Oval Definition:oval:org.opensuse.security:def:59496
Revision Date:2021-01-22Version:1
Title:Security update for ImageMagick (Important)
Description:

This update for ImageMagick fixes the following issues:

- CVE-2020-19667: Fixed a stack buffer overflow in XPM coder could result in a crash (bsc#1179103). - CVE-2020-25664: Fixed a heap-based buffer overflow in PopShortPixel (bsc#1179202). - CVE-2020-25665: Fixed a heap-based buffer overflow in WritePALMImage (bsc#1179208). - CVE-2020-25666: Fixed an outside the range of representable values of type 'int' and signed integer overflow (bsc#1179212). - CVE-2020-25674: Fixed a heap-based buffer overflow in WriteOnePNGImage (bsc#1179223). - CVE-2020-25675: Fixed an outside the range of representable values of type 'long' and integer overflow (bsc#1179240). - CVE-2020-25676: Fixed an outside the range of representable values of type 'long' and integer overflow at MagickCore/pixel.c (bsc#1179244). - CVE-2020-27750: Fixed an division by zero in MagickCore/colorspace-private.h (bsc#1179260). - CVE-2020-27751: Fixed an integer overflow in MagickCore/quantum-export.c (bsc#1179269). - CVE-2020-27752: Fixed a heap-based buffer overflow in PopShortPixel in MagickCore/quantum-private.h (bsc#1179346). - CVE-2020-27753: Fixed memory leaks in AcquireMagickMemory function (bsc#1179397). - CVE-2020-27754: Fixed an outside the range of representable values of type 'long' and signed integer overflow at MagickCore/quantize.c (bsc#1179336). - CVE-2020-27755: Fixed memory leaks in ResizeMagickMemory function in ImageMagick/MagickCore/memory.c (bsc#1179345). - CVE-2020-27757: Fixed an outside the range of representable values of type 'unsigned long long' at MagickCore/quantum-private.h (bsc#1179268). - CVE-2020-27759: Fixed an outside the range of representable values of type 'int' at MagickCore/quantize.c (bsc#1179313). - CVE-2020-27760: Fixed a division by zero at MagickCore/enhance.c (bsc#1179281). - CVE-2020-27761: Fixed an outside the range of representable values of type 'unsigned long' at coders/palm.c (bsc#1179315). - CVE-2020-27762: Fixed an outside the range of representable values of type 'unsigned char' (bsc#1179278). - CVE-2020-27763: Fixed a division by zero at MagickCore/resize.c (bsc#1179312). - CVE-2020-27764: Fixed an outside the range of representable values of type 'unsigned long' at MagickCore/statistic.c (bsc#1179317). - CVE-2020-27765: Fixed a division by zero at MagickCore/segment.c (bsc#1179311). - CVE-2020-27766: Fixed an outside the range of representable values of type 'unsigned long' at MagickCore/statistic.c (bsc#1179361). - CVE-2020-27767: Fixed an outside the range of representable values of type 'float' at MagickCore/quantum.h (bsc#1179322). - CVE-2020-27768: Fixed an outside the range of representable values of type 'unsigned int' at MagickCore/quantum-private.h (bsc#1179339). - CVE-2020-27769: Fixed an outside the range of representable values of type 'float' at MagickCore/quantize.c (bsc#1179321). - CVE-2020-27770: Fixed an unsigned offset overflowed at MagickCore/string.c (bsc#1179343). - CVE-2020-27771: Fixed an outside the range of representable values of type 'unsigned char' at coders/pdf.c (bsc#1179327). - CVE-2020-27772: Fixed an outside the range of representable values of type 'unsigned int' at coders/bmp.c (bsc#1179347). - CVE-2020-27773: Fixed a division by zero at MagickCore/gem-private.h (bsc#1179285). - CVE-2020-27774: Fixed an integer overflow at MagickCore/statistic.c (bsc#1179333). - CVE-2020-27775: Fixed an outside the range of representable values of type 'unsigned char' at MagickCore/quantum.h (bsc#1179338). - CVE-2020-27776: Fixed an outside the range of representable values of type 'unsigned long' at MagickCore/statistic.c (bsc#1179362).
