Security update for GraphicsMagick SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2016:1724-1 Final 1 1 2016-07-01T11:09:40Z current 2016-07-01T11:09:40Z 2016-07-01T11:09:40Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for GraphicsMagick GraphicsMagick was updated to fix 37 security issues. These security issues were fixed: - CVE-2014-9810: SEGV in dpx file handler (bsc#983803). - CVE-2014-9811: Crash in xwd file handler (bsc#984032). - CVE-2014-9813: Crash on corrupted viff file (bsc#984035). - CVE-2014-9814: NULL pointer dereference in wpg file handling (bsc#984193). - CVE-2014-9815: Crash on corrupted wpg file (bsc#984372). - CVE-2014-9816: Out of bound access in viff image (bsc#984398). - CVE-2014-9817: Heap buffer overflow in pdb file handling (bsc#984400). - CVE-2014-9818: Out of bound access on malformed sun file (bsc#984181). - CVE-2014-9819: Heap overflow in palm files (bsc#984142). - CVE-2014-9830: Handling of corrupted sun file (bsc#984135). - CVE-2014-9831: Handling of corrupted wpg file (bsc#984375). - CVE-2014-9837: Additional PNM sanity checks (bsc#984166). - CVE-2014-9834: Heap overflow in pict file (bsc#984436). - CVE-2014-9853: Memory leak in rle file handling (bsc#984408). - CVE-2015-8903: Denial of service (cpu) in vicar (bsc#983259). - CVE-2015-8901: MIFF file DoS (endless loop) (bsc#983234). - CVE-2016-5688: Various invalid memory reads in ImageMagick WPG (bsc#985442). - CVE-2015-8894: Double free in coders/tga.c:221 (bsc#983523). - CVE-2015-8896: Double free / integer truncation issue in coders/pict.c:2000 (bsc#983533). - CVE-2014-9807: Double free in pdb coder. (bsc#983794). - CVE-2014-9828: corrupted (too many colors) psd file (bsc#984028). - CVE-2014-9805: SEGV due to a corrupted pnm file. (bsc#983752). - CVE-2014-9808: SEGV due to corrupted dpc images. (bsc#983796). - CVE-2014-9820: Heap overflow in xpm files (bsc#984150). - CVE-2014-9839: Theoretical out of bound access in magick/colormap-private.h (bsc#984379). - CVE-2014-9809: SEGV due to corrupted xwd images. (bsc#983799). - CVE-2016-5240: SVG converting issue resulting in DoS (endless loop) (bsc#983309). - CVE-2014-9840: Out of bound access in palm file (bsc#984433). - CVE-2014-9847: Incorrect handling of "previous" image in the JNG decoder (bsc#984144). - CVE-2016-5241: Arithmetic exception (div by 0) in SVG conversion (bsc#983455). - CVE-2014-9845: Crash due to corrupted dib file (bsc#984394). - CVE-2014-9844: Out of bound issue in rle file (bsc#984373). - CVE-2014-9835: Heap overflow in wpf file (bsc#984145). - CVE-2014-9829: Out of bound access in sun file (bsc#984409). - CVE-2014-9846: Added checks to prevent overflow in rle file (bsc#983521). - CVE-2016-2317: Multiple vulnerabilities when parsing and processing SVG files (bsc#965853). - CVE-2016-2318: Multiple vulnerabilities when parsing and processing SVG files (bsc#965853). The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.html E-Mail link for openSUSE-SU-2016:1724-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE 13.2 GraphicsMagick-1.3.20-9.1 GraphicsMagick-debuginfo-1.3.20-9.1 GraphicsMagick-debugsource-1.3.20-9.1 GraphicsMagick-devel-1.3.20-9.1 libGraphicsMagick++-Q16-3-1.3.20-9.1 libGraphicsMagick++-Q16-3-debuginfo-1.3.20-9.1 libGraphicsMagick++-devel-1.3.20-9.1 libGraphicsMagick-Q16-3-1.3.20-9.1 libGraphicsMagick-Q16-3-debuginfo-1.3.20-9.1 libGraphicsMagick3-config-1.3.20-9.1 libGraphicsMagickWand-Q16-2-1.3.20-9.1 libGraphicsMagickWand-Q16-2-debuginfo-1.3.20-9.1 perl-GraphicsMagick-1.3.20-9.1 perl-GraphicsMagick-debuginfo-1.3.20-9.1 GraphicsMagick-1.3.20-9.1 as a component of openSUSE 13.2 GraphicsMagick-debuginfo-1.3.20-9.1 as a component of openSUSE 13.2 GraphicsMagick-debugsource-1.3.20-9.1 as a component of openSUSE 13.2 GraphicsMagick-devel-1.3.20-9.1 as a component of openSUSE 13.2 libGraphicsMagick++-Q16-3-1.3.20-9.1 as a component of openSUSE 13.2 libGraphicsMagick++-Q16-3-debuginfo-1.3.20-9.1 as a component of openSUSE 13.2 libGraphicsMagick++-devel-1.3.20-9.1 as a component of openSUSE 13.2 libGraphicsMagick-Q16-3-1.3.20-9.1 as a component of openSUSE 13.2 libGraphicsMagick-Q16-3-debuginfo-1.3.20-9.1 as a component of openSUSE 13.2 libGraphicsMagick3-config-1.3.20-9.1 as a component of openSUSE 13.2 libGraphicsMagickWand-Q16-2-1.3.20-9.1 as a component of openSUSE 13.2 libGraphicsMagickWand-Q16-2-debuginfo-1.3.20-9.1 as a component of openSUSE 13.2 perl-GraphicsMagick-1.3.20-9.1 as a component of openSUSE 13.2 perl-GraphicsMagick-debuginfo-1.3.20-9.1 as a component of openSUSE 13.2 ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted pnm file. CVE-2014-9805 openSUSE 13.2:GraphicsMagick-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-debuginfo-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-debugsource-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-devel-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-Q16-3-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-Q16-3-debuginfo-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-devel-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick-Q16-3-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick-Q16-3-debuginfo-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick3-config-1.3.20-9.1 openSUSE 13.2:libGraphicsMagickWand-Q16-2-1.3.20-9.1 openSUSE 13.2:libGraphicsMagickWand-Q16-2-debuginfo-1.3.20-9.1 openSUSE 13.2:perl-GraphicsMagick-1.3.20-9.1 openSUSE 13.2:perl-GraphicsMagick-debuginfo-1.3.20-9.1 important 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.html https://www.suse.com/security/cve/CVE-2014-9805.html CVE-2014-9805 https://bugzilla.suse.com/982969 SUSE Bug 982969 https://bugzilla.suse.com/983752 SUSE Bug 983752 The pdb coder in ImageMagick allows remote attackers to cause a denial of service (double free) via unspecified vectors. CVE-2014-9807 openSUSE 13.2:GraphicsMagick-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-debuginfo-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-debugsource-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-devel-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-Q16-3-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-Q16-3-debuginfo-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-devel-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick-Q16-3-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick-Q16-3-debuginfo-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick3-config-1.3.20-9.1 