Oval Definition:oval:org.opensuse.security:def:61078
Revision Date:2021-01-22Version:1
Title:Security update for ImageMagick (Important)
Description:

This update for ImageMagick fixes the following issues:

- CVE-2020-19667: Fixed a stack buffer overflow in XPM coder could result in a crash (bsc#1179103). - CVE-2020-25664: Fixed a heap-based buffer overflow in PopShortPixel (bsc#1179202). - CVE-2020-25665: Fixed a heap-based buffer overflow in WritePALMImage (bsc#1179208). - CVE-2020-25666: Fixed an outside the range of representable values of type 'int' and signed integer overflow (bsc#1179212). - CVE-2020-25674: Fixed a heap-based buffer overflow in WriteOnePNGImage (bsc#1179223). - CVE-2020-25675: Fixed an outside the range of representable values of type 'long' and integer overflow (bsc#1179240). - CVE-2020-25676: Fixed an outside the range of representable values of type 'long' and integer overflow at MagickCore/pixel.c (bsc#1179244). - CVE-2020-27750: Fixed an division by zero in MagickCore/colorspace-private.h (bsc#1179260). - CVE-2020-27751: Fixed an integer overflow in MagickCore/quantum-export.c (bsc#1179269). - CVE-2020-27752: Fixed a heap-based buffer overflow in PopShortPixel in MagickCore/quantum-private.h (bsc#1179346). - CVE-2020-27753: Fixed memory leaks in AcquireMagickMemory function (bsc#1179397). - CVE-2020-27754: Fixed an outside the range of representable values of type 'long' and signed integer overflow at MagickCore/quantize.c (bsc#1179336). - CVE-2020-27755: Fixed memory leaks in ResizeMagickMemory function in ImageMagick/MagickCore/memory.c (bsc#1179345). - CVE-2020-27757: Fixed an outside the range of representable values of type 'unsigned long long' at MagickCore/quantum-private.h (bsc#1179268). - CVE-2020-27759: Fixed an outside the range of representable values of type 'int' at MagickCore/quantize.c (bsc#1179313). - CVE-2020-27760: Fixed a division by zero at MagickCore/enhance.c (bsc#1179281). - CVE-2020-27761: Fixed an outside the range of representable values of type 'unsigned long' at coders/palm.c (bsc#1179315). - CVE-2020-27762: Fixed an outside the range of representable values of type 'unsigned char' (bsc#1179278). - CVE-2020-27763: Fixed a division by zero at MagickCore/resize.c (bsc#1179312). - CVE-2020-27764: Fixed an outside the range of representable values of type 'unsigned long' at MagickCore/statistic.c (bsc#1179317). - CVE-2020-27765: Fixed a division by zero at MagickCore/segment.c (bsc#1179311). - CVE-2020-27766: Fixed an outside the range of representable values of type 'unsigned long' at MagickCore/statistic.c (bsc#1179361). - CVE-2020-27767: Fixed an outside the range of representable values of type 'float' at MagickCore/quantum.h (bsc#1179322). - CVE-2020-27768: Fixed an outside the range of representable values of type 'unsigned int' at MagickCore/quantum-private.h (bsc#1179339). - CVE-2020-27769: Fixed an outside the range of representable values of type 'float' at MagickCore/quantize.c (bsc#1179321). - CVE-2020-27770: Fixed an unsigned offset overflowed at MagickCore/string.c (bsc#1179343). - CVE-2020-27771: Fixed an outside the range of representable values of type 'unsigned char' at coders/pdf.c (bsc#1179327). - CVE-2020-27772: Fixed an outside the range of representable values of type 'unsigned int' at coders/bmp.c (bsc#1179347). - CVE-2020-27773: Fixed a division by zero at MagickCore/gem-private.h (bsc#1179285). - CVE-2020-27774: Fixed an integer overflow at MagickCore/statistic.c (bsc#1179333). - CVE-2020-27775: Fixed an outside the range of representable values of type 'unsigned char' at MagickCore/quantum.h (bsc#1179338). - CVE-2020-27776: Fixed an outside the range of representable values of type 'unsigned long' at MagickCore/statistic.c (bsc#1179362).
