Security update for ImageMagick SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2017:3420-1 Final 1 1 2017-12-22T15:55:12Z current 2017-12-22T15:55:12Z 2017-12-22T15:55:12Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for ImageMagick This update for ImageMagick fixes the following issues: * CVE-2017-14989: use-after-free in RenderFreetype in MagickCore/annotate.c could lead to denial of service [bsc#1061254] * CVE-2017-14682: GetNextToken in MagickCore/token.c heap buffer overflow could lead to denial of service [bsc#1060176] * Memory leak in WriteINLINEImage in coders/inline.c could lead to denial of service [bsc#1052744] * CVE-2017-14607: out of bounds read flaw related to ReadTIFFImagehas could possibly disclose potentially sensitive memory [bsc#1059778] * CVE-2017-11640: NULL pointer deref in WritePTIFImage() in coders/tiff.c [bsc#1050632] * CVE-2017-14342: a memory exhaustion vulnerability in ReadWPGImage in coders/wpg.c could lead to denial of service [bsc#1058485] * CVE-2017-14341: Infinite loop in the ReadWPGImage function [bsc#1058637] * CVE-2017-16546: problem in the function ReadWPGImage in coders/wpg.c could lead to denial of service [bsc#1067181] * CVE-2017-16545: The ReadWPGImage function in coders/wpg.c in validation problems could lead to denial of service [bsc#1067184] * CVE-2017-16669: problem in coders/wpg.c could allow remote attackers to cause a denial of service via crafted file [bsc#1067409] * CVE-2017-14175: Lack of End of File check could lead to denial of service [bsc#1057719] * CVE-2017-14138: memory leak vulnerability in ReadWEBPImage in coders/webp.c could lead to denial of service [bsc#1057157] * CVE-2017-13769: denial of service issue in function WriteTHUMBNAILImage in coders/thumbnail.c [bsc#1056432] * CVE-2017-13134: a heap-based buffer over-read was found in thefunction SFWScan in coders/sfw.c, which allows attackers to cause adenial of service via a crafted file. [bsc#1055214] * CVE-2017-15217: memory leak in ReadSGIImage in coders/sgi.c [bsc#1062750] * CVE-2017-11478: ReadOneDJVUImage in coders/djvu.c in ImageMagick allows remote attackers to cause a DoS [bsc#1049796] * CVE-2017-15930: Null Pointer dereference while transfering JPEG scanlines could lead to denial of service [bsc#1066003] * CVE-2017-12983: Heap-based buffer overflow in the ReadSFWImage function in coders/sfw.c inImageMagick 7.0.6-8 allows remote attackers to cause a denial of service [bsc#1054757] * CVE-2017-14531: memory exhaustion issue in ReadSUNImage incoders/sun.c. [bsc#1059666] * CVE-2017-12435: Memory exhaustion in ReadSUNImage in coders/sun.c, which allows attackers to cause denial of service [bsc#1052553] * CVE-2017-12587: User controlable large loop in the ReadPWPImage in coders\pwp.c could lead to denial of service [bsc#1052450] * CVE-2017-11523: ReadTXTImage in coders/txt.c allows remote attackers to cause a denial of service [bsc#1050083] * CVE-2017-14173: unction ReadTXTImage is vulnerable to a integer overflow that could lead to denial of service [bsc#1057729] * CVE-2017-11188: ImageMagick: The ReadDPXImage function in codersdpx.c in ImageMagick 7.0.6-0 has a largeloop vulnerability that can cause CPU exhaustion via a crafted DPX file, relatedto lack of an EOF check. [bnc#1048457] * CVE-2017-11527: ImageMagick: ReadDPXImage in coders/dpx.c allows remote attackers to cause DoS [bnc#1050116] * CVE-2017-11535: GraphicsMagick, ImageMagick: Heap-based buffer over-read in WritePSImage() in coders/ps.c [bnc#1050139] * CVE-2017-11752: ImageMagick: ReadMAGICKImage in coders/magick.c allows to cause DoS [bnc#1051441] * CVE-2017-12140: ImageMagick: ReadDCMImage in codersdcm.c has a ninteger signedness error leading to excessive memory consumption [bnc#1051847] * CVE-2017-12669: ImageMagick: Memory leak in WriteCALSImage in coders/cals.c [bnc#1052689] * CVE-2017-12662: GraphicsMagick, ImageMagick: Memory leak in WritePDFImage in coders/pdf.c [bnc#1052758] * CVE-2017-12644: ImageMagick: Memory leak in ReadDCMImage in codersdcm.c [bnc#1052764] * CVE-2017-14172: ImageMagick: Lack of end of file check in ReadPSImage() could lead to a denial of service [bnc#1057730] * CVE-2017-14733: GraphicsMagick: Heap overflow on ReadRLEImage in coders/rle.c could lead to denial of service [bnc#1060577] This update was imported from the SUSE:SLE-12:Update update project. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/opensuse-security-announce/2017-12/msg00087.html E-Mail link for openSUSE-SU-2017:3420-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE Leap 42.2 openSUSE Leap 42.3 ImageMagick-6.8.8.1-40.1 ImageMagick-devel-6.8.8.1-40.1 ImageMagick-devel-32bit-6.8.8.1-40.1 ImageMagick-doc-6.8.8.1-40.1 ImageMagick-extra-6.8.8.1-40.1 libMagick++-6_Q16-3-6.8.8.1-40.1 libMagick++-6_Q16-3-32bit-6.8.8.1-40.1 libMagick++-devel-6.8.8.1-40.1 libMagick++-devel-32bit-6.8.8.1-40.1 libMagickCore-6_Q16-1-6.8.8.1-40.1 libMagickCore-6_Q16-1-32bit-6.8.8.1-40.1 libMagickWand-6_Q16-1-6.8.8.1-40.1 libMagickWand-6_Q16-1-32bit-6.8.8.1-40.1 perl-PerlMagick-6.8.8.1-40.1 ImageMagick-6.8.8.1-40.1 as a component of openSUSE Leap 42.2 ImageMagick-devel-6.8.8.1-40.1 as a component of openSUSE Leap 42.2 ImageMagick-devel-32bit-6.8.8.1-40.1 as a component of openSUSE Leap 42.2 ImageMagick-doc-6.8.8.1-40.1 as a component of openSUSE Leap 42.2 ImageMagick-extra-6.8.8.1-40.1 as a component of openSUSE Leap 42.2 libMagick++-6_Q16-3-6.8.8.1-40.1 as a component of openSUSE Leap 42.2 libMagick++-6_Q16-3-32bit-6.8.8.1-40.1 as a component of openSUSE Leap 42.2 libMagick++-devel-6.8.8.1-40.1 as a component of openSUSE Leap 42.2 libMagick++-devel-32bit-6.8.8.1-40.1 as a component of openSUSE Leap 42.2 libMagickCore-6_Q16-1-6.8.8.1-40.1 as a component of openSUSE Leap 42.2 libMagickCore-6_Q16-1-32bit-6.8.8.1-40.1 as a component of openSUSE Leap 42.2 libMagickWand-6_Q16-1-6.8.8.1-40.1 as a component of openSUSE Leap 42.2 libMagickWand-6_Q16-1-32bit-6.8.8.1-40.1 as a component