Описание
Security update for ImageMagick
This update for ImageMagick fixes the following issues:
Security issue fixed:
- CVE-2019-19948: Fixed a heap-based buffer overflow in WriteSGIImage() (bsc#1159861).
- CVE-2019-19949: Fixed a heap-based buffer over-read in WritePNGImage() (bsc#1160369).
Non-security issue fixed:
- Fixed an issue where converting tiff to png would lead to unviewable files (bsc#1161194).
Список пакетов
SUSE Linux Enterprise Module for Desktop Applications 15
ImageMagick-7.0.7.34-3.79.1
ImageMagick-config-7-SUSE-7.0.7.34-3.79.1
ImageMagick-config-7-upstream-7.0.7.34-3.79.1
ImageMagick-devel-7.0.7.34-3.79.1
libMagick++-7_Q16HDRI4-7.0.7.34-3.79.1
libMagick++-devel-7.0.7.34-3.79.1
libMagickCore-7_Q16HDRI6-7.0.7.34-3.79.1
libMagickWand-7_Q16HDRI6-7.0.7.34-3.79.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP1
ImageMagick-7.0.7.34-3.79.1
ImageMagick-config-7-SUSE-7.0.7.34-3.79.1
ImageMagick-devel-7.0.7.34-3.79.1
libMagick++-7_Q16HDRI4-7.0.7.34-3.79.1
libMagick++-devel-7.0.7.34-3.79.1
libMagickCore-7_Q16HDRI6-7.0.7.34-3.79.1
libMagickWand-7_Q16HDRI6-7.0.7.34-3.79.1
SUSE Linux Enterprise Module for Development Tools 15
perl-PerlMagick-7.0.7.34-3.79.1
SUSE Linux Enterprise Module for Development Tools 15 SP1
perl-PerlMagick-7.0.7.34-3.79.1
Ссылки
- Link for SUSE-SU-2020:0275-1
- E-Mail link for SUSE-SU-2020:0275-1
- SUSE Security Ratings
- SUSE Bug 1159861
- SUSE Bug 1160369
- SUSE Bug 1161194
- SUSE CVE CVE-2019-19948 page
- SUSE CVE CVE-2019-19949 page
Описание
In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer overflow in the function WriteSGIImage of coders/sgi.c.
Затронутые продукты
SUSE Linux Enterprise Module for Desktop Applications 15 SP1:ImageMagick-7.0.7.34-3.79.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP1:ImageMagick-config-7-SUSE-7.0.7.34-3.79.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP1:ImageMagick-devel-7.0.7.34-3.79.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP1:libMagick++-7_Q16HDRI4-7.0.7.34-3.79.1
Ссылки
- CVE-2019-19948
- SUSE Bug 1159861
Описание
In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WritePNGImage of coders/png.c, related to Magick_png_write_raw_profile and LocaleNCompare.
Затронутые продукты
SUSE Linux Enterprise Module for Desktop Applications 15 SP1:ImageMagick-7.0.7.34-3.79.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP1:ImageMagick-config-7-SUSE-7.0.7.34-3.79.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP1:ImageMagick-devel-7.0.7.34-3.79.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP1:libMagick++-7_Q16HDRI4-7.0.7.34-3.79.1
Ссылки
- CVE-2019-19949
- SUSE Bug 1160369