Family:unixClass:patch
Status:Reference(s):1062645
1068664
1068689
1069496
1069702
1070805
1102682
1103098
1113160
1133037
1134195
1137443
1138822
1141619
1141661
1141670
1142038
1143913
1148177
1153090
1153277
1154940
1154968
1155372
1158328
1159208
1159623
1159819
1163871
1163933
1165921
1167231
1168310
1168669
1169746
1170231
1170557
1170908
1171687
1171978
1172462
1173022
1173576
1173613
1179103
1179202
1179208
1179212
1179223
1179240
1179244
1179260
1179268
1179269
1179278
1179281
1179285
1179311
1179312
1179313
1179315
1179317
1179321
1179322
1179327
1179333
1179336
1179338
1179339
1179343
1179345
1179346
1179347
1179361
1179362
1179397
CVE-2009-3700
CVE-2009-3826
CVE-2011-0020
CVE-2011-0064
CVE-2012-0876
CVE-2015-8936
CVE-2015-9542
CVE-2016-0718
CVE-2016-4472
CVE-2016-9063
CVE-2017-1000158
CVE-2017-1000405
CVE-2017-15191
CVE-2017-15192
CVE-2017-15193
CVE-2017-16852
CVE-2017-16939
CVE-2017-6507
CVE-2017-9233
CVE-2018-5390
CVE-2018-5391
CVE-2019-1010006
CVE-2019-10215
CVE-2019-11459
CVE-2019-11745
CVE-2019-12735
CVE-2019-13722
CVE-2019-15043
CVE-2019-17005
CVE-2019-17006
CVE-2019-17008
CVE-2019-17009
CVE-2019-17010
CVE-2019-17011
CVE-2019-17012
CVE-2020-12245
CVE-2020-12399
CVE-2020-12402
CVE-2020-12402
CVE-2020-12415
CVE-2020-12416
CVE-2020-12417
CVE-2020-12418
CVE-2020-12419
CVE-2020-12420
CVE-2020-12421
CVE-2020-12422
CVE-2020-12423
CVE-2020-12424
CVE-2020-12425
CVE-2020-12426
CVE-2020-13379
CVE-2020-19667
CVE-2020-25664
CVE-2020-25665
CVE-2020-25666
CVE-2020-25674
CVE-2020-25675
CVE-2020-25676
CVE-2020-27750
CVE-2020-27751
CVE-2020-27752
CVE-2020-27753
CVE-2020-27754
CVE-2020-27755
CVE-2020-27757
CVE-2020-27759
CVE-2020-27760
CVE-2020-27761
CVE-2020-27762
CVE-2020-27763
CVE-2020-27764
CVE-2020-27765
CVE-2020-27766
CVE-2020-27767
CVE-2020-27768
CVE-2020-27769
CVE-2020-27770
CVE-2020-27771
CVE-2020-27772
CVE-2020-27773
CVE-2020-27774
CVE-2020-27775
CVE-2020-27776
SUSE-SU-2017:2860-1
SUSE-SU-2017:3215-1
SUSE-SU-2017:3225-1
SUSE-SU-2019:1456-1
SUSE-SU-2019:2080-1
SUSE-SU-2019:3347-1
SUSE-SU-2020:0497-1
SUSE-SU-2020:1117-1
SUSE-SU-2020:1839-1
SUSE-SU-2020:1899-1
SUSE-SU-2020:1970-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 12 SP4-ESPOS
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
SUSE OpenStack Cloud Crowbar 9
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND libXxf86vm1-1.1.4-lp150.1 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • kernel-firmware-20190618-lp151.2.6 is installed
  • OR ucode-amd-20190618-lp151.2.6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • gvim-7.4.326-17.3 is installed
  • OR vim-7.4.326-17.3 is installed
  • OR vim-data-7.4.326-17.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • kgraft-patch-4_4_114-92_64-default-9-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_18-9-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • apache2-mod_apparmor-2.8.2-49 is installed
  • OR apparmor-docs-2.8.2-49 is installed
  • OR apparmor-parser-2.8.2-49 is installed
  • OR apparmor-profiles-2.8.2-49 is installed
  • OR apparmor-utils-2.8.2-49 is installed
  • OR libapparmor1-2.8.2-49 is installed
  • OR libapparmor1-32bit-2.8.2-49 is installed
  • OR pam_apparmor-2.8.2-49 is installed
  • OR pam_apparmor-32bit-2.8.2-49 is installed
