Описание
Security update for ImageMagick
This update for ImageMagick fixes the following issues:
- CVE-2022-32545: Fixed an outside the range of representable values of type. (bsc#1200388)
- CVE-2022-32546: Fixed an outside the range of representable values of type. (bsc#1200389)
- CVE-2022-32547: Fixed a load of misaligned address at MagickCore/property.c. (bsc#1200387)
Список пакетов
SUSE Linux Enterprise Module for Desktop Applications 15 SP4
SUSE Linux Enterprise Module for Development Tools 15 SP4
openSUSE Leap 15.4
Ссылки
- Link for SUSE-SU-2022:2301-1
- E-Mail link for SUSE-SU-2022:2301-1
- SUSE Security Ratings
- SUSE Bug 1200387
- SUSE Bug 1200388
- SUSE Bug 1200389
- SUSE CVE CVE-2022-32545 page
- SUSE CVE CVE-2022-32546 page
- SUSE CVE CVE-2022-32547 page
Описание
A vulnerability was found in ImageMagick, causing an outside the range of representable values of type 'unsigned char' at coders/psd.c, when crafted or untrusted input is processed. This leads to a negative impact to application availability or other problems related to undefined behavior.
Затронутые продукты
Ссылки
- CVE-2022-32545
- SUSE Bug 1200388
Описание
A vulnerability was found in ImageMagick, causing an outside the range of representable values of type 'unsigned long' at coders/pcl.c, when crafted or untrusted input is processed. This leads to a negative impact to application availability or other problems related to undefined behavior.
Затронутые продукты
Ссылки
- CVE-2022-32546
- SUSE Bug 1200389
- SUSE Bug 1211791
Описание
In ImageMagick, there is load of misaligned address for type 'double', which requires 8 byte alignment and for type 'float', which requires 4 byte alignment at MagickCore/property.c. Whenever crafted or untrusted input is processed by ImageMagick, this causes a negative impact to application availability or other problems related to undefined behavior.
Затронутые продукты
Ссылки
- CVE-2022-32547
- SUSE Bug 1200387