Family:unixClass:patch
Status:Reference(s):1012382
1013708
1013712
1013893
1015171
1015173
1042948
1044189
1044970
1049373
1051412
1052252
1052771
1054094
1056088
1056090
1056093
1056095
1056097
1056101
1056105
1057357
1058082
1061310
1063026
1066223
1072902
1074122
1074425
1074610
1082060
1082290
1082484
1082863
1082979
1084427
1084536
1087209
1088087
1090535
1091815
1094244
1094555
1094562
1095344
1095753
1096547
1099810
1102495
1102715
1102870
1102875
1102877
1102879
1102882
1102896
1103156
1103269
1106095
1106434
1106512
1106594
1106934
1107924
1108096
1108170
1108240
1108399
1108803
1108823
1109333
1109336
1109337
1109441
1110297
1110337
1138743
1144903
1146569
1146571
1146572
1146702
1153108
1153158
1153161
1154849
1156146
1156323
1156324
1156326
1156328
1156329
1162687
1162689
1162691
1168630
1171477
1171930
1173377
1173378
1173380
1174253
1174543
1174922
1174923
1176409
1176412
1179103
1179202
1179208
1179212
1179223
1179240
1179244
1179260
1179268
1179269
1179278
1179281
1179285
1179311
1179312
1179313
1179315
1179317
1179321
1179322
1179327
1179333
1179336
1179338
1179339
1179343
1179345
1179346
1179347
1179361
1179362
1179397
CVE-2016-9797
CVE-2016-9798
CVE-2016-9802
CVE-2016-9917
CVE-2016-9918
CVE-2017-1000445
CVE-2017-1000476
CVE-2017-11449
CVE-2017-11751
CVE-2017-12430
CVE-2017-12642
CVE-2017-13738
CVE-2017-13739
CVE-2017-13740
CVE-2017-13741
CVE-2017-13743
CVE-2017-13744
CVE-2017-14249
CVE-2017-14970
CVE-2017-17680
CVE-2017-17882
CVE-2017-9409
CVE-2018-14613
CVE-2018-14617
CVE-2018-16276
CVE-2018-16597
CVE-2018-17182
CVE-2018-7409
CVE-2018-7480
CVE-2018-7485
CVE-2018-7757
CVE-2019-10220
CVE-2019-12523
CVE-2019-12526
CVE-2019-12528
CVE-2019-14818
CVE-2019-14834
CVE-2019-15142
CVE-2019-15143
CVE-2019-15144
CVE-2019-15145
CVE-2019-17133
CVE-2019-18676
CVE-2019-18677
CVE-2019-18678
CVE-2019-18679
CVE-2020-10722
CVE-2020-12673
CVE-2020-12674
CVE-2020-14392
CVE-2020-14393
CVE-2020-15563
CVE-2020-15565
CVE-2020-15567
CVE-2020-15803
CVE-2020-19667
CVE-2020-25664
CVE-2020-25665
CVE-2020-25666
CVE-2020-25674
CVE-2020-25675
CVE-2020-25676
CVE-2020-27750
CVE-2020-27751
CVE-2020-27752
CVE-2020-27753
CVE-2020-27754
CVE-2020-27755
CVE-2020-27757
CVE-2020-27759
CVE-2020-27760
CVE-2020-27761
CVE-2020-27762
CVE-2020-27763
CVE-2020-27764
CVE-2020-27765
CVE-2020-27766
CVE-2020-27767
CVE-2020-27768
CVE-2020-27769
CVE-2020-27770
CVE-2020-27771
CVE-2020-27772
CVE-2020-27773
CVE-2020-27774
CVE-2020-27775
CVE-2020-27776
CVE-2020-6819
CVE-2020-6820
CVE-2020-8449
CVE-2020-8450
CVE-2020-8517
SUSE-SU-2017:2570-1
SUSE-SU-2017:3232-1
SUSE-SU-2018:0055-1
SUSE-SU-2018:1832-1
SUSE-SU-2018:3003-1
SUSE-SU-2019:1339-1
SUSE-SU-2020:0419-1
SUSE-SU-2020:0928-1
SUSE-SU-2020:2194-1
SUSE-SU-2020:2661-1
SUSE-SU-2021:0199-1
Platform(s):openSUSE Leap 15.1
openSUSE Leap 15.2
SUSE Linux Enterprise Desktop 12 SP5
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 12 SP4-ESPOS