of openSUSE Leap 42.2 perl-PerlMagick-6.8.8.1-40.1 as a component of openSUSE Leap 42.2 ImageMagick-6.8.8.1-40.1 as a component of openSUSE Leap 42.3 ImageMagick-devel-6.8.8.1-40.1 as a component of openSUSE Leap 42.3 ImageMagick-devel-32bit-6.8.8.1-40.1 as a component of openSUSE Leap 42.3 ImageMagick-doc-6.8.8.1-40.1 as a component of openSUSE Leap 42.3 ImageMagick-extra-6.8.8.1-40.1 as a component of openSUSE Leap 42.3 libMagick++-6_Q16-3-6.8.8.1-40.1 as a component of openSUSE Leap 42.3 libMagick++-6_Q16-3-32bit-6.8.8.1-40.1 as a component of openSUSE Leap 42.3 libMagick++-devel-6.8.8.1-40.1 as a component of openSUSE Leap 42.3 libMagick++-devel-32bit-6.8.8.1-40.1 as a component of openSUSE Leap 42.3 libMagickCore-6_Q16-1-6.8.8.1-40.1 as a component of openSUSE Leap 42.3 libMagickCore-6_Q16-1-32bit-6.8.8.1-40.1 as a component of openSUSE Leap 42.3 libMagickWand-6_Q16-1-6.8.8.1-40.1 as a component of openSUSE Leap 42.3 libMagickWand-6_Q16-1-32bit-6.8.8.1-40.1 as a component of openSUSE Leap 42.3 perl-PerlMagick-6.8.8.1-40.1 as a component of openSUSE Leap 42.3 The ReadDPXImage function in coders\dpx.c in ImageMagick 7.0.6-0 has a large loop vulnerability that can cause CPU exhaustion via a crafted DPX file, related to lack of an EOF check. CVE-2017-11188 openSUSE Leap 42.2:ImageMagick-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-devel-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-doc-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-extra-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-6_Q16-3-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-6_Q16-3-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-devel-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickCore-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickCore-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickWand-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickWand-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.2:perl-PerlMagick-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-devel-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-doc-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-extra-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-devel-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.3:perl-PerlMagick-6.8.8.1-40.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-12/msg00087.html https://www.suse.com/security/cve/CVE-2017-11188.html CVE-2017-11188 https://bugzilla.suse.com/1048457 SUSE Bug 1048457 The ReadOneDJVUImage function in coders/djvu.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a malformed DJVU image. CVE-2017-11478 openSUSE Leap 42.2:ImageMagick-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-devel-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-doc-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-extra-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-6_Q16-3-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-6_Q16-3-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-devel-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickCore-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickCore-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickWand-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickWand-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.2:perl-PerlMagick-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-devel-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-doc-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-extra-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-devel-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.3:perl-PerlMagick-6.8.8.1-40.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-12/msg00087.html https://www.suse.com/security/cve/CVE-2017-11478.html CVE-2017-11478 https://bugzilla.suse.com/1049796 SUSE Bug 1049796 The ReadTXTImage function in coders/txt.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (infinite loop) via a crafted file, because the end-of-file condition is not considered. CVE-2017-11523 openSUSE Leap 42.2:ImageMagick-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-devel-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-doc-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-extra-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-6_Q16-3-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-6_Q16-3-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-devel-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickCore-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickCore-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickWand-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickWand-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.2:perl-PerlMagick-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-devel-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-doc-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-extra-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-devel-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.3:perl-PerlMagick-6.8.8.1-40.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-12/msg00087.html https://www.suse.com/security/cve/CVE-2017-11523.html CVE-2017-11523 https://bugzilla.suse.com/1050083 SUSE Bug 1050083 The ReadDPXImage function in coders/dpx.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory consumption) via a crafted file. CVE-2017-11527 openSUSE Leap 42.2:ImageMagick-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-devel-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-doc-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-extra-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-6_Q16-3-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-6_Q16-3-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-devel-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickCore-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickCore-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickWand-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickWand-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.2:perl-PerlMagick-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-devel-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-doc-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-extra-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-devel-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.3:perl-PerlMagick-6.8.8.1-40.