openSUSE 13.2:libGraphicsMagickWand-Q16-2-1.3.20-9.1 openSUSE 13.2:libGraphicsMagickWand-Q16-2-debuginfo-1.3.20-9.1 openSUSE 13.2:perl-GraphicsMagick-1.3.20-9.1 openSUSE 13.2:perl-GraphicsMagick-debuginfo-1.3.20-9.1 important 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.html https://www.suse.com/security/cve/CVE-2014-9807.html CVE-2014-9807 https://bugzilla.suse.com/982969 SUSE Bug 982969 https://bugzilla.suse.com/983794 SUSE Bug 983794 ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted dpc image. CVE-2014-9808 openSUSE 13.2:GraphicsMagick-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-debuginfo-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-debugsource-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-devel-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-Q16-3-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-Q16-3-debuginfo-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-devel-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick-Q16-3-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick-Q16-3-debuginfo-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick3-config-1.3.20-9.1 openSUSE 13.2:libGraphicsMagickWand-Q16-2-1.3.20-9.1 openSUSE 13.2:libGraphicsMagickWand-Q16-2-debuginfo-1.3.20-9.1 openSUSE 13.2:perl-GraphicsMagick-1.3.20-9.1 openSUSE 13.2:perl-GraphicsMagick-debuginfo-1.3.20-9.1 important 5.1 AV:N/AC:H/Au:N/C:P/I:P/A:P Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.html https://www.suse.com/security/cve/CVE-2014-9808.html CVE-2014-9808 https://bugzilla.suse.com/982969 SUSE Bug 982969 https://bugzilla.suse.com/983796 SUSE Bug 983796 ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted xwd image. CVE-2014-9809 openSUSE 13.2:GraphicsMagick-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-debuginfo-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-debugsource-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-devel-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-Q16-3-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-Q16-3-debuginfo-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-devel-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick-Q16-3-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick-Q16-3-debuginfo-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick3-config-1.3.20-9.1 openSUSE 13.2:libGraphicsMagickWand-Q16-2-1.3.20-9.1 openSUSE 13.2:libGraphicsMagickWand-Q16-2-debuginfo-1.3.20-9.1 openSUSE 13.2:perl-GraphicsMagick-1.3.20-9.1 openSUSE 13.2:perl-GraphicsMagick-debuginfo-1.3.20-9.1 important 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.html https://www.suse.com/security/cve/CVE-2014-9809.html CVE-2014-9809 https://bugzilla.suse.com/982969 SUSE Bug 982969 https://bugzilla.suse.com/983799 SUSE Bug 983799 The dpx file handler in ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a malformed dpx file. CVE-2014-9810 openSUSE 13.2:GraphicsMagick-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-debuginfo-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-debugsource-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-devel-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-Q16-3-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-Q16-3-debuginfo-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-devel-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick-Q16-3-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick-Q16-3-debuginfo-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick3-config-1.3.20-9.1 openSUSE 13.2:libGraphicsMagickWand-Q16-2-1.3.20-9.1 openSUSE 13.2:libGraphicsMagickWand-Q16-2-debuginfo-1.3.20-9.1 openSUSE 13.2:perl-GraphicsMagick-1.3.20-9.1 openSUSE 13.2:perl-GraphicsMagick-debuginfo-1.3.20-9.1 important 5.1 AV:N/AC:H/Au:N/C:P/I:P/A:P Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.html https://www.suse.com/security/cve/CVE-2014-9810.html CVE-2014-9810 https://bugzilla.suse.com/982969 SUSE Bug 982969 https://bugzilla.suse.com/983803 SUSE Bug 983803 The xwd file handler in ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a malformed xwd file. CVE-2014-9811 openSUSE 13.2:GraphicsMagick-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-debuginfo-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-debugsource-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-devel-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-Q16-3-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-Q16-3-debuginfo-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-devel-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick-Q16-3-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick-Q16-3-debuginfo-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick3-config-1.3.20-9.1 openSUSE 13.2:libGraphicsMagickWand-Q16-2-1.3.20-9.1 openSUSE 13.2:libGraphicsMagickWand-Q16-2-debuginfo-1.3.20-9.1 openSUSE 13.2:perl-GraphicsMagick-1.3.20-9.1 openSUSE 13.2:perl-GraphicsMagick-debuginfo-1.3.20-9.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.html https://www.suse.com/security/cve/CVE-2014-9811.html CVE-2014-9811 https://bugzilla.suse.com/982969 SUSE Bug 982969 https://bugzilla.suse.com/984032 SUSE Bug 984032 ImageMagick allows remote attackers to cause a denial of service (application crash) via a crafted viff file. CVE-2014-9813 openSUSE 13.2:GraphicsMagick-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-debuginfo-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-debugsource-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-devel-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-Q16-3-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-Q16-3-debuginfo-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-devel-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick-Q16-3-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick-Q16-3-debuginfo-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick3-config-1.3.20-9.1 