OVAL Reference oval:org.opensuse.security:def:60290

Oval Definition:

oval:org.opensuse.security:def:60290

Revision Date:	2021-01-22	Version:	1
Title:	Security update for ImageMagick (Important)
Description:	This update for ImageMagick fixes the following issues: - CVE-2020-19667: Fixed a stack buffer overflow in XPM coder could result in a crash (bsc#1179103). - CVE-2020-25664: Fixed a heap-based buffer overflow in PopShortPixel (bsc#1179202). - CVE-2020-25665: Fixed a heap-based buffer overflow in WritePALMImage (bsc#1179208). - CVE-2020-25666: Fixed an outside the range of representable values of type 'int' and signed integer overflow (bsc#1179212). - CVE-2020-25674: Fixed a heap-based buffer overflow in WriteOnePNGImage (bsc#1179223). - CVE-2020-25675: Fixed an outside the range of representable values of type 'long' and integer overflow (bsc#1179240). - CVE-2020-25676: Fixed an outside the range of representable values of type 'long' and integer overflow at MagickCore/pixel.c (bsc#1179244). - CVE-2020-27750: Fixed an division by zero in MagickCore/colorspace-private.h (bsc#1179260). - CVE-2020-27751: Fixed an integer overflow in MagickCore/quantum-export.c (bsc#1179269). - CVE-2020-27752: Fixed a heap-based buffer overflow in PopShortPixel in MagickCore/quantum-private.h (bsc#1179346). - CVE-2020-27753: Fixed memory leaks in AcquireMagickMemory function (bsc#1179397). - CVE-2020-27754: Fixed an outside the range of representable values of type 'long' and signed integer overflow at MagickCore/quantize.c (bsc#1179336). - CVE-2020-27755: Fixed memory leaks in ResizeMagickMemory function in ImageMagick/MagickCore/memory.c (bsc#1179345). - CVE-2020-27757: Fixed an outside the range of representable values of type 'unsigned long long' at MagickCore/quantum-private.h (bsc#1179268). - CVE-2020-27759: Fixed an outside the range of representable values of type 'int' at MagickCore/quantize.c (bsc#1179313). - CVE-2020-27760: Fixed a division by zero at MagickCore/enhance.c (bsc#1179281). - CVE-2020-27761: Fixed an outside the range of representable values of type 'unsigned long' at coders/palm.c (bsc#1179315). - CVE-2020-27762: Fixed an outside the range of representable values of type 'unsigned char' (bsc#1179278). - CVE-2020-27763: Fixed a division by zero at MagickCore/resize.c (bsc#1179312). - CVE-2020-27764: Fixed an outside the range of representable values of type 'unsigned long' at MagickCore/statistic.c (bsc#1179317). - CVE-2020-27765: Fixed a division by zero at MagickCore/segment.c (bsc#1179311). - CVE-2020-27766: Fixed an outside the range of representable values of type 'unsigned long' at MagickCore/statistic.c (bsc#1179361). - CVE-2020-27767: Fixed an outside the range of representable values of type 'float' at MagickCore/quantum.h (bsc#1179322). - CVE-2020-27768: Fixed an outside the range of representable values of type 'unsigned int' at MagickCore/quantum-private.h (bsc#1179339). - CVE-2020-27769: Fixed an outside the range of representable values of type 'float' at MagickCore/quantize.c (bsc#1179321). - CVE-2020-27770: Fixed an unsigned offset overflowed at MagickCore/string.c (bsc#1179343). - CVE-2020-27771: Fixed an outside the range of representable values of type 'unsigned char' at coders/pdf.c (bsc#1179327). - CVE-2020-27772: Fixed an outside the range of representable values of type 'unsigned int' at coders/bmp.c (bsc#1179347). - CVE-2020-27773: Fixed a division by zero at MagickCore/gem-private.h (bsc#1179285). - CVE-2020-27774: Fixed an integer overflow at MagickCore/statistic.c (bsc#1179333). - CVE-2020-27775: Fixed an outside the range of representable values of type 'unsigned char' at MagickCore/quantum.h (bsc#1179338). - CVE-2020-27776: Fixed an outside the range of representable values of type 'unsigned long' at MagickCore/statistic.c (bsc#1179362).