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-12/msg00087.html https://www.suse.com/security/cve/CVE-2017-11527.html CVE-2017-11527 https://bugzilla.suse.com/1047054 SUSE Bug 1047054 https://bugzilla.suse.com/1050116 SUSE Bug 1050116 When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a heap-based buffer over-read in the WritePSImage() function in coders/ps.c. CVE-2017-11535 openSUSE Leap 42.2:ImageMagick-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-devel-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-doc-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-extra-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-6_Q16-3-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-6_Q16-3-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-devel-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickCore-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickCore-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickWand-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickWand-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.2:perl-PerlMagick-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-devel-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-doc-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-extra-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-devel-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.3:perl-PerlMagick-6.8.8.1-40.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-12/msg00087.html https://www.suse.com/security/cve/CVE-2017-11535.html CVE-2017-11535 https://bugzilla.suse.com/1050139 SUSE Bug 1050139 When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to an address access exception in the WritePTIFImage() function in coders/tiff.c. CVE-2017-11640 openSUSE Leap 42.2:ImageMagick-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-devel-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-doc-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-extra-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-6_Q16-3-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-6_Q16-3-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-devel-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickCore-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickCore-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickWand-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickWand-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.2:perl-PerlMagick-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-devel-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-doc-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-extra-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-devel-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.3:perl-PerlMagick-6.8.8.1-40.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-12/msg00087.html https://www.suse.com/security/cve/CVE-2017-11640.html CVE-2017-11640 https://bugzilla.suse.com/1050632 SUSE Bug 1050632 The ReadMAGICKImage function in coders/magick.c in ImageMagick 7.0.6-4 allows remote attackers to cause a denial of service (memory leak) via a crafted file. CVE-2017-11752 openSUSE Leap 42.2:ImageMagick-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-devel-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-doc-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-extra-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-6_Q16-3-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-6_Q16-3-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-devel-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickCore-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickCore-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickWand-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickWand-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.2:perl-PerlMagick-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-devel-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-doc-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-extra-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-devel-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.3:perl-PerlMagick-6.8.8.1-40.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-12/msg00087.html https://www.suse.com/security/cve/CVE-2017-11752.html CVE-2017-11752 https://bugzilla.suse.com/1051441 SUSE Bug 1051441 The ReadDCMImage function in coders\dcm.c in ImageMagick 7.0.6-1 has an integer signedness error leading to excessive memory consumption via a crafted DCM file. CVE-2017-12140 openSUSE Leap 42.2:ImageMagick-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-devel-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-doc-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-extra-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-6_Q16-3-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-6_Q16-3-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-devel-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickCore-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickCore-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickWand-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickWand-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.2:perl-PerlMagick-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-devel-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-doc-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-extra-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-devel-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.3:perl-PerlMagick-6.8.8.1-40.