Описание
Security update for ImageMagick
This update for ImageMagick fixes the following issues:
- CVE-2017-14997: GraphicsMagick allowed remote attackers to cause a denial of service (excessive memory allocation) because of an integer underflow in ReadPICTImage in coders/pict.c. [bsc#1112399]
- CVE-2018-16644: An regression in the security fix for the pict coder was fixed (bsc#1107609)
This update was imported from the SUSE:SLE-12:Update update project.
Список пакетов
openSUSE Leap 42.3
ImageMagick-6.8.8.1-76.1
ImageMagick-devel-6.8.8.1-76.1
ImageMagick-devel-32bit-6.8.8.1-76.1
ImageMagick-doc-6.8.8.1-76.1
ImageMagick-extra-6.8.8.1-76.1
libMagick++-6_Q16-3-6.8.8.1-76.1
libMagick++-6_Q16-3-32bit-6.8.8.1-76.1
libMagick++-devel-6.8.8.1-76.1
libMagick++-devel-32bit-6.8.8.1-76.1
libMagickCore-6_Q16-1-6.8.8.1-76.1
libMagickCore-6_Q16-1-32bit-6.8.8.1-76.1
libMagickWand-6_Q16-1-6.8.8.1-76.1
libMagickWand-6_Q16-1-32bit-6.8.8.1-76.1
perl-PerlMagick-6.8.8.1-76.1
Ссылки
- E-Mail link for openSUSE-SU-2018:3524-1
- SUSE Security Ratings
Описание
GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (excessive memory allocation) because of an integer underflow in ReadPICTImage in coders/pict.c.
Затронутые продукты
openSUSE Leap 42.3:ImageMagick-6.8.8.1-76.1
openSUSE Leap 42.3:ImageMagick-devel-32bit-6.8.8.1-76.1
openSUSE Leap 42.3:ImageMagick-devel-6.8.8.1-76.1
openSUSE Leap 42.3:ImageMagick-doc-6.8.8.1-76.1
Ссылки
- CVE-2017-14997
- SUSE Bug 1112399
- SUSE Bug 1117463
Описание
There is a missing check for length in the functions ReadDCMImage of coders/dcm.c and ReadPICTImage of coders/pict.c in ImageMagick 7.0.8-11, which allows remote attackers to cause a denial of service via a crafted image.
Затронутые продукты
openSUSE Leap 42.3:ImageMagick-6.8.8.1-76.1
openSUSE Leap 42.3:ImageMagick-devel-32bit-6.8.8.1-76.1
openSUSE Leap 42.3:ImageMagick-devel-6.8.8.1-76.1
openSUSE Leap 42.3:ImageMagick-doc-6.8.8.1-76.1
Ссылки
- CVE-2018-16644
- SUSE Bug 1107609
- SUSE Bug 1107612
- SUSE Bug 1117463