Oval Definition:oval:org.opensuse.security:def:74282
Revision Date:2021-01-15Version:1
Title:Security update for ImageMagick (Moderate)
Description:

This update for ImageMagick fixes the following issues:

- CVE-2020-25664: Fixed a heap-based buffer overflow in PopShortPixel (bsc#1179202). - CVE-2020-25665: Fixed a heap-based buffer overflow in WritePALMImage (bsc#1179208). - CVE-2020-25666: Fixed an outside the range of representable values of type 'int' and signed integer overflow (bsc#1179212). - CVE-2020-25674: Fixed a heap-based buffer overflow in WriteOnePNGImage (bsc#1179223). - CVE-2020-25675: Fixed an outside the range of representable values of type 'long' and integer overflow (bsc#1179240). - CVE-2020-25676: Fixed an outside the range of representable values of type 'long' and integer overflow at MagickCore/pixel.c (bsc#1179244). - CVE-2020-27750: Fixed a division by zero in MagickCore/colorspace-private.h (bsc#1179260). - CVE-2020-27751: Fixed an integer overflow in MagickCore/quantum-export.c (bsc#1179269). - CVE-2020-27752: Fixed a heap-based buffer overflow in PopShortPixel in MagickCore/quantum-private.h (bsc#1179346). - CVE-2020-27752: Fixed a heap-based buffer overflow in PopShortPixel in MagickCore/quantum-private.h (bsc#1179346). - CVE-2020-27753: Fixed memory leaks in AcquireMagickMemory function (bsc#1179397). - CVE-2020-27755: Fixed memory leaks in ResizeMagickMemory function in ImageMagick/MagickCore/memory.c (bsc#1179345). - CVE-2020-27756: Fixed a division by zero at MagickCore/geometry.c (bsc#1179221). - CVE-2020-27757: Fixed an outside the range of representable values of type 'unsigned long long' at MagickCore/quantum-private.h (bsc#1179268). - CVE-2020-27758: Fixed an outside the range of representable values of type 'unsigned long long' (bsc#1179276). - CVE-2020-27759: Fixed an outside the range of representable values of type 'int' at MagickCore/quantize.c (bsc#1179313). - CVE-2020-27760: Fixed a division by zero at MagickCore/enhance.c (bsc#1179281). - CVE-2020-27761: Fixed an outside the range of representable values of type 'unsigned long' at coders/palm.c (bsc#1179315). - CVE-2020-27762: Fixed an outside the range of representable values of type 'unsigned char' (bsc#1179278). - CVE-2020-27763: Fixed a division by zero at MagickCore/resize.c (bsc#1179312). - CVE-2020-27764: Fixed an outside the range of representable values of type 'unsigned long' at MagickCore/statistic.c (bsc#1179317). - CVE-2020-27765: Fixed a division by zero at MagickCore/segment.c (bsc#1179311). - CVE-2020-27766: Fixed an outside the range of representable values of type 'unsigned long' at MagickCore/statistic.c (bsc#1179361). - CVE-2020-27767: Fixed an outside the range of representable values of type 'float' at MagickCore/quantum.h (bsc#1179322). - CVE-2020-27768: Fixed an outside the range of representable values of type 'unsigned int' at MagickCore/quantum-private.h (bsc#1179339). - CVE-2020-27770: Fixed an unsigned offset overflowed at MagickCore/string.c (bsc#1179343). - CVE-2020-27771: Fixed an outside the range of representable values of type 'unsigned char' at coders/pdf.c (bsc#1179327). - CVE-2020-27772: Fixed an outside the range of representable values of type 'unsigned int' at coders/bmp.c (bsc#1179347). - CVE-2020-27773: Fixed a division by zero at MagickCore/gem-private.h (bsc#1179285). - CVE-2020-27774: Fixed an integer overflow at MagickCore/statistic.c (bsc#1179333). - CVE-2020-27775: Fixed an outside the range of representable values of type 'unsigned char' at MagickCore/quantum.h (bsc#1179338). - CVE-2020-27776: Fixed an outside the range of representable values of type 'unsigned long' at MagickCore/statistic.c (bsc#1179362). - CVE-2020-29599: Fixed a shell command injection in -authenticate (bsc#1179753).