openSUSE 13.2:libGraphicsMagickWand-Q16-2-1.3.20-9.1 openSUSE 13.2:libGraphicsMagickWand-Q16-2-debuginfo-1.3.20-9.1 openSUSE 13.2:perl-GraphicsMagick-1.3.20-9.1 openSUSE 13.2:perl-GraphicsMagick-debuginfo-1.3.20-9.1 important 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.html https://www.suse.com/security/cve/CVE-2014-9813.html CVE-2014-9813 https://bugzilla.suse.com/982969 SUSE Bug 982969 https://bugzilla.suse.com/984035 SUSE Bug 984035 https://bugzilla.suse.com/984398 SUSE Bug 984398 ImageMagick allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted wpg file. CVE-2014-9814 openSUSE 13.2:GraphicsMagick-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-debuginfo-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-debugsource-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-devel-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-Q16-3-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-Q16-3-debuginfo-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-devel-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick-Q16-3-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick-Q16-3-debuginfo-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick3-config-1.3.20-9.1 openSUSE 13.2:libGraphicsMagickWand-Q16-2-1.3.20-9.1 openSUSE 13.2:libGraphicsMagickWand-Q16-2-debuginfo-1.3.20-9.1 openSUSE 13.2:perl-GraphicsMagick-1.3.20-9.1 openSUSE 13.2:perl-GraphicsMagick-debuginfo-1.3.20-9.1 important 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.html https://www.suse.com/security/cve/CVE-2014-9814.html CVE-2014-9814 https://bugzilla.suse.com/982969 SUSE Bug 982969 https://bugzilla.suse.com/984193 SUSE Bug 984193 https://bugzilla.suse.com/984372 SUSE Bug 984372 ImageMagick allows remote attackers to cause a denial of service (application crash) via a crafted wpg file. CVE-2014-9815 openSUSE 13.2:GraphicsMagick-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-debuginfo-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-debugsource-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-devel-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-Q16-3-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-Q16-3-debuginfo-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-devel-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick-Q16-3-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick-Q16-3-debuginfo-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick3-config-1.3.20-9.1 openSUSE 13.2:libGraphicsMagickWand-Q16-2-1.3.20-9.1 openSUSE 13.2:libGraphicsMagickWand-Q16-2-debuginfo-1.3.20-9.1 openSUSE 13.2:perl-GraphicsMagick-1.3.20-9.1 openSUSE 13.2:perl-GraphicsMagick-debuginfo-1.3.20-9.1 important 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.html https://www.suse.com/security/cve/CVE-2014-9815.html CVE-2014-9815 https://bugzilla.suse.com/982969 SUSE Bug 982969 https://bugzilla.suse.com/984372 SUSE Bug 984372 ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted viff file. CVE-2014-9816 openSUSE 13.2:GraphicsMagick-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-debuginfo-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-debugsource-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-devel-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-Q16-3-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-Q16-3-debuginfo-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-devel-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick-Q16-3-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick-Q16-3-debuginfo-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick3-config-1.3.20-9.1 openSUSE 13.2:libGraphicsMagickWand-Q16-2-1.3.20-9.1 openSUSE 13.2:libGraphicsMagickWand-Q16-2-debuginfo-1.3.20-9.1 openSUSE 13.2:perl-GraphicsMagick-1.3.20-9.1 openSUSE 13.2:perl-GraphicsMagick-debuginfo-1.3.20-9.1 important 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.html https://www.suse.com/security/cve/CVE-2014-9816.html CVE-2014-9816 https://bugzilla.suse.com/982969 SUSE Bug 982969 https://bugzilla.suse.com/984035 SUSE Bug 984035 https://bugzilla.suse.com/984398 SUSE Bug 984398 Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted pdb file. CVE-2014-9817 openSUSE 13.2:GraphicsMagick-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-debuginfo-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-debugsource-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-devel-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-Q16-3-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-Q16-3-debuginfo-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-devel-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick-Q16-3-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick-Q16-3-debuginfo-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick3-config-1.3.20-9.1 openSUSE 13.2:libGraphicsMagickWand-Q16-2-1.3.20-9.1 openSUSE 13.2:libGraphicsMagickWand-Q16-2-debuginfo-1.3.20-9.1 openSUSE 13.2:perl-GraphicsMagick-1.3.20-9.1 openSUSE 13.2:perl-GraphicsMagick-debuginfo-1.3.20-9.1 important 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.html https://www.suse.com/security/cve/CVE-2014-9817.html CVE-2014-9817 https://bugzilla.suse.com/982969 SUSE Bug 982969 https://bugzilla.suse.com/984400 SUSE Bug 984400 ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a malformed sun file. CVE-2014-9818 openSUSE 13.2:GraphicsMagick-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-debuginfo-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-debugsource-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-devel-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-Q16-3-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-Q16-3-debuginfo-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-devel-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick-Q16-3-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick-Q16-3-debuginfo-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick3-config-1.3.20-9.1 openSUSE 13.2:libGraphicsMagickWand-Q16-2-1.3.20-9.1 openSUSE 13.2:libGraphicsMagickWand-Q16-2-debuginfo-1.3.20-9.1 openSUSE 13.2:perl-GraphicsMagick-1.3.20-9.1 openSUSE 