SUSE-SU-2021:3996-1

Опубликовано: 10 дек. 2021

Источник: suse-cvrf

Описание

Security update for ImageMagick

This update for ImageMagick fixes the following issues:

CVE-2021-20176: Fixed division by zero caused by processing crafted file (bsc#1181836).

Список пакетов

SUSE Linux Enterprise Module for Desktop Applications 15 SP2

ImageMagick-7.0.7.34-10.18.1

ImageMagick-config-7-SUSE-7.0.7.34-10.18.1

ImageMagick-config-7-upstream-7.0.7.34-10.18.1

ImageMagick-devel-7.0.7.34-10.18.1

libMagick++-7_Q16HDRI4-7.0.7.34-10.18.1

libMagick++-devel-7.0.7.34-10.18.1

libMagickCore-7_Q16HDRI6-7.0.7.34-10.18.1

libMagickWand-7_Q16HDRI6-7.0.7.34-10.18.1

SUSE Linux Enterprise Module for Desktop Applications 15 SP3

ImageMagick-7.0.7.34-10.18.1

ImageMagick-config-7-SUSE-7.0.7.34-10.18.1

ImageMagick-config-7-upstream-7.0.7.34-10.18.1

ImageMagick-devel-7.0.7.34-10.18.1

libMagick++-7_Q16HDRI4-7.0.7.34-10.18.1

libMagick++-devel-7.0.7.34-10.18.1

libMagickCore-7_Q16HDRI6-7.0.7.34-10.18.1

libMagickWand-7_Q16HDRI6-7.0.7.34-10.18.1

SUSE Linux Enterprise Module for Development Tools 15 SP2

perl-PerlMagick-7.0.7.34-10.18.1

SUSE Linux Enterprise Module for Development Tools 15 SP3

perl-PerlMagick-7.0.7.34-10.18.1

Ссылки

https://www.suse.com/support/update/announcement/2021/suse-su-20213996-1/
Link for SUSE-SU-2021:3996-1
https://lists.suse.com/pipermail/sle-security-updates/2021-December/009880.html
E-Mail link for SUSE-SU-2021:3996-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1181836
SUSE Bug 1181836
https://www.suse.com/security/cve/CVE-2021-20176/
SUSE CVE CVE-2021-20176 page

Описание

A divide-by-zero flaw was found in ImageMagick 6.9.11-57 and 7.0.10-57 in gem.c. This flaw allows an attacker who submits a crafted file that is processed by ImageMagick to trigger undefined behavior through a division by zero. The highest threat from this vulnerability is to system availability.

Затронутые продукты

SUSE Linux Enterprise Module for Desktop Applications 15 SP2:ImageMagick-7.0.7.34-10.18.1

SUSE Linux Enterprise Module for Desktop Applications 15 SP2:ImageMagick-config-7-SUSE-7.0.7.34-10.18.1

SUSE Linux Enterprise Module for Desktop Applications 15 SP2:ImageMagick-config-7-upstream-7.0.7.34-10.18.1

SUSE Linux Enterprise Module for Desktop Applications 15 SP2:ImageMagick-devel-7.0.7.34-10.18.1

Ссылки

https://www.suse.com/security/cve/CVE-2021-20176.html
CVE-2021-20176
https://bugzilla.suse.com/1181836
SUSE Bug 1181836
https://bugzilla.suse.com/1182326
SUSE Bug 1182326

SUSE-SU-2021:3996-1

Описание

Список пакетов

SUSE Linux Enterprise Module for Desktop Applications 15 SP2

SUSE Linux Enterprise Module for Desktop Applications 15 SP3

SUSE Linux Enterprise Module for Development Tools 15 SP2

SUSE Linux Enterprise Module for Development Tools 15 SP3

Ссылки

Уязвимость: CVE-2021-20176

Описание

Затронутые продукты

Ссылки