  • OR perl-apparmor-2.8.2-49 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • kernel-default-4.4.180-94.107 is installed
  • OR kernel-default-base-4.4.180-94.107 is installed
  • OR kernel-default-devel-4.4.180-94.107 is installed
  • OR kernel-devel-4.4.180-94.107 is installed
  • OR kernel-macros-4.4.180-94.107 is installed
  • OR kernel-source-4.4.180-94.107 is installed
  • OR kernel-syms-4.4.180-94.107 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • evince-3.20.2-6.27 is installed
  • OR evince-browser-plugin-3.20.2-6.27 is installed
  • OR evince-lang-3.20.2-6.27 is installed
  • OR evince-plugin-djvudocument-3.20.2-6.27 is installed
  • OR evince-plugin-dvidocument-3.20.2-6.27 is installed
  • OR evince-plugin-pdfdocument-3.20.2-6.27 is installed
  • OR evince-plugin-psdocument-3.20.2-6.27 is installed
  • OR evince-plugin-tiffdocument-3.20.2-6.27 is installed
  • OR evince-plugin-xpsdocument-3.20.2-6.27 is installed
  • OR libevdocument3-4-3.20.2-6.27 is installed
  • OR libevview3-3-3.20.2-6.27 is installed
  • OR nautilus-evince-3.20.2-6.27 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_180-94_97-default-6-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_26-6-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • libQtWebKit4-4.8.7+2.3.4-4.7 is installed
  • OR libQtWebKit4-32bit-4.8.7+2.3.4-4.7 is installed
  • OR libqca2-2.0.3-17.7 is installed
  • OR libqca2-32bit-2.0.3-17.7 is installed
  • OR libqt4-4.8.7-8.8 is installed
  • OR libqt4-32bit-4.8.7-8.8 is installed
  • OR libqt4-devel-doc-4.8.7-8.8 is installed
  • OR libqt4-qt3support-4.8.7-8.8 is installed
  • OR libqt4-qt3support-32bit-4.8.7-8.8 is installed
  • OR libqt4-sql-4.8.7-8.8 is installed
  • OR libqt4-sql-32bit-4.8.7-8.8 is installed
  • OR libqt4-sql-mysql-4.8.7-8.8 is installed
  • OR libqt4-sql-plugins-4.8.7-8.8 is installed
  • OR libqt4-sql-sqlite-4.8.7-8.8 is installed
  • OR libqt4-x11-4.8.7-8.8 is installed
  • OR libqt4-x11-32bit-4.8.7-8.8 is installed
  • OR qt4-x11-tools-4.8.7-8.8 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • alsa-1.0.27.2-15 is installed
  • OR alsa-docs-1.0.27.2-15 is installed
  • OR libasound2-1.0.27.2-15 is installed
  • OR libasound2-32bit-1.0.27.2-15 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4-ESPOS is installed
  • AND Package Information
  • ImageMagick-config-6-SUSE-6.8.8.1-71.154.1 is installed
  • OR ImageMagick-config-6-upstream-6.8.8.1-71.154.1 is installed
  • OR libMagickCore-6_Q16-1-6.8.8.1-71.154.1 is installed
  • OR libMagickWand-6_Q16-1-6.8.8.1-71.154.1 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • MozillaFirefox-78.0.1-112.3 is installed
  • OR MozillaFirefox-branding-SLE-78-35.3 is installed
  • OR MozillaFirefox-devel-78.0.1-112.3 is installed
  • OR MozillaFirefox-translations-common-78.0.1-112.3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND golang-github-prometheus-node_exporter-0.18.1-1.6 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 9 is installed
  • AND Package Information
  • MozillaFirefox-78.1.0-112.8 is installed
  • OR MozillaFirefox-devel-78.1.0-112.8 is installed
  • OR MozillaFirefox-translations-common-78.1.0-112.8 is installed
    • BACK