Family:	unix	Class:	patch
Status:		Reference(s):	1065729 1099310 1102840 1104129 1104812 1106061 1106998 1106999 1107033 1107034 1107037 1107038 1107039 1107097 1107107 1108318 1123161 1125674 1126068 1126069 1127034 1128977 1130972 1133185 1133860 1134399 1135335 1135365 1137584 1139358 1139826 1140652 1140903 1140945 1141181 1141401 1141402 1141452 1141453 1141454 1142023 1142254 1142857 1143045 1143048 1143189 1143191 1143333 1144257 1144273 1144288 1144920 1145920 1145922 1146351 1149652 1152457 1157888 1158003 1158004 1158005 1158006 1158007 1160039 1161181 1162002 1164910 1167152 1168140 1168142 1169392 1170011 1170601 1170603 1170618 1171078 1171189 1171191 1171220 1171732 1171863 1171864 1171866 1171988 1172205 1172453 1172458 1172775 1172999 1173280 1173658 1174115 1174415 1174462 1174543 1176756 1177872 1179103 1179202 1179208 1179212 1179223 1179240 1179244 1179260 1179268 1179269 1179278 1179281 1179285 1179311 1179312 1179313 1179315 1179317 1179321 1179322 1179327 1179333 1179336 1179338 1179339 1179343 1179345 1179346 1179347 1179361 1179362 1179397 CVE-2008-0928 CVE-2008-1945 CVE-2008-2382 CVE-2008-4539 CVE-2012-3515 CVE-2013-2001 CVE-2013-4148 CVE-2013-4149 CVE-2013-4150 CVE-2013-4151 CVE-2013-4526 CVE-2013-4527 CVE-2013-4529 CVE-2013-4530 CVE-2013-4531 CVE-2013-4533 CVE-2013-4534 CVE-2013-4535 CVE-2013-4536 CVE-2013-4537 CVE-2013-4538 CVE-2013-4539 CVE-2013-4540 CVE-2013-4541 CVE-2013-4542 CVE-2013-4544 CVE-2013-6399 CVE-2013-7447 CVE-2014-0142 CVE-2014-0143 CVE-2014-0144 CVE-2014-0145 CVE-2014-0146 CVE-2014-0147 CVE-2014-0150 CVE-2014-0182 CVE-2014-0222 CVE-2014-0223 CVE-2014-3461 CVE-2014-3566 CVE-2014-3640 CVE-2014-4975 CVE-2014-7840 CVE-2014-8080 CVE-2014-8090 CVE-2014-8106 CVE-2014-9087 CVE-2015-1779 CVE-2015-1855 CVE-2015-3209 CVE-2015-3456 CVE-2015-3900 CVE-2015-4037 CVE-2015-5154 CVE-2015-5225 CVE-2015-5278 CVE-2015-5279 CVE-2015-5745 CVE-2015-6815 CVE-2015-6855 CVE-2015-7295 CVE-2015-7512 CVE-2015-7549 CVE-2015-7551 CVE-2015-8345 CVE-2015-8504 CVE-2015-8558 CVE-2015-8567 CVE-2015-8568 CVE-2015-8613 CVE-2015-8619 CVE-2015-8743 CVE-2015-8744 CVE-2015-8745 CVE-2016-10028 CVE-2016-10155 CVE-2016-1568 CVE-2016-1714 CVE-2016-1922 CVE-2016-1981 CVE-2016-2198 CVE-2016-2339 CVE-2016-3710 CVE-2016-3712 CVE-2016-4002 CVE-2016-4020 CVE-2016-4439 CVE-2016-4441 CVE-2016-4453 CVE-2016-4454 CVE-2016-4574 CVE-2016-4579 CVE-2016-4952 CVE-2016-4964 CVE-2016-5105 CVE-2016-5106 CVE-2016-5107 CVE-2016-5126 CVE-2016-5238 CVE-2016-5337 CVE-2016-5338 CVE-2016-5403 CVE-2016-6252 CVE-2016-6351 CVE-2016-6490 CVE-2016-6833 CVE-2016-6836 CVE-2016-6855 CVE-2016-6888 CVE-2016-7116 CVE-2016-7155 CVE-2016-7156 CVE-2016-7157 CVE-2016-7161 CVE-2016-7170 CVE-2016-7421 CVE-2016-7422 CVE-2016-7423 CVE-2016-7466 CVE-2016-7907 CVE-2016-7908 CVE-2016-7909 CVE-2016-7994 CVE-2016-7995 CVE-2016-8576 CVE-2016-8577 CVE-2016-8578 CVE-2016-8667 CVE-2016-8668 CVE-2016-8669 CVE-2016-8909 CVE-2016-8910 CVE-2016-9101 CVE-2016-9102 CVE-2016-9103 CVE-2016-9104 CVE-2016-9105 CVE-2016-9106 CVE-2016-9381 CVE-2016-9602 CVE-2016-9776 CVE-2016-9811 CVE-2016-9845 CVE-2016-9846 CVE-2016-9907 CVE-2016-9908 CVE-2016-9911 CVE-2016-9912 CVE-2016-9913 CVE-2016-9921 CVE-2016-9922 CVE-2016-9923 CVE-2017-2615 CVE-2017-2620 CVE-2017-2630 CVE-2017-2633 CVE-2017-5525 CVE-2017-5526 