13.2:perl-GraphicsMagick-debuginfo-1.3.20-9.1 important 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.html https://www.suse.com/security/cve/CVE-2014-9818.html CVE-2014-9818 https://bugzilla.suse.com/1000690 SUSE Bug 1000690 https://bugzilla.suse.com/982969 SUSE Bug 982969 https://bugzilla.suse.com/984181 SUSE Bug 984181 https://bugzilla.suse.com/984186 SUSE Bug 984186 https://bugzilla.suse.com/984409 SUSE Bug 984409 Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted palm file, a different vulnerability than CVE-2014-9823. CVE-2014-9819 openSUSE 13.2:GraphicsMagick-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-debuginfo-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-debugsource-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-devel-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-Q16-3-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-Q16-3-debuginfo-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-devel-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick-Q16-3-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick-Q16-3-debuginfo-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick3-config-1.3.20-9.1 openSUSE 13.2:libGraphicsMagickWand-Q16-2-1.3.20-9.1 openSUSE 13.2:libGraphicsMagickWand-Q16-2-debuginfo-1.3.20-9.1 openSUSE 13.2:perl-GraphicsMagick-1.3.20-9.1 openSUSE 13.2:perl-GraphicsMagick-debuginfo-1.3.20-9.1 important 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.html https://www.suse.com/security/cve/CVE-2014-9819.html CVE-2014-9819 https://bugzilla.suse.com/982969 SUSE Bug 982969 https://bugzilla.suse.com/984142 SUSE Bug 984142 Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted pnm file. CVE-2014-9820 openSUSE 13.2:GraphicsMagick-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-debuginfo-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-debugsource-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-devel-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-Q16-3-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-Q16-3-debuginfo-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-devel-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick-Q16-3-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick-Q16-3-debuginfo-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick3-config-1.3.20-9.1 openSUSE 13.2:libGraphicsMagickWand-Q16-2-1.3.20-9.1 openSUSE 13.2:libGraphicsMagickWand-Q16-2-debuginfo-1.3.20-9.1 openSUSE 13.2:perl-GraphicsMagick-1.3.20-9.1 openSUSE 13.2:perl-GraphicsMagick-debuginfo-1.3.20-9.1 important 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.html https://www.suse.com/security/cve/CVE-2014-9820.html CVE-2014-9820 https://bugzilla.suse.com/982969 SUSE Bug 982969 https://bugzilla.suse.com/984150 SUSE Bug 984150 ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. CVE-2014-9828 openSUSE 13.2:GraphicsMagick-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-debuginfo-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-debugsource-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-devel-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-Q16-3-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-Q16-3-debuginfo-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-devel-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick-Q16-3-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick-Q16-3-debuginfo-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick3-config-1.3.20-9.1 openSUSE 13.2:libGraphicsMagickWand-Q16-2-1.3.20-9.1 openSUSE 13.2:libGraphicsMagickWand-Q16-2-debuginfo-1.3.20-9.1 openSUSE 13.2:perl-GraphicsMagick-1.3.20-9.1 openSUSE 13.2:perl-GraphicsMagick-debuginfo-1.3.20-9.1 important 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.html https://www.suse.com/security/cve/CVE-2014-9828.html CVE-2014-9828 https://bugzilla.suse.com/982969 SUSE Bug 982969 https://bugzilla.suse.com/984028 SUSE Bug 984028 coders/sun.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted sun file. CVE-2014-9829 openSUSE 13.2:GraphicsMagick-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-debuginfo-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-debugsource-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-devel-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-Q16-3-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-Q16-3-debuginfo-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-devel-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick-Q16-3-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick-Q16-3-debuginfo-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick3-config-1.3.20-9.1 openSUSE 13.2:libGraphicsMagickWand-Q16-2-1.3.20-9.1 openSUSE 13.2:libGraphicsMagickWand-Q16-2-debuginfo-1.3.20-9.1 openSUSE 13.2:perl-GraphicsMagick-1.3.20-9.1 openSUSE 13.2:perl-GraphicsMagick-debuginfo-1.3.20-9.1 important 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.html https://www.suse.com/security/cve/CVE-2014-9829.html CVE-2014-9829 https://bugzilla.suse.com/982969 SUSE Bug 982969 https://bugzilla.suse.com/984409 SUSE Bug 984409 ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. CVE-2014-9830 openSUSE 13.2:GraphicsMagick-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-debuginfo-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-debugsource-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-devel-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-Q16-3-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-Q16-3-debuginfo-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-devel-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick-Q16-3-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick-Q16-3-debuginfo-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick3-config-1.3.20-9.1 openSUSE 13.2:libGraphicsMagickWand-Q16-2-1.3.20-9.1 openSUSE 13.2:libGraphicsMagickWand-Q16-2-debuginfo-1.3.20-9.1 openSUSE 13.2:perl-GraphicsMagick-1.3.20-9.1 openSUSE 13.2:perl-GraphicsMagick-debuginfo-1.3.20-9.1 important 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.html https://www.suse.com/security/cve/CVE-2014-9830.html CVE-2014-9830 https://bugzilla.suse.com/1000690 SUSE Bug 1000690 