SUSE Linux Enterprise Server 12 SP4-LTSS
SUSE Linux Enterprise Server 12 SP5
SUSE Linux Enterprise Server for SAP Applications 12 SP5
SUSE Linux Enterprise Workstation Extension 12 SP5
SUSE OpenStack Cloud 9
SUSE OpenStack Cloud Crowbar 8
SUSE OpenStack Cloud Crowbar 9
Product(s):
Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • MozillaFirefox-60.7.2-lp151.2.7 is installed
  • OR MozillaFirefox-branding-upstream-60.7.2-lp151.2.7 is installed
  • OR MozillaFirefox-buildsymbols-60.7.2-lp151.2.7 is installed
  • OR MozillaFirefox-devel-60.7.2-lp151.2.7 is installed
  • OR MozillaFirefox-translations-common-60.7.2-lp151.2.7 is installed
  • OR MozillaFirefox-translations-other-60.7.2-lp151.2.7 is installed
    • Definition Synopsis
  • openSUSE Leap 15.2 is installed
  • AND Package Information
  • apache2-mod_php7-7.4.6-lp152.2.6 is installed
  • OR php7-7.4.6-lp152.2.6 is installed
  • OR php7-bcmath-7.4.6-lp152.2.6 is installed
  • OR php7-bz2-7.4.6-lp152.2.6 is installed
  • OR php7-calendar-7.4.6-lp152.2.6 is installed
  • OR php7-ctype-7.4.6-lp152.2.6 is installed
  • OR php7-curl-7.4.6-lp152.2.6 is installed
  • OR php7-dba-7.4.6-lp152.2.6 is installed
  • OR php7-devel-7.4.6-lp152.2.6 is installed
  • OR php7-dom-7.4.6-lp152.2.6 is installed
  • OR php7-embed-7.4.6-lp152.2.6 is installed
  • OR php7-enchant-7.4.6-lp152.2.6 is installed
  • OR php7-exif-7.4.6-lp152.2.6 is installed
  • OR php7-fastcgi-7.4.6-lp152.2.6 is installed
  • OR php7-fileinfo-7.4.6-lp152.2.6 is installed
  • OR php7-firebird-7.4.6-lp152.2.6 is installed
  • OR php7-fpm-7.4.6-lp152.2.6 is installed
  • OR php7-ftp-7.4.6-lp152.2.6 is installed
  • OR php7-gd-7.4.6-lp152.2.6 is installed
  • OR php7-gettext-7.4.6-lp152.2.6 is installed
  • OR php7-gmp-7.4.6-lp152.2.6 is installed
  • OR php7-iconv-7.4.6-lp152.2.6 is installed
  • OR php7-intl-7.4.6-lp152.2.6 is installed
  • OR php7-json-7.4.6-lp152.2.6 is installed
  • OR php7-ldap-7.4.6-lp152.2.6 is installed
  • OR php7-mbstring-7.4.6-lp152.2.6 is installed
  • OR php7-mysql-7.4.6-lp152.2.6 is installed
  • OR php7-odbc-7.4.6-lp152.2.6 is installed
  • OR php7-opcache-7.4.6-lp152.2.6 is installed
  • OR php7-openssl-7.4.6-lp152.2.6 is installed
  • OR php7-pcntl-7.4.6-lp152.2.6 is installed
  • OR php7-pdo-7.4.6-lp152.2.6 is installed
  • OR php7-pgsql-7.4.6-lp152.2.6 is installed
  • OR php7-phar-7.4.6-lp152.2.6 is installed
  • OR php7-posix-7.4.6-lp152.2.6 is installed
  • OR php7-readline-7.4.6-lp152.2.6 is installed
  • OR php7-shmop-7.4.6-lp152.2.6 is installed
  • OR php7-snmp-7.4.6-lp152.2.6 is installed
  • OR php7-soap-7.4.6-lp152.2.6 is installed
  • OR php7-sockets-7.4.6-lp152.2.6 is installed
  • OR php7-sodium-7.4.6-lp152.2.6 is installed
  • OR php7-sqlite-7.4.6-lp152.2.6 is installed
  • OR php7-sysvmsg-7.4.6-lp152.2.6 is installed