CVE-2017-5552 CVE-2017-5578 CVE-2017-5579 CVE-2017-5667 CVE-2017-5837 CVE-2017-5839 CVE-2017-5842 CVE-2017-5844 CVE-2017-5856 CVE-2017-5857 CVE-2017-5898 CVE-2017-5931 CVE-2017-5973 CVE-2017-5987 CVE-2017-6058 CVE-2017-6505 CVE-2017-7471 CVE-2017-7493 CVE-2017-8112 CVE-2017-8309 CVE-2017-8379 CVE-2017-8380 CVE-2017-9503 CVE-2017-9524 CVE-2018-16391 CVE-2018-16392 CVE-2018-16393 CVE-2018-16418 CVE-2018-16419 CVE-2018-16420 CVE-2018-16422 CVE-2018-16423 CVE-2018-16426 CVE-2018-16427 CVE-2018-20855 CVE-2018-20856 CVE-2018-5740 CVE-2018-5743 CVE-2018-5745 CVE-2019-10207 CVE-2019-1125 CVE-2019-11810 CVE-2019-13631 CVE-2019-13648 CVE-2019-14283 CVE-2019-14284 CVE-2019-15117 CVE-2019-15118 CVE-2019-19577 CVE-2019-19578 CVE-2019-19579 CVE-2019-19580 CVE-2019-19581 CVE-2019-19583 CVE-2019-20810 CVE-2019-20812 CVE-2019-3819 CVE-2019-6465 CVE-2020-0305 CVE-2020-0543 CVE-2020-10135 CVE-2020-10543 CVE-2020-10711 CVE-2020-10732 CVE-2020-10751 CVE-2020-10773 CVE-2020-10878 CVE-2020-11739 CVE-2020-11740 CVE-2020-11741 CVE-2020-11742 CVE-2020-12268 CVE-2020-12723 CVE-2020-12771 CVE-2020-13974 CVE-2020-14416 CVE-2020-15683 CVE-2020-15900 CVE-2020-15969 CVE-2020-19667 CVE-2020-25664 CVE-2020-25665 CVE-2020-25666 CVE-2020-25674 CVE-2020-25675 CVE-2020-25676 CVE-2020-27750 CVE-2020-27751 CVE-2020-27752 CVE-2020-27753 CVE-2020-27754 CVE-2020-27755 CVE-2020-27757 CVE-2020-27759 CVE-2020-27760 CVE-2020-27761 CVE-2020-27762 CVE-2020-27763 CVE-2020-27764 CVE-2020-27765 CVE-2020-27766 CVE-2020-27767 CVE-2020-27768 CVE-2020-27769 CVE-2020-27770 CVE-2020-27771 CVE-2020-27772 CVE-2020-27773 CVE-2020-27774 CVE-2020-27775 CVE-2020-27776 CVE-2020-7211 SUSE-SU-2018:1997-1 SUSE-SU-2018:3622-1 SUSE-SU-2019:2263-1 SUSE-SU-2020:1212-1 SUSE-SU-2020:1630-1 SUSE-SU-2020:1662-1 SUSE-SU-2020:2097-1 SUSE-SU-2020:2152-1 SUSE-SU-2020:3053-1 SUSE-SU-2021:0199-1
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP4-ESPOS SUSE Linux Enterprise Server 12 SP4-LTSS SUSE Linux Enterprise Server 12 SP5 SUSE Linux Enterprise Server for SAP Applications 12 SP5 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND Package Information kernel-debug-4.12.14-lp150.12.67 is installed OR kernel-debug-base-4.12.14-lp150.12.67 is installed OR kernel-debug-devel-4.12.14-lp150.12.67 is installed OR kernel-default-4.12.14-lp150.12.67 is installed OR kernel-default-base-4.12.14-lp150.12.67 is installed OR kernel-default-devel-4.12.14-lp150.12.67 is installed OR kernel-devel-4.12.14-lp150.12.67 is installed OR kernel-docs-4.12.14-lp150.12.67 is installed OR kernel-docs-html-4.12.14-lp150.12.67 is installed OR kernel-kvmsmall-4.12.14-lp150.12.67 is installed OR kernel-kvmsmall-base-4.12.14-lp150.12.67 is installed OR kernel-kvmsmall-devel-4.12.14-lp150.12.67 is installed OR kernel-macros-4.12.14-lp150.12.67 is installed OR kernel-obs-build-4.12.14-lp150.12.67 is installed OR kernel-obs-qa-4.12.14-lp150.12.67 is installed OR kernel-source-4.12.14-lp150.12.67 is installed OR kernel-source-vanilla-4.12.14-lp150.12.67 is installed OR kernel-syms-4.12.14-lp150.12.67 is installed OR kernel-vanilla-4.12.14-lp150.12.67 is installed OR kernel-vanilla-base-4.12.14-lp150.12.67 is installed OR kernel-vanilla-devel-4.12.14-lp150.12.67 is installed
Definition Synopsis