https://bugzilla.suse.com/982969 SUSE Bug 982969 https://bugzilla.suse.com/984135 SUSE Bug 984135 ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. CVE-2014-9831 openSUSE 13.2:GraphicsMagick-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-debuginfo-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-debugsource-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-devel-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-Q16-3-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-Q16-3-debuginfo-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-devel-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick-Q16-3-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick-Q16-3-debuginfo-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick3-config-1.3.20-9.1 openSUSE 13.2:libGraphicsMagickWand-Q16-2-1.3.20-9.1 openSUSE 13.2:libGraphicsMagickWand-Q16-2-debuginfo-1.3.20-9.1 openSUSE 13.2:perl-GraphicsMagick-1.3.20-9.1 openSUSE 13.2:perl-GraphicsMagick-debuginfo-1.3.20-9.1 important 5.7 AV:N/AC:M/Au:N/C:N/I:P/A:P Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.html https://www.suse.com/security/cve/CVE-2014-9831.html CVE-2014-9831 https://bugzilla.suse.com/982969 SUSE Bug 982969 https://bugzilla.suse.com/984375 SUSE Bug 984375 Heap overflow in ImageMagick 6.8.9-9 via a crafted pict file. CVE-2014-9834 openSUSE 13.2:GraphicsMagick-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-debuginfo-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-debugsource-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-devel-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-Q16-3-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-Q16-3-debuginfo-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-devel-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick-Q16-3-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick-Q16-3-debuginfo-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick3-config-1.3.20-9.1 openSUSE 13.2:libGraphicsMagickWand-Q16-2-1.3.20-9.1 openSUSE 13.2:libGraphicsMagickWand-Q16-2-debuginfo-1.3.20-9.1 openSUSE 13.2:perl-GraphicsMagick-1.3.20-9.1 openSUSE 13.2:perl-GraphicsMagick-debuginfo-1.3.20-9.1 important 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.html https://www.suse.com/security/cve/CVE-2014-9834.html CVE-2014-9834 https://bugzilla.suse.com/982969 SUSE Bug 982969 https://bugzilla.suse.com/984436 SUSE Bug 984436 Heap overflow in ImageMagick 6.8.9-9 via a crafted wpf file. CVE-2014-9835 openSUSE 13.2:GraphicsMagick-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-debuginfo-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-debugsource-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-devel-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-Q16-3-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-Q16-3-debuginfo-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-devel-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick-Q16-3-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick-Q16-3-debuginfo-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick3-config-1.3.20-9.1 openSUSE 13.2:libGraphicsMagickWand-Q16-2-1.3.20-9.1 openSUSE 13.2:libGraphicsMagickWand-Q16-2-debuginfo-1.3.20-9.1 openSUSE 13.2:perl-GraphicsMagick-1.3.20-9.1 openSUSE 13.2:perl-GraphicsMagick-debuginfo-1.3.20-9.1 important 5.7 AV:N/AC:M/Au:N/C:N/I:P/A:P Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.html https://www.suse.com/security/cve/CVE-2014-9835.html CVE-2014-9835 https://bugzilla.suse.com/982969 SUSE Bug 982969 https://bugzilla.suse.com/984145 SUSE Bug 984145 https://bugzilla.suse.com/984375 SUSE Bug 984375 coders/pnm.c in ImageMagick 6.9.0-1 Beta and earlier allows remote attackers to cause a denial of service (crash) via a crafted png file. CVE-2014-9837 openSUSE 13.2:GraphicsMagick-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-debuginfo-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-debugsource-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-devel-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-Q16-3-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-Q16-3-debuginfo-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-devel-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick-Q16-3-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick-Q16-3-debuginfo-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick3-config-1.3.20-9.1 openSUSE 13.2:libGraphicsMagickWand-Q16-2-1.3.20-9.1 openSUSE 13.2:libGraphicsMagickWand-Q16-2-debuginfo-1.3.20-9.1 openSUSE 13.2:perl-GraphicsMagick-1.3.20-9.1 openSUSE 13.2:perl-GraphicsMagick-debuginfo-1.3.20-9.1 important 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.html https://www.suse.com/security/cve/CVE-2014-9837.html CVE-2014-9837 https://bugzilla.suse.com/982969 SUSE Bug 982969 https://bugzilla.suse.com/984166 SUSE Bug 984166 magick/colormap-private.h in ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds access). CVE-2014-9839 openSUSE 13.2:GraphicsMagick-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-debuginfo-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-debugsource-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-devel-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-Q16-3-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-Q16-3-debuginfo-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-devel-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick-Q16-3-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick-Q16-3-debuginfo-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick3-config-1.3.20-9.1 openSUSE 13.2:libGraphicsMagickWand-Q16-2-1.3.20-9.1 openSUSE 13.2:libGraphicsMagickWand-Q16-2-debuginfo-1.3.20-9.1 openSUSE 13.2:perl-GraphicsMagick-1.3.20-9.1 openSUSE 13.2:perl-GraphicsMagick-debuginfo-1.3.20-9.1 important 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.html https://www.suse.com/security/cve/CVE-2014-9839.html CVE-2014-9839 https://bugzilla.suse.com/982969 SUSE Bug 982969 https://bugzilla.suse.com/984379 SUSE Bug 984379 ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted palm file. CVE-2014-9840 openSUSE 