  • OR php7-sysvsem-7.4.6-lp152.2.6 is installed
  • OR php7-sysvshm-7.4.6-lp152.2.6 is installed
  • OR php7-test-7.4.6-lp152.2.6 is installed
  • OR php7-tidy-7.4.6-lp152.2.6 is installed
  • OR php7-tokenizer-7.4.6-lp152.2.6 is installed
  • OR php7-xmlreader-7.4.6-lp152.2.6 is installed
  • OR php7-xmlrpc-7.4.6-lp152.2.6 is installed
  • OR php7-xmlwriter-7.4.6-lp152.2.6 is installed
  • OR php7-xsl-7.4.6-lp152.2.6 is installed
  • OR php7-zip-7.4.6-lp152.2.6 is installed
  • OR php7-zlib-7.4.6-lp152.2.6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 12 SP5 is installed
  • AND Package Information
  • ImageMagick-6.8.8.1-71.154.1 is installed
  • OR libMagick++-6_Q16-3-6.8.8.1-71.154.1 is installed
  • OR libMagickCore-6_Q16-1-32bit-6.8.8.1-71.154.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • liblouis-2.6.4-6.3 is installed
  • OR liblouis-data-2.6.4-6.3 is installed
  • OR liblouis9-2.6.4-6.3 is installed
  • OR python-louis-2.6.4-6.3 is installed
  • OR python3-louis-2.6.4-6.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • dpdk-16.11.9-8.15 is installed
  • OR dpdk-kmp-default-16.11.9_k4.4.180_94.127-8.15 is installed
  • OR dpdk-tools-16.11.9-8.15 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • kgraft-patch-4_4_162-94_69-default-7-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_21-7-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND perl-DBI-1.628-5.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • djvulibre-3.5.25.3-5.3 is installed
  • OR libdjvulibre21-3.5.25.3-5.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • fontconfig-2.11.1-7 is installed
  • OR fontconfig-32bit-2.11.1-7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4-ESPOS is installed
  • AND Package Information
  • libX11-1.6.2-12.12 is installed
  • OR libX11-6-1.6.2-12.12 is installed
  • OR libX11-6-32bit-1.6.2-12.12 is installed
  • OR libX11-data-1.6.2-12.12 is installed
  • OR libX11-xcb1-1.6.2-12.12 is installed
  • OR libX11-xcb1-32bit-1.6.2-12.12 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4-LTSS is installed
  • AND Package Information
  • libxerces-c-3_1-3.1.1-13.3 is installed
  • OR libxerces-c-3_1-32bit-3.1.1-13.3 is installed
  • OR xerces-c-3.1.1-13.3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 9 is installed
  • AND Package Information
  • dovecot22-2.2.31-19.22 is installed
  • OR dovecot22-backend-mysql-2.2.31-19.22 is installed
  • OR dovecot22-backend-pgsql-2.2.31-19.22 is installed
  • OR dovecot22-backend-sqlite-2.2.31-19.22 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • dnsmasq-2.78-18.12 is installed
  • OR dnsmasq-utils-2.78-18.12 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 9 is installed
  • AND Package Information
  • ruby2.1-rubygem-rails-html-sanitizer-1.0.3-8.8 is installed
  • OR rubygem-rails-html-sanitizer-1.0.3-8.8 is installed
    • BACK