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-12/msg00087.html https://www.suse.com/security/cve/CVE-2017-12140.html CVE-2017-12140 https://bugzilla.suse.com/1051847 SUSE Bug 1051847 https://bugzilla.suse.com/1052764 SUSE Bug 1052764 In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in the function ReadSUNImage in coders/sun.c, which allows attackers to cause a denial of service. CVE-2017-12435 openSUSE Leap 42.2:ImageMagick-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-devel-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-doc-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-extra-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-6_Q16-3-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-6_Q16-3-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-devel-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickCore-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickCore-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickWand-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickWand-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.2:perl-PerlMagick-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-devel-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-doc-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-extra-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-devel-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.3:perl-PerlMagick-6.8.8.1-40.1 moderate 7.8 AV:N/AC:L/Au:N/C:N/I:N/A:C Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-12/msg00087.html https://www.suse.com/security/cve/CVE-2017-12435.html CVE-2017-12435 https://bugzilla.suse.com/1052553 SUSE Bug 1052553 https://bugzilla.suse.com/1057508 SUSE Bug 1057508 ImageMagick 7.0.6-1 has a large loop vulnerability in the ReadPWPImage function in coders\pwp.c. CVE-2017-12587 openSUSE Leap 42.2:ImageMagick-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-devel-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-doc-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-extra-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-6_Q16-3-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-6_Q16-3-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-devel-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickCore-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickCore-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickWand-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickWand-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.2:perl-PerlMagick-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-devel-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-doc-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-extra-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-devel-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.3:perl-PerlMagick-6.8.8.1-40.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-12/msg00087.html https://www.suse.com/security/cve/CVE-2017-12587.html CVE-2017-12587 https://bugzilla.suse.com/1052450 SUSE Bug 1052450 ImageMagick 7.0.6-1 has a memory leak vulnerability in ReadDCMImage in coders\dcm.c. CVE-2017-12644 openSUSE Leap 42.2:ImageMagick-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-devel-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-doc-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-extra-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-6_Q16-3-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-6_Q16-3-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-devel-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickCore-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickCore-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickWand-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickWand-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.2:perl-PerlMagick-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-devel-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-doc-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-extra-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-devel-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.3:perl-PerlMagick-6.8.8.1-40.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-12/msg00087.html https://www.suse.com/security/cve/CVE-2017-12644.html CVE-2017-12644 https://bugzilla.suse.com/1051847 SUSE Bug 1051847 https://bugzilla.suse.com/1052764 SUSE Bug 1052764 ImageMagick 7.0.6-2 has a memory leak vulnerability in WritePDFImage in coders/pdf.c. CVE-2017-12662 openSUSE Leap 42.2:ImageMagick-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-devel-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-doc-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-extra-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-6_Q16-3-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-6_Q16-3-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-devel-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickCore-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickCore-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickWand-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickWand-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.2:perl-PerlMagick-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-devel-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-doc-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-extra-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-devel-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.3:perl-PerlMagick-6.8.8.1-40.