13.2:GraphicsMagick-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-debuginfo-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-debugsource-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-devel-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-Q16-3-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-Q16-3-debuginfo-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-devel-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick-Q16-3-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick-Q16-3-debuginfo-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick3-config-1.3.20-9.1 openSUSE 13.2:libGraphicsMagickWand-Q16-2-1.3.20-9.1 openSUSE 13.2:libGraphicsMagickWand-Q16-2-debuginfo-1.3.20-9.1 openSUSE 13.2:perl-GraphicsMagick-1.3.20-9.1 openSUSE 13.2:perl-GraphicsMagick-debuginfo-1.3.20-9.1 important 5.7 AV:N/AC:M/Au:N/C:N/I:P/A:P Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.html https://www.suse.com/security/cve/CVE-2014-9840.html CVE-2014-9840 https://bugzilla.suse.com/982969 SUSE Bug 982969 https://bugzilla.suse.com/984433 SUSE Bug 984433 The ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image file. CVE-2014-9844 openSUSE 13.2:GraphicsMagick-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-debuginfo-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-debugsource-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-devel-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-Q16-3-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-Q16-3-debuginfo-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-devel-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick-Q16-3-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick-Q16-3-debuginfo-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick3-config-1.3.20-9.1 openSUSE 13.2:libGraphicsMagickWand-Q16-2-1.3.20-9.1 openSUSE 13.2:libGraphicsMagickWand-Q16-2-debuginfo-1.3.20-9.1 openSUSE 13.2:perl-GraphicsMagick-1.3.20-9.1 openSUSE 13.2:perl-GraphicsMagick-debuginfo-1.3.20-9.1 important 5.7 AV:N/AC:M/Au:N/C:N/I:P/A:P Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.html https://www.suse.com/security/cve/CVE-2014-9844.html CVE-2014-9844 https://bugzilla.suse.com/982969 SUSE Bug 982969 https://bugzilla.suse.com/984373 SUSE Bug 984373 https://bugzilla.suse.com/984408 SUSE Bug 984408 The ReadDIBImage function in coders/dib.c in ImageMagick allows remote attackers to cause a denial of service (crash) via a corrupted dib file. CVE-2014-9845 openSUSE 13.2:GraphicsMagick-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-debuginfo-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-debugsource-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-devel-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-Q16-3-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-Q16-3-debuginfo-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-devel-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick-Q16-3-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick-Q16-3-debuginfo-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick3-config-1.3.20-9.1 openSUSE 13.2:libGraphicsMagickWand-Q16-2-1.3.20-9.1 openSUSE 13.2:libGraphicsMagickWand-Q16-2-debuginfo-1.3.20-9.1 openSUSE 13.2:perl-GraphicsMagick-1.3.20-9.1 openSUSE 13.2:perl-GraphicsMagick-debuginfo-1.3.20-9.1 important 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.html https://www.suse.com/security/cve/CVE-2014-9845.html CVE-2014-9845 https://bugzilla.suse.com/982969 SUSE Bug 982969 https://bugzilla.suse.com/984394 SUSE Bug 984394 Buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact. CVE-2014-9846 openSUSE 13.2:GraphicsMagick-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-debuginfo-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-debugsource-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-devel-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-Q16-3-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-Q16-3-debuginfo-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-devel-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick-Q16-3-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick-Q16-3-debuginfo-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick3-config-1.3.20-9.1 openSUSE 13.2:libGraphicsMagickWand-Q16-2-1.3.20-9.1 openSUSE 13.2:libGraphicsMagickWand-Q16-2-debuginfo-1.3.20-9.1 openSUSE 13.2:perl-GraphicsMagick-1.3.20-9.1 openSUSE 13.2:perl-GraphicsMagick-debuginfo-1.3.20-9.1 important 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.html https://www.suse.com/security/cve/CVE-2014-9846.html CVE-2014-9846 https://bugzilla.suse.com/982969 SUSE Bug 982969 https://bugzilla.suse.com/983521 SUSE Bug 983521 https://bugzilla.suse.com/984408 SUSE Bug 984408 The jng decoder in ImageMagick 6.8.9.9 allows remote attackers to have an unspecified impact. CVE-2014-9847 openSUSE 13.2:GraphicsMagick-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-debuginfo-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-debugsource-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-devel-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-Q16-3-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-Q16-3-debuginfo-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-devel-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick-Q16-3-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick-Q16-3-debuginfo-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick3-config-1.3.20-9.1 openSUSE 13.2:libGraphicsMagickWand-Q16-2-1.3.20-9.1 openSUSE 13.2:libGraphicsMagickWand-Q16-2-debuginfo-1.3.20-9.1 openSUSE 13.2:perl-GraphicsMagick-1.3.20-9.1 openSUSE 13.2:perl-GraphicsMagick-debuginfo-1.3.20-9.1 low 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.html https://www.suse.com/security/cve/CVE-2014-9847.html CVE-2014-9847 https://bugzilla.suse.com/1040304 SUSE Bug 1040304 https://bugzilla.suse.com/982969 SUSE Bug 982969 https://bugzilla.suse.com/984144 SUSE Bug 984144 Memory leak in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (memory consumption) via a crafted rle file. CVE-2014-9853 openSUSE 