
1146882
1146884
1149458
1151021
1151839
1153108
1154328
1156321
1157770
1165631
1168630
1171252
1171254
1174955
1177155
CVE-2004-2771
CVE-2014-7844
CVE-2017-10800
CVE-2017-11141
CVE-2017-11529
CVE-2017-11644
CVE-2017-11724
CVE-2017-12434
CVE-2017-12564
CVE-2017-12652
CVE-2017-12667
CVE-2017-12670
CVE-2017-12672
CVE-2017-12675
CVE-2017-13060
CVE-2017-13146
CVE-2017-13648
CVE-2017-13658
CVE-2017-14326
CVE-2017-14533
CVE-2017-17881
CVE-2017-18022
CVE-2018-1000802
CVE-2018-10853
CVE-2018-10876
CVE-2018-10877
CVE-2018-10878
CVE-2018-10879
CVE-2018-10880
CVE-2018-10881
CVE-2018-10882
CVE-2018-10883
CVE-2018-10902
CVE-2018-10938
CVE-2018-10940
CVE-2018-12126
CVE-2018-12127
CVE-2018-12130
CVE-2018-12896
CVE-2018-13093
CVE-2018-13094
CVE-2018-13095
CVE-2018-14617
CVE-2018-14647
CVE-2018-14678
CVE-2018-15572
CVE-2018-15594
CVE-2018-16276
CVE-2018-16658
CVE-2018-17182
CVE-2018-20815
CVE-2018-5246
CVE-2018-5247
CVE-2018-6554
CVE-2018-6555
CVE-2018-7480
CVE-2018-7757
CVE-2018-9363
CVE-2019-10160
CVE-2019-10220
CVE-2019-11091
CVE-2019-11477
CVE-2019-11478
CVE-2019-12625
CVE-2019-12900
CVE-2019-12973
CVE-2019-13272
CVE-2019-14811
CVE-2019-14812
CVE-2019-14813
CVE-2019-14817
CVE-2019-14835
CVE-2019-3693
CVE-2019-3835
CVE-2019-3839
CVE-2019-3846
CVE-2019-6974
CVE-2019-7221
CVE-2019-7317
CVE-2019-9213
CVE-2020-12653
CVE-2020-12654
CVE-2020-15708
CVE-2020-1749
CVE-2020-25637
CVE-2020-6819
CVE-2020-6820
SUSE-SU-2018:0130-1
SUSE-SU-2018:3084-1
SUSE-SU-2019:1371-1
SUSE-SU-2019:2053-1
SUSE-SU-2019:2478-1
SUSE-SU-2019:3060-2
SUSE-SU-2019:3066-1
SUSE-SU-2019:3076-1
SUSE-SU-2019:3263-1
SUSE-SU-2020:1486-1
SUSE-SU-2020:3143-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND yast2-4.0.74-lp150.1 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • fence-agents-4.4.0+git.1558595666.5f79f9e9-lp151.2.3 is installed
  • OR fence-agents-amt_ws-4.4.0+git.1558595666.5f79f9e9-lp151.2.3 is installed
  • OR fence-agents-devel-4.4.0+git.1558595666.5f79f9e9-lp151.2.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • ImageMagick-6.8.8.1-71.26 is installed
  • OR libMagickCore-6_Q16-1-6.8.8.1-71.26 is installed
  • OR libMagickWand-6_Q16-1-6.8.8.1-71.26 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • kernel-default-4.4.121-92.95 is installed
  • OR kernel-default-base-4.4.121-92.95 is installed
  • OR kernel-default-devel-4.4.121-92.95 is installed
  • OR kernel-devel-4.4.121-92.95 is installed
  • OR kernel-macros-4.4.121-92.95 is installed
  • OR kernel-source-4.4.121-92.95 is installed
  • OR kernel-syms-4.4.121-92.95 is installed
  • OR lttng-modules-2.7.1-9.6 is installed
  • OR lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • kgraft-patch-4_4_121-92_98-default-6-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_26-6-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • libpython3_4m1_0-3.4.6-25.29 is installed
  • OR python3-3.4.6-25.29 is installed
  • OR python3-base-3.4.6-25.29 is installed
  • OR python3-curses-3.4.6-25.29 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND mailx-12.5-28 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • python-certifi-2018.4.16-3.6 is installed
  • OR python-chardet-3.0.4-5.6 is installed
  • OR python-urllib3-1.22-3.20 is installed
  • OR python3-certifi-2018.4.16-3.6 is installed
  • OR python3-chardet-3.0.4-5.6 is installed
  • OR python3-requests-2.20.1-5 is installed
  • OR python3-urllib3-1.22-3.20 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • MozillaFirefox-60.8.0-109.83 is installed
  • OR MozillaFirefox-translations-common-60.8.0-109.83 is installed
  • OR libfreebl3-3.44.1-58.28 is installed
  • OR libfreebl3-32bit-3.44.1-58.28 is installed
  • OR libfreebl3-hmac-3.44.1-58.28 is installed
  • OR libfreebl3-hmac-32bit-3.44.1-58.28 is installed
  • OR libsoftokn3-3.44.1-58.28 is installed
  • OR libsoftokn3-32bit-3.44.1-58.28 is installed
  • OR libsoftokn3-hmac-3.44.1-58.28 is installed
  • OR libsoftokn3-hmac-32bit-3.44.1-58.28 is installed
  • OR mozilla-nss-3.44.1-58.28 is installed
  • OR mozilla-nss-32bit-3.44.1-58.28 is installed
  • OR mozilla-nss-certs-3.44.1-58.28 is installed
  • OR mozilla-nss-certs-32bit-3.44.1-58.28 is installed
  • OR mozilla-nss-sysinit-3.44.1-58.28 is installed
  • OR mozilla-nss-sysinit-32bit-3.44.1-58.28 is installed
  • OR mozilla-nss-tools-3.44.1-58.28 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_156-94_57-default-7-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_18-7-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • libopenssl-devel-1.0.2j-60.39 is installed
  • OR libopenssl1_0_0-1.0.2j-60.39 is installed
  • OR libopenssl1_0_0-32bit-1.0.2j-60.39 is installed
  • OR libopenssl1_0_0-hmac-1.0.2j-60.39 is installed
  • OR libopenssl1_0_0-hmac-32bit-1.0.2j-60.39 is installed
  • OR openssl-1.0.2j-60.39 is installed
  • OR openssl-doc-1.0.2j-60.39 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • libXi6-1.7.4-17 is installed
  • OR libXi6-32bit-1.7.4-17 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • ghostscript-9.27-23.28 is installed
  • OR ghostscript-x11-9.27-23.28 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND slf4j-1.7.12-3.3 is installed
    • BACK