openSUSE Leap 15.1 is installed AND phpMyAdmin-4.9.1-34 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information eog-3.20.4-7 is installed OR eog-lang-3.20.4-7 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information ghostscript-9.52-23.34 is installed OR ghostscript-x11-9.52-23.34 is installed OR libspectre-0.2.7-12.10 is installed OR libspectre1-0.2.7-12.10 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND clamav-0.100.3-33.29 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information ghostscript-9.52-23.39 is installed OR ghostscript-x11-9.52-23.39 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information xen-4.9.4_04-3.53 is installed OR xen-doc-html-4.9.4_04-3.53 is installed OR xen-libs-4.9.4_04-3.53 is installed OR xen-libs-32bit-4.9.4_04-3.53 is installed OR xen-tools-4.9.4_04-3.53 is installed OR xen-tools-domU-4.9.4_04-3.53 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information cpio-2.11-36.3 is installed OR cpio-lang-2.11-36.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4-ESPOS is installed AND Package Information MozillaFirefox-78.1.0-112.8 is installed OR MozillaFirefox-devel-78.1.0-112.8 is installed OR MozillaFirefox-translations-common-78.1.0-112.8 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4-LTSS is installed AND Package Information tomcat-9.0.36-3.42 is installed OR tomcat-admin-webapps-9.0.36-3.42 is installed OR tomcat-docs-webapp-9.0.36-3.42 is installed OR tomcat-el-3_0-api-9.0.36-3.42 is installed OR tomcat-javadoc-9.0.36-3.42 is installed OR tomcat-jsp-2_3-api-9.0.36-3.42 is installed OR tomcat-lib-9.0.36-3.42 is installed OR tomcat-servlet-4_0-api-9.0.36-3.42 is installed OR tomcat-webapps-9.0.36-3.42 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 12 SP5 is installed AND ImageMagick-config-6-SUSE-6.8.8.1-71.154.1 is installed OR ImageMagick-config-6-upstream-6.8.8.1-71.154.1 is installed OR libMagickCore-6_Q16-1-6.8.8.1-71.154.1 is installed OR libMagickWand-6_Q16-1-6.8.8.1-71.154.1 is installed OR Package Information SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed AND ImageMagick-config-6-SUSE-6.8.8.1-71.154.1 is installed OR ImageMagick-config-6-upstream-6.8.8.1-71.154.1 is installed OR libMagickCore-6_Q16-1-6.8.8.1-71.154.1 is installed OR libMagickWand-6_Q16-1-6.8.8.1-71.154.1 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND Package Information kernel-default-4.4.180-94.103 is installed OR kernel-default-base-4.4.180-94.103 is installed OR kernel-default-devel-4.4.180-94.103 is installed OR kernel-devel-4.4.180-94.103 is installed OR kernel-macros-4.4.180-94.103 is installed OR kernel-source-4.4.180-94.103 is installed OR kernel-syms-4.4.180-94.103 is installed OR kgraft-patch-4_4_180-94_103-default-1-4.3 is installed OR kgraft-patch-SLE12-SP3_Update_28-1-4.3 is installed
Definition Synopsis
SUSE OpenStack Cloud 9 is installed AND Package Information libpython3_4m1_0-3.4.10-25.52 is installed OR python3-3.4.10-25.52 is installed OR python3-base-3.4.10-25.52 is installed OR python3-curses-3.4.10-25.52 is installed OR python3-devel-3.4.10-25.52 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information MozillaFirefox-78.4.0-112.28 is installed OR MozillaFirefox-devel-78.4.0-112.28 is installed OR MozillaFirefox-translations-common-78.4.0-112.28 is installed

BACK