13.2:GraphicsMagick-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-debuginfo-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-debugsource-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-devel-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-Q16-3-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-Q16-3-debuginfo-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-devel-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick-Q16-3-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick-Q16-3-debuginfo-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick3-config-1.3.20-9.1 openSUSE 13.2:libGraphicsMagickWand-Q16-2-1.3.20-9.1 openSUSE 13.2:libGraphicsMagickWand-Q16-2-debuginfo-1.3.20-9.1 openSUSE 13.2:perl-GraphicsMagick-1.3.20-9.1 openSUSE 13.2:perl-GraphicsMagick-debuginfo-1.3.20-9.1 important 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.html https://www.suse.com/security/cve/CVE-2014-9853.html CVE-2014-9853 https://bugzilla.suse.com/982969 SUSE Bug 982969 https://bugzilla.suse.com/984408 SUSE Bug 984408 Double free vulnerability in coders/tga.c in ImageMagick 7.0.0 and later allows remote attackers to cause a denial of service (application crash) via a crafted tga file. CVE-2015-8894 openSUSE 13.2:GraphicsMagick-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-debuginfo-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-debugsource-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-devel-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-Q16-3-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-Q16-3-debuginfo-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-devel-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick-Q16-3-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick-Q16-3-debuginfo-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick3-config-1.3.20-9.1 openSUSE 13.2:libGraphicsMagickWand-Q16-2-1.3.20-9.1 openSUSE 13.2:libGraphicsMagickWand-Q16-2-debuginfo-1.3.20-9.1 openSUSE 13.2:perl-GraphicsMagick-1.3.20-9.1 openSUSE 13.2:perl-GraphicsMagick-debuginfo-1.3.20-9.1 important 4.6 AV:N/AC:H/Au:S/C:P/I:P/A:P Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.html https://www.suse.com/security/cve/CVE-2015-8894.html CVE-2015-8894 https://bugzilla.suse.com/982969 SUSE Bug 982969 https://bugzilla.suse.com/983523 SUSE Bug 983523 https://bugzilla.suse.com/983533 SUSE Bug 983533 Integer truncation issue in coders/pict.c in ImageMagick before 7.0.5-0 allows remote attackers to cause a denial of service (application crash) via a crafted .pict file. CVE-2015-8896 openSUSE 13.2:GraphicsMagick-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-debuginfo-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-debugsource-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-devel-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-Q16-3-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-Q16-3-debuginfo-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-devel-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick-Q16-3-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick-Q16-3-debuginfo-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick3-config-1.3.20-9.1 openSUSE 13.2:libGraphicsMagickWand-Q16-2-1.3.20-9.1 openSUSE 13.2:libGraphicsMagickWand-Q16-2-debuginfo-1.3.20-9.1 openSUSE 13.2:perl-GraphicsMagick-1.3.20-9.1 openSUSE 13.2:perl-GraphicsMagick-debuginfo-1.3.20-9.1 important 4.6 AV:N/AC:H/Au:S/C:P/I:P/A:P Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.html https://www.suse.com/security/cve/CVE-2015-8896.html CVE-2015-8896 https://bugzilla.suse.com/982969 SUSE Bug 982969 https://bugzilla.suse.com/983533 SUSE Bug 983533 ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted MIFF file. CVE-2015-8901 openSUSE 13.2:GraphicsMagick-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-debuginfo-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-debugsource-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-devel-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-Q16-3-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-Q16-3-debuginfo-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-devel-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick-Q16-3-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick-Q16-3-debuginfo-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick3-config-1.3.20-9.1 openSUSE 13.2:libGraphicsMagickWand-Q16-2-1.3.20-9.1 openSUSE 13.2:libGraphicsMagickWand-Q16-2-debuginfo-1.3.20-9.1 openSUSE 13.2:perl-GraphicsMagick-1.3.20-9.1 openSUSE 13.2:perl-GraphicsMagick-debuginfo-1.3.20-9.1 important 4.9 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.html https://www.suse.com/security/cve/CVE-2015-8901.html CVE-2015-8901 https://bugzilla.suse.com/983234 SUSE Bug 983234 The ReadVICARImage function in coders/vicar.c in ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted VICAR file. CVE-2015-8903 openSUSE 13.2:GraphicsMagick-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-debuginfo-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-debugsource-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-devel-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-Q16-3-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-Q16-3-debuginfo-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-devel-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick-Q16-3-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick-Q16-3-debuginfo-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick3-config-1.3.20-9.1 openSUSE 13.2:libGraphicsMagickWand-Q16-2-1.3.20-9.1 openSUSE 13.2:libGraphicsMagickWand-Q16-2-debuginfo-1.3.20-9.1 openSUSE 13.2:perl-GraphicsMagick-1.3.20-9.1 openSUSE 13.2:perl-GraphicsMagick-debuginfo-1.3.20-9.1 important 7.7 AV:N/AC:L/Au:N/C:N/I:N/A:C Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.html https://www.suse.com/security/cve/CVE-2015-8903.html CVE-2015-8903 https://bugzilla.suse.com/983259 SUSE Bug 983259 Multiple buffer overflows in GraphicsMagick 1.3.23 allow remote attackers to cause a denial of service (crash) via a crafted SVG file, related to the (1) TracePoint function in magick/render.c, (2) GetToken function in magick/utility.c, and (3) GetTransformTokens function in coders/svg.c. CVE-2016-2317 openSUSE 