Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2022:2259-1

Опубликовано: 04 июл. 2022
Источник: suse-cvrf

Описание

Security update for ImageMagick

This update for ImageMagick fixes the following issues:

  • CVE-2019-17540: Fixed heap-based buffer overflow in ReadPSInfo in coders/ps.c. (bsc#1153866)
  • CVE-2022-32545: Fixed an outside the range of representable values of type. (bsc#1200388)
  • CVE-2022-32546: Fixed an outside the range of representable values of type. (bsc#1200389)
  • CVE-2022-32547: Fixed a load of misaligned address at MagickCore/property.c. (bsc#1200387)

Список пакетов

SUSE Linux Enterprise Module for Desktop Applications 15 SP3
ImageMagick-7.0.7.34-150200.10.31.1
ImageMagick-config-7-SUSE-7.0.7.34-150200.10.31.1
ImageMagick-config-7-upstream-7.0.7.34-150200.10.31.1
ImageMagick-devel-7.0.7.34-150200.10.31.1
libMagick++-7_Q16HDRI4-7.0.7.34-150200.10.31.1
libMagick++-devel-7.0.7.34-150200.10.31.1
libMagickCore-7_Q16HDRI6-7.0.7.34-150200.10.31.1
libMagickWand-7_Q16HDRI6-7.0.7.34-150200.10.31.1
SUSE Linux Enterprise Module for Development Tools 15 SP3
perl-PerlMagick-7.0.7.34-150200.10.31.1
openSUSE Leap 15.3
ImageMagick-7.0.7.34-150200.10.31.1
ImageMagick-config-7-SUSE-7.0.7.34-150200.10.31.1
ImageMagick-config-7-upstream-7.0.7.34-150200.10.31.1
ImageMagick-devel-7.0.7.34-150200.10.31.1
ImageMagick-devel-32bit-7.0.7.34-150200.10.31.1
ImageMagick-doc-7.0.7.34-150200.10.31.1
ImageMagick-extra-7.0.7.34-150200.10.31.1
libMagick++-7_Q16HDRI4-7.0.7.34-150200.10.31.1
libMagick++-7_Q16HDRI4-32bit-7.0.7.34-150200.10.31.1
libMagick++-devel-7.0.7.34-150200.10.31.1
libMagick++-devel-32bit-7.0.7.34-150200.10.31.1
libMagickCore-7_Q16HDRI6-7.0.7.34-150200.10.31.1
libMagickCore-7_Q16HDRI6-32bit-7.0.7.34-150200.10.31.1
libMagickWand-7_Q16HDRI6-7.0.7.34-150200.10.31.1
libMagickWand-7_Q16HDRI6-32bit-7.0.7.34-150200.10.31.1
perl-PerlMagick-7.0.7.34-150200.10.31.1
openSUSE Leap 15.4
libMagick++-7_Q16HDRI4-7.0.7.34-150200.10.31.1
libMagick++-7_Q16HDRI4-32bit-7.0.7.34-150200.10.31.1
libMagickCore-7_Q16HDRI6-7.0.7.34-150200.10.31.1
libMagickCore-7_Q16HDRI6-32bit-7.0.7.34-150200.10.31.1
libMagickWand-7_Q16HDRI6-7.0.7.34-150200.10.31.1
libMagickWand-7_Q16HDRI6-32bit-7.0.7.34-150200.10.31.1

Ссылки

Описание

ImageMagick before 7.0.8-54 has a heap-based buffer overflow in ReadPSInfo in coders/ps.c.

Затронутые продукты
SUSE Linux Enterprise Module for Desktop Applications 15 SP3:ImageMagick-7.0.7.34-150200.10.31.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP3:ImageMagick-config-7-SUSE-7.0.7.34-150200.10.31.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP3:ImageMagick-config-7-upstream-7.0.7.34-150200.10.31.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP3:ImageMagick-devel-7.0.7.34-150200.10.31.1
Ссылки

Описание

A vulnerability was found in ImageMagick, causing an outside the range of representable values of type 'unsigned char' at coders/psd.c, when crafted or untrusted input is processed. This leads to a negative impact to application availability or other problems related to undefined behavior.

Затронутые продукты
SUSE Linux Enterprise Module for Desktop Applications 15 SP3:ImageMagick-7.0.7.34-150200.10.31.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP3:ImageMagick-config-7-SUSE-7.0.7.34-150200.10.31.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP3:ImageMagick-config-7-upstream-7.0.7.34-150200.10.31.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP3:ImageMagick-devel-7.0.7.34-150200.10.31.1
Ссылки

Описание

A vulnerability was found in ImageMagick, causing an outside the range of representable values of type 'unsigned long' at coders/pcl.c, when crafted or untrusted input is processed. This leads to a negative impact to application availability or other problems related to undefined behavior.

Затронутые продукты
SUSE Linux Enterprise Module for Desktop Applications 15 SP3:ImageMagick-7.0.7.34-150200.10.31.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP3:ImageMagick-config-7-SUSE-7.0.7.34-150200.10.31.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP3:ImageMagick-config-7-upstream-7.0.7.34-150200.10.31.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP3:ImageMagick-devel-7.0.7.34-150200.10.31.1
Ссылки

Описание

In ImageMagick, there is load of misaligned address for type 'double', which requires 8 byte alignment and for type 'float', which requires 4 byte alignment at MagickCore/property.c. Whenever crafted or untrusted input is processed by ImageMagick, this causes a negative impact to application availability or other problems related to undefined behavior.

Затронутые продукты
SUSE Linux Enterprise Module for Desktop Applications 15 SP3:ImageMagick-7.0.7.34-150200.10.31.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP3:ImageMagick-config-7-SUSE-7.0.7.34-150200.10.31.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP3:ImageMagick-config-7-upstream-7.0.7.34-150200.10.31.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP3:ImageMagick-devel-7.0.7.34-150200.10.31.1
Ссылки