Описание
Security update for ImageMagick
This update for ImageMagick fixes the following issues:
- CVE-2025-53014: Fixed an off-by-one error may cause an out-of-bounds memory access (bsc#1246530)
- CVE-2025-53019: Fixed format specifiers in a filename template may cause a memory leak (bsc#1246534)
Список пакетов
SUSE Linux Enterprise Server LTSS Extended Security 12 SP5
Ссылки
- Link for SUSE-SU-2025:02751-1
- E-Mail link for SUSE-SU-2025:02751-1
- SUSE Security Ratings
- SUSE Bug 1246530
- SUSE Bug 1246534
- SUSE CVE CVE-2025-53014 page
- SUSE CVE CVE-2025-53019 page
Описание
ImageMagick is free and open-source software used for editing and manipulating digital images. Versions prior to 7.1.2-0 and 6.9.13-26 have a heap buffer overflow in the `InterpretImageFilename` function. The issue stems from an off-by-one error that causes out-of-bounds memory access when processing format strings containing consecutive percent signs (`%%`). Versions 7.1.2-0 and 6.9.13-26 fix the issue.
Затронутые продукты
Ссылки
- CVE-2025-53014
- SUSE Bug 1246530
Описание
ImageMagick is free and open-source software used for editing and manipulating digital images. In versions prior to 7.1.2-0 and 6.9.13-26, in ImageMagick's `magick stream` command, specifying multiple consecutive `%d` format specifiers in a filename template causes a memory leak. Versions 7.1.2-0 and 6.9.13-26 fix the issue.
Затронутые продукты
Ссылки
- CVE-2025-53019
- SUSE Bug 1246534