Family:unixClass:patch
Status:Reference(s):1133291
1135715
1145095
1146360
1151793
1179202
1179208
1179212
1179221
1179223
1179240
1179244
1179260
1179268
1179269
1179276
1179278
1179281
1179285
1179311
1179312
1179313
1179315
1179317
1179321
1179322
1179327
1179333
1179336
1179338
1179339
1179343
1179345
1179346
1179347
1179361
1179362
1179397
1179753
CVE-2019-11041
CVE-2019-11042
CVE-2019-6237
CVE-2019-8571
CVE-2019-8583
CVE-2019-8584
CVE-2019-8586
CVE-2019-8587
CVE-2019-8594
CVE-2019-8595
CVE-2019-8596
CVE-2019-8597
CVE-2019-8601
CVE-2019-8607
CVE-2019-8608
CVE-2019-8609
CVE-2019-8610
CVE-2019-8611
CVE-2019-8615
CVE-2019-8619
CVE-2019-8622
CVE-2019-8623
CVE-2020-25664
CVE-2020-25665
CVE-2020-25666
CVE-2020-25674
CVE-2020-25675
CVE-2020-25676
CVE-2020-27750
CVE-2020-27751
CVE-2020-27752
CVE-2020-27753
CVE-2020-27754
CVE-2020-27755
CVE-2020-27756
CVE-2020-27757
CVE-2020-27758
CVE-2020-27759
CVE-2020-27760
CVE-2020-27761
CVE-2020-27762
CVE-2020-27763
CVE-2020-27764
CVE-2020-27765
CVE-2020-27766
CVE-2020-27767
CVE-2020-27768
CVE-2020-27769
CVE-2020-27770
CVE-2020-27771
CVE-2020-27772
CVE-2020-27773
CVE-2020-27774
CVE-2020-27775
CVE-2020-27776
CVE-2020-29599
openSUSE-SU-2019:1766-1
SUSE-SU-2021:0153-1
Platform(s):openSUSE Leap 15.1
SUSE Linux Enterprise Desktop 15 SP2
SUSE Linux Enterprise High Performance Computing 15 SP2
SUSE Linux Enterprise Module for Desktop Applications 15 SP2
SUSE Linux Enterprise Server 15 SP2
SUSE Linux Enterprise Server for SAP Applications 15 SP2
SUSE Linux Enterprise Storage 7
SUSE Manager Proxy 4.1
SUSE Manager Server 4.1
Product(s):
Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • libjavascriptcoregtk-4_0-18-2.24.2-lp151.2.3 is installed
  • OR libjavascriptcoregtk-4_0-18-32bit-2.24.2-lp151.2.3 is installed
  • OR libwebkit2gtk-4_0-37-2.24.2-lp151.2.3 is installed
  • OR libwebkit2gtk-4_0-37-32bit-2.24.2-lp151.2.3 is installed
  • OR libwebkit2gtk3-lang-2.24.2-lp151.2.3 is installed
  • OR typelib-1_0-JavaScriptCore-4_0-2.24.2-lp151.2.3 is installed
  • OR typelib-1_0-WebKit2-4_0-2.24.2-lp151.2.3 is installed
  • OR typelib-1_0-WebKit2WebExtension-4_0-2.24.2-lp151.2.3 is installed
  • OR webkit-jsc-4-2.24.2-lp151.2.3 is installed
  • OR webkit2gtk-4_0-injected-bundles-2.24.2-lp151.2.3 is installed
  • OR webkit2gtk3-2.24.2-lp151.2.3 is installed
  • OR webkit2gtk3-devel-2.24.2-lp151.2.3 is installed
  • OR webkit2gtk3-minibrowser-2.24.2-lp151.2.3 is installed
  • OR webkit2gtk3-plugin-process-gtk2-2.24.2-lp151.2.3 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Module for Desktop Applications 15 SP2 is installed
  • AND Package Information
  • ImageMagick-7.0.7.34-10.9.1 is installed
  • OR ImageMagick-config-7-SUSE-7.0.7.34-10.9.1 is installed
  • OR ImageMagick-config-7-upstream-7.0.7.34-10.9.1 is installed
  • OR ImageMagick-devel-7.0.7.34-10.9.1 is installed
  • OR libMagick++-7_Q16HDRI4-7.0.7.34-10.9.1 is installed
  • OR libMagick++-devel-7.0.7.34-10.9.1 is installed
  • OR libMagickCore-7_Q16HDRI6-7.0.7.34-10.9.1 is installed
  • OR libMagickWand-7_Q16HDRI6-7.0.7.34-10.9.1 is installed
  • BACK