Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2016:2075-1

Опубликовано: 15 авг. 2016
Источник: suse-cvrf

Описание

Security update for ImageMagick

This update for ImageMagick fixes the following issues:

  • security update:
    • CVE-2016-6520: buffer overflow [bsc#991872]
    • CVE-2016-6491: Out-of-bounds read in CopyMagickMemory [bsc#991445]

Список пакетов

SUSE Linux Enterprise Server 11 SP4
libMagickCore1-6.4.3.6-7.48.1
libMagickCore1-32bit-6.4.3.6-7.48.1
SUSE Linux Enterprise Server for SAP Applications 11 SP4
libMagickCore1-6.4.3.6-7.48.1
libMagickCore1-32bit-6.4.3.6-7.48.1
SUSE Linux Enterprise Software Development Kit 11 SP4
ImageMagick-6.4.3.6-7.48.1
ImageMagick-devel-6.4.3.6-7.48.1
libMagick++-devel-6.4.3.6-7.48.1
libMagick++1-6.4.3.6-7.48.1
libMagickWand1-6.4.3.6-7.48.1
libMagickWand1-32bit-6.4.3.6-7.48.1
perl-PerlMagick-6.4.3.6-7.48.1

Ссылки

Описание

Buffer overflow in the Get8BIMProperty function in MagickCore/property.c in ImageMagick before 6.9.5-4 and 7.x before 7.0.2-6 allows remote attackers to cause a denial of service (out-of-bounds read, memory leak, and crash) via a crafted image.

Затронутые продукты
SUSE Linux Enterprise Server 11 SP4:libMagickCore1-32bit-6.4.3.6-7.48.1
SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-7.48.1
SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-32bit-6.4.3.6-7.48.1
SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-7.48.1
Ссылки

Описание

Buffer overflow in MagickCore/enhance.c in ImageMagick before 7.0.2-7 allows remote attackers to have unspecified impact via vectors related to pixel cache morphology.

Затронутые продукты
SUSE Linux Enterprise Server 11 SP4:libMagickCore1-32bit-6.4.3.6-7.48.1
SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-7.48.1
SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-32bit-6.4.3.6-7.48.1
SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-7.48.1
Ссылки