Описание
Security update for ImageMagick
This update for ImageMagick fixes the following issues:
Security issues fixed:
- CVE-2018-18024: Fixed an infinite loop in the ReadBMPImage function. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file. (bsc#1111069)
- CVE-2018-18016: Fixed a memory leak in WritePCXImage (bsc#1111072).
- CVE-2018-17966: Fixed a memory leak in WritePDBImage (bsc#1110746).
Non security issues fixed:
- Fixed -morphology EdgeIn output (bsc#1106254)
Список пакетов
SUSE Linux Enterprise Module for Desktop Applications 15
ImageMagick-7.0.7.34-3.34.3
ImageMagick-devel-7.0.7.34-3.34.3
libMagick++-7_Q16HDRI4-7.0.7.34-3.34.3
libMagick++-devel-7.0.7.34-3.34.3
libMagickCore-7_Q16HDRI6-7.0.7.34-3.34.3
libMagickWand-7_Q16HDRI6-7.0.7.34-3.34.3
SUSE Linux Enterprise Module for Development Tools 15
perl-PerlMagick-7.0.7.34-3.34.3
Ссылки
- Link for SUSE-SU-2018:3753-1
- E-Mail link for SUSE-SU-2018:3753-1
- SUSE Security Ratings
- SUSE Bug 1106254
- SUSE Bug 1110746
- SUSE Bug 1111069
- SUSE Bug 1111072
- SUSE CVE CVE-2018-17966 page
- SUSE CVE CVE-2018-18016 page
- SUSE CVE CVE-2018-18024 page
Описание
ImageMagick 7.0.7-28 has a memory leak vulnerability in WritePDBImage in coders/pdb.c.
Затронутые продукты
SUSE Linux Enterprise Module for Desktop Applications 15:ImageMagick-7.0.7.34-3.34.3
SUSE Linux Enterprise Module for Desktop Applications 15:ImageMagick-devel-7.0.7.34-3.34.3
SUSE Linux Enterprise Module for Desktop Applications 15:libMagick++-7_Q16HDRI4-7.0.7.34-3.34.3
SUSE Linux Enterprise Module for Desktop Applications 15:libMagick++-devel-7.0.7.34-3.34.3
Ссылки
- CVE-2018-17966
- SUSE Bug 1110746
- SUSE Bug 1117463
Описание
ImageMagick 7.0.7-28 has a memory leak vulnerability in WritePCXImage in coders/pcx.c.
Затронутые продукты
SUSE Linux Enterprise Module for Desktop Applications 15:ImageMagick-7.0.7.34-3.34.3
SUSE Linux Enterprise Module for Desktop Applications 15:ImageMagick-devel-7.0.7.34-3.34.3
SUSE Linux Enterprise Module for Desktop Applications 15:libMagick++-7_Q16HDRI4-7.0.7.34-3.34.3
SUSE Linux Enterprise Module for Desktop Applications 15:libMagick++-devel-7.0.7.34-3.34.3
Ссылки
- CVE-2018-18016
- SUSE Bug 1111072
- SUSE Bug 1117463
Описание
In ImageMagick 7.0.8-13 Q16, there is an infinite loop in the ReadBMPImage function of the coders/bmp.c file. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file.
Затронутые продукты
SUSE Linux Enterprise Module for Desktop Applications 15:ImageMagick-7.0.7.34-3.34.3
SUSE Linux Enterprise Module for Desktop Applications 15:ImageMagick-devel-7.0.7.34-3.34.3
SUSE Linux Enterprise Module for Desktop Applications 15:libMagick++-7_Q16HDRI4-7.0.7.34-3.34.3
SUSE Linux Enterprise Module for Desktop Applications 15:libMagick++-devel-7.0.7.34-3.34.3
Ссылки
- CVE-2018-18024
- SUSE Bug 1111069
- SUSE Bug 1117463