Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2022:2263-1

Опубликовано: 05 июл. 2022
Источник: suse-cvrf

Описание

Security update for ImageMagick

This update for ImageMagick fixes the following issues:

  • CVE-2019-17540: Fixed heap-based buffer overflow in ReadPSInfo in coders/ps.c. (bsc#1153866)
  • CVE-2022-32545: Fixed an outside the range of representable values of type. (bsc#1200388)
  • CVE-2022-32546: Fixed an outside the range of representable values of type. (bsc#1200389)
  • CVE-2022-32547: Fixed a load of misaligned address at MagickCore/property.c. (bsc#1200387)

Список пакетов

SUSE Linux Enterprise Server 12 SP5
ImageMagick-config-6-SUSE-6.8.8.1-71.177.1
ImageMagick-config-6-upstream-6.8.8.1-71.177.1
libMagickCore-6_Q16-1-6.8.8.1-71.177.1
libMagickWand-6_Q16-1-6.8.8.1-71.177.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5
ImageMagick-config-6-SUSE-6.8.8.1-71.177.1
ImageMagick-config-6-upstream-6.8.8.1-71.177.1
libMagickCore-6_Q16-1-6.8.8.1-71.177.1
libMagickWand-6_Q16-1-6.8.8.1-71.177.1
SUSE Linux Enterprise Software Development Kit 12 SP5
ImageMagick-6.8.8.1-71.177.1
ImageMagick-config-6-SUSE-6.8.8.1-71.177.1
ImageMagick-config-6-upstream-6.8.8.1-71.177.1
ImageMagick-devel-6.8.8.1-71.177.1
libMagick++-6_Q16-3-6.8.8.1-71.177.1
libMagick++-devel-6.8.8.1-71.177.1
perl-PerlMagick-6.8.8.1-71.177.1
SUSE Linux Enterprise Workstation Extension 12 SP5
ImageMagick-6.8.8.1-71.177.1
libMagick++-6_Q16-3-6.8.8.1-71.177.1
libMagickCore-6_Q16-1-32bit-6.8.8.1-71.177.1

Ссылки

Описание

ImageMagick before 7.0.8-54 has a heap-based buffer overflow in ReadPSInfo in coders/ps.c.

Затронутые продукты
SUSE Linux Enterprise Server 12 SP5:ImageMagick-config-6-SUSE-6.8.8.1-71.177.1
SUSE Linux Enterprise Server 12 SP5:ImageMagick-config-6-upstream-6.8.8.1-71.177.1
SUSE Linux Enterprise Server 12 SP5:libMagickCore-6_Q16-1-6.8.8.1-71.177.1
SUSE Linux Enterprise Server 12 SP5:libMagickWand-6_Q16-1-6.8.8.1-71.177.1
Ссылки

Описание

A vulnerability was found in ImageMagick, causing an outside the range of representable values of type 'unsigned char' at coders/psd.c, when crafted or untrusted input is processed. This leads to a negative impact to application availability or other problems related to undefined behavior.

Затронутые продукты
SUSE Linux Enterprise Server 12 SP5:ImageMagick-config-6-SUSE-6.8.8.1-71.177.1
SUSE Linux Enterprise Server 12 SP5:ImageMagick-config-6-upstream-6.8.8.1-71.177.1
SUSE Linux Enterprise Server 12 SP5:libMagickCore-6_Q16-1-6.8.8.1-71.177.1
SUSE Linux Enterprise Server 12 SP5:libMagickWand-6_Q16-1-6.8.8.1-71.177.1
Ссылки

Описание

A vulnerability was found in ImageMagick, causing an outside the range of representable values of type 'unsigned long' at coders/pcl.c, when crafted or untrusted input is processed. This leads to a negative impact to application availability or other problems related to undefined behavior.

Затронутые продукты
SUSE Linux Enterprise Server 12 SP5:ImageMagick-config-6-SUSE-6.8.8.1-71.177.1
SUSE Linux Enterprise Server 12 SP5:ImageMagick-config-6-upstream-6.8.8.1-71.177.1
SUSE Linux Enterprise Server 12 SP5:libMagickCore-6_Q16-1-6.8.8.1-71.177.1
SUSE Linux Enterprise Server 12 SP5:libMagickWand-6_Q16-1-6.8.8.1-71.177.1
Ссылки

Описание

In ImageMagick, there is load of misaligned address for type 'double', which requires 8 byte alignment and for type 'float', which requires 4 byte alignment at MagickCore/property.c. Whenever crafted or untrusted input is processed by ImageMagick, this causes a negative impact to application availability or other problems related to undefined behavior.

Затронутые продукты
SUSE Linux Enterprise Server 12 SP5:ImageMagick-config-6-SUSE-6.8.8.1-71.177.1
SUSE Linux Enterprise Server 12 SP5:ImageMagick-config-6-upstream-6.8.8.1-71.177.1
SUSE Linux Enterprise Server 12 SP5:libMagickCore-6_Q16-1-6.8.8.1-71.177.1
SUSE Linux Enterprise Server 12 SP5:libMagickWand-6_Q16-1-6.8.8.1-71.177.1
Ссылки