Описание
Security update for ImageMagick
This update for ImageMagick fixes the following issues:
- CVE-2022-44267: Fixed a denial of service when parsing a PNG image (bsc#1207982).
- CVE-2022-44268: Fixed arbitrary file disclosure when parsing a PNG image (bsc#1207983).
Список пакетов
SUSE Linux Enterprise Server 12 SP2-BCL
ImageMagick-config-6-SUSE-6.8.8.1-71.183.1
ImageMagick-config-6-upstream-6.8.8.1-71.183.1
libMagickCore-6_Q16-1-6.8.8.1-71.183.1
libMagickWand-6_Q16-1-6.8.8.1-71.183.1
SUSE Linux Enterprise Server 12 SP4-LTSS
ImageMagick-config-6-SUSE-6.8.8.1-71.183.1
ImageMagick-config-6-upstream-6.8.8.1-71.183.1
libMagickCore-6_Q16-1-6.8.8.1-71.183.1
libMagickWand-6_Q16-1-6.8.8.1-71.183.1
SUSE Linux Enterprise Server 12 SP5
ImageMagick-config-6-SUSE-6.8.8.1-71.183.1
ImageMagick-config-6-upstream-6.8.8.1-71.183.1
libMagickCore-6_Q16-1-6.8.8.1-71.183.1
libMagickWand-6_Q16-1-6.8.8.1-71.183.1
SUSE Linux Enterprise Server for SAP Applications 12 SP4
ImageMagick-config-6-SUSE-6.8.8.1-71.183.1
ImageMagick-config-6-upstream-6.8.8.1-71.183.1
libMagickCore-6_Q16-1-6.8.8.1-71.183.1
libMagickWand-6_Q16-1-6.8.8.1-71.183.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5
ImageMagick-config-6-SUSE-6.8.8.1-71.183.1
ImageMagick-config-6-upstream-6.8.8.1-71.183.1
libMagickCore-6_Q16-1-6.8.8.1-71.183.1
libMagickWand-6_Q16-1-6.8.8.1-71.183.1
SUSE Linux Enterprise Software Development Kit 12 SP5
ImageMagick-6.8.8.1-71.183.1
ImageMagick-config-6-SUSE-6.8.8.1-71.183.1
ImageMagick-config-6-upstream-6.8.8.1-71.183.1
ImageMagick-devel-6.8.8.1-71.183.1
libMagick++-6_Q16-3-6.8.8.1-71.183.1
libMagick++-devel-6.8.8.1-71.183.1
perl-PerlMagick-6.8.8.1-71.183.1
SUSE Linux Enterprise Workstation Extension 12 SP5
ImageMagick-6.8.8.1-71.183.1
libMagick++-6_Q16-3-6.8.8.1-71.183.1
libMagickCore-6_Q16-1-32bit-6.8.8.1-71.183.1
SUSE OpenStack Cloud 9
ImageMagick-config-6-SUSE-6.8.8.1-71.183.1
ImageMagick-config-6-upstream-6.8.8.1-71.183.1
libMagickCore-6_Q16-1-6.8.8.1-71.183.1
libMagickWand-6_Q16-1-6.8.8.1-71.183.1
SUSE OpenStack Cloud Crowbar 9
ImageMagick-config-6-SUSE-6.8.8.1-71.183.1
ImageMagick-config-6-upstream-6.8.8.1-71.183.1
libMagickCore-6_Q16-1-6.8.8.1-71.183.1
libMagickWand-6_Q16-1-6.8.8.1-71.183.1
Ссылки
- Link for SUSE-SU-2023:0421-1
- E-Mail link for SUSE-SU-2023:0421-1
- SUSE Security Ratings
- SUSE Bug 1207982
- SUSE Bug 1207983
- SUSE CVE CVE-2022-44267 page
- SUSE CVE CVE-2022-44268 page
Описание
ImageMagick 7.1.0-49 is vulnerable to Denial of Service. When it parses a PNG image (e.g., for resize), the convert process could be left waiting for stdin input.
Затронутые продукты
SUSE Linux Enterprise Server 12 SP2-BCL:ImageMagick-config-6-SUSE-6.8.8.1-71.183.1
SUSE Linux Enterprise Server 12 SP2-BCL:ImageMagick-config-6-upstream-6.8.8.1-71.183.1
SUSE Linux Enterprise Server 12 SP2-BCL:libMagickCore-6_Q16-1-6.8.8.1-71.183.1
SUSE Linux Enterprise Server 12 SP2-BCL:libMagickWand-6_Q16-1-6.8.8.1-71.183.1
Ссылки
- CVE-2022-44267
- SUSE Bug 1207982
Описание
ImageMagick 7.1.0-49 is vulnerable to Information Disclosure. When it parses a PNG image (e.g., for resize), the resulting image could have embedded the content of an arbitrary. file (if the magick binary has permissions to read it).
Затронутые продукты
SUSE Linux Enterprise Server 12 SP2-BCL:ImageMagick-config-6-SUSE-6.8.8.1-71.183.1
SUSE Linux Enterprise Server 12 SP2-BCL:ImageMagick-config-6-upstream-6.8.8.1-71.183.1
SUSE Linux Enterprise Server 12 SP2-BCL:libMagickCore-6_Q16-1-6.8.8.1-71.183.1
SUSE Linux Enterprise Server 12 SP2-BCL:libMagickWand-6_Q16-1-6.8.8.1-71.183.1
Ссылки
- CVE-2022-44268
- SUSE Bug 1207983