13.2:GraphicsMagick-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-debuginfo-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-debugsource-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-devel-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-Q16-3-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-Q16-3-debuginfo-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-devel-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick-Q16-3-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick-Q16-3-debuginfo-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick3-config-1.3.20-9.1 openSUSE 13.2:libGraphicsMagickWand-Q16-2-1.3.20-9.1 openSUSE 13.2:libGraphicsMagickWand-Q16-2-debuginfo-1.3.20-9.1 openSUSE 13.2:perl-GraphicsMagick-1.3.20-9.1 openSUSE 13.2:perl-GraphicsMagick-debuginfo-1.3.20-9.1 important 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.html https://www.suse.com/security/cve/CVE-2016-2317.html CVE-2016-2317 https://bugzilla.suse.com/965853 SUSE Bug 965853 https://bugzilla.suse.com/999673 SUSE Bug 999673 GraphicsMagick 1.3.23 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted SVG file, related to the (1) DrawImage function in magick/render.c, (2) SVGStartElement function in coders/svg.c, and (3) TraceArcPath function in magick/render.c. CVE-2016-2318 openSUSE 13.2:GraphicsMagick-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-debuginfo-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-debugsource-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-devel-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-Q16-3-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-Q16-3-debuginfo-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-devel-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick-Q16-3-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick-Q16-3-debuginfo-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick3-config-1.3.20-9.1 openSUSE 13.2:libGraphicsMagickWand-Q16-2-1.3.20-9.1 openSUSE 13.2:libGraphicsMagickWand-Q16-2-debuginfo-1.3.20-9.1 openSUSE 13.2:perl-GraphicsMagick-1.3.20-9.1 openSUSE 13.2:perl-GraphicsMagick-debuginfo-1.3.20-9.1 important Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.html https://www.suse.com/security/cve/CVE-2016-2318.html CVE-2016-2318 https://bugzilla.suse.com/965853 SUSE Bug 965853 The DrawDashPolygon function in magick/render.c in GraphicsMagick before 1.3.24 and the SVG renderer in ImageMagick allow remote attackers to cause a denial of service (infinite loop) by converting a circularly defined SVG file. CVE-2016-5240 openSUSE 13.2:GraphicsMagick-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-debuginfo-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-debugsource-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-devel-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-Q16-3-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-Q16-3-debuginfo-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-devel-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick-Q16-3-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick-Q16-3-debuginfo-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick3-config-1.3.20-9.1 openSUSE 13.2:libGraphicsMagickWand-Q16-2-1.3.20-9.1 openSUSE 13.2:libGraphicsMagickWand-Q16-2-debuginfo-1.3.20-9.1 openSUSE 13.2:perl-GraphicsMagick-1.3.20-9.1 openSUSE 13.2:perl-GraphicsMagick-debuginfo-1.3.20-9.1 important 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.html https://www.suse.com/security/cve/CVE-2016-5240.html CVE-2016-5240 https://bugzilla.suse.com/983309 SUSE Bug 983309 magick/render.c in GraphicsMagick before 1.3.24 allows remote attackers to cause a denial of service (arithmetic exception and application crash) via a crafted svg file. CVE-2016-5241 openSUSE 13.2:GraphicsMagick-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-debuginfo-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-debugsource-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-devel-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-Q16-3-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-Q16-3-debuginfo-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-devel-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick-Q16-3-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick-Q16-3-debuginfo-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick3-config-1.3.20-9.1 openSUSE 13.2:libGraphicsMagickWand-Q16-2-1.3.20-9.1 openSUSE 13.2:libGraphicsMagickWand-Q16-2-debuginfo-1.3.20-9.1 openSUSE 13.2:perl-GraphicsMagick-1.3.20-9.1 openSUSE 13.2:perl-GraphicsMagick-debuginfo-1.3.20-9.1 important 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.html https://www.suse.com/security/cve/CVE-2016-5241.html CVE-2016-5241 https://bugzilla.suse.com/983455 SUSE Bug 983455 The WPG parser in ImageMagick before 6.9.4-4 and 7.x before 7.0.1-5, when a memory limit is set, allows remote attackers to have unspecified impact via vectors related to the SetImageExtent return-value check, which trigger (1) a heap-based buffer overflow in the SetPixelIndex function or an invalid write operation in the (2) ScaleCharToQuantum or (3) SetPixelIndex functions. CVE-2016-5688 openSUSE 13.2:GraphicsMagick-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-debuginfo-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-debugsource-1.3.20-9.1 openSUSE 13.2:GraphicsMagick-devel-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-Q16-3-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-Q16-3-debuginfo-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick++-devel-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick-Q16-3-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick-Q16-3-debuginfo-1.3.20-9.1 openSUSE 13.2:libGraphicsMagick3-config-1.3.20-9.1 openSUSE 13.2:libGraphicsMagickWand-Q16-2-1.3.20-9.1 openSUSE 13.2:libGraphicsMagickWand-Q16-2-debuginfo-1.3.20-9.1 openSUSE 13.2:perl-GraphicsMagick-1.3.20-9.1 openSUSE 13.2:perl-GraphicsMagick-debuginfo-1.3.20-9.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.html https://www.suse.com/security/cve/CVE-2016-5688.html CVE-2016-5688 https://bugzilla.suse.com/985442 SUSE Bug 985442