Oval Definition:oval:org.opensuse.security:def:79119
Revision Date:2017-11-08Version:1
Title:Security update for ImageMagick (Moderate)
Description:





This update for ImageMagick fixes the following issues:

Security issues fixed:

CVE-2017-15033: A denial of service attack (memory leak) was fixed in ReadYUVImage in coders/yuv.c [bsc#1061873] * CVE-2017-11446: An infinite loop in ReadPESImage was fixed. (bsc#1049379) * CVE-2017-12433: A memory leak in ReadPESImage in coders/pes.c was fixed. (bsc#1052545) * CVE-2017-12428: A memory leak in ReadWMFImage in coders/wmf.c was fixed. (bsc#1052249) * CVE-2017-12431: A use-after-free in ReadWMFImage was fixed. (bsc#1052253) * CVE-2017-11534: A memory leak in the lite_font_map() in coders/wmf.c was fixed. (bsc#1050135) * CVE-2017-13133: A memory exhaustion in load_level function in coders/xcf.c was fixed. (bsc#1055219) * CVE-2017-13139: A out-of-bounds read in the ReadOneMNGImage was fixed. (bsc#1055430)

This update also reverts an incorrect fix for CVE-2016-7530 [bsc#1054924].
Family:unixClass:patch
Status:Reference(s):1049379
1050135
1052249
1052253
1052545
1054924
1055219
1055430
1061873
CVE-2016-7530
CVE-2017-11446
CVE-2017-11534
CVE-2017-12428
CVE-2017-12431
CVE-2017-12433
CVE-2017-13133
CVE-2017-13139
CVE-2017-15033
SUSE-SU-2017:2949-1
Platform(s):SUSE Linux Enterprise Desktop 12 SP3
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND Package Information
  • ImageMagick-6.8.8.1-71.12.1 is installed
  • OR libMagick++-6_Q16-3-6.8.8.1-71.12.1 is installed
  • OR libMagickCore-6_Q16-1-6.8.8.1-71.12.1 is installed
  • OR libMagickCore-6_Q16-1-32bit-6.8.8.1-71.12.1 is installed
  • OR libMagickWand-6_Q16-1-6.8.8.1-71.12.1 is installed
    • BACK