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-12/msg00087.html https://www.suse.com/security/cve/CVE-2017-12662.html CVE-2017-12662 https://bugzilla.suse.com/1052758 SUSE Bug 1052758 ImageMagick 7.0.6-2 has a memory leak vulnerability in WriteCALSImage in coders/cals.c. CVE-2017-12669 openSUSE Leap 42.2:ImageMagick-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-devel-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-doc-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-extra-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-6_Q16-3-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-6_Q16-3-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-devel-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickCore-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickCore-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickWand-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickWand-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.2:perl-PerlMagick-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-devel-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-doc-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-extra-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-devel-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.3:perl-PerlMagick-6.8.8.1-40.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-12/msg00087.html https://www.suse.com/security/cve/CVE-2017-12669.html CVE-2017-12669 https://bugzilla.suse.com/1052689 SUSE Bug 1052689 Heap-based buffer overflow in the ReadSFWImage function in coders/sfw.c in ImageMagick 7.0.6-8 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file. CVE-2017-12983 openSUSE Leap 42.2:ImageMagick-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-devel-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-doc-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-extra-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-6_Q16-3-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-6_Q16-3-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-devel-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickCore-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickCore-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickWand-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickWand-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.2:perl-PerlMagick-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-devel-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-doc-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-extra-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-devel-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.3:perl-PerlMagick-6.8.8.1-40.1 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-12/msg00087.html https://www.suse.com/security/cve/CVE-2017-12983.html CVE-2017-12983 https://bugzilla.suse.com/1054757 SUSE Bug 1054757 In ImageMagick 7.0.6-6 and GraphicsMagick 1.3.26, a heap-based buffer over-read was found in the function SFWScan in coders/sfw.c, which allows attackers to cause a denial of service via a crafted file. CVE-2017-13134 openSUSE Leap 42.2:ImageMagick-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-devel-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-doc-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-extra-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-6_Q16-3-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-6_Q16-3-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-devel-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickCore-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickCore-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickWand-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickWand-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.2:perl-PerlMagick-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-devel-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-doc-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-extra-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-devel-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.3:perl-PerlMagick-6.8.8.1-40.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-12/msg00087.html https://www.suse.com/security/cve/CVE-2017-13134.html CVE-2017-13134 https://bugzilla.suse.com/1055214 SUSE Bug 1055214 The WriteTHUMBNAILImage function in coders/thumbnail.c in ImageMagick through 7.0.6-10 allows an attacker to cause a denial of service (buffer over-read) by sending a crafted JPEG file. CVE-2017-13769 openSUSE Leap 42.2:ImageMagick-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-devel-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-doc-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-extra-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-6_Q16-3-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-6_Q16-3-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-devel-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickCore-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickCore-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickWand-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickWand-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.2:perl-PerlMagick-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-devel-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-doc-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-extra-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-devel-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.3:perl-PerlMagick-6.8.8.1-40.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-12/msg00087.html https://www.suse.com/security/cve/CVE-2017-13769.html CVE-2017-13769 https://bugzilla.suse.com/1056432 SUSE Bug 1056432 ImageMagick 7.0.6-5 has a memory leak vulnerability in ReadWEBPImage in coders/webp.c because memory is not freed in certain error cases, as demonstrated by VP8 errors. CVE-2017-14138 openSUSE Leap 42.2:ImageMagick-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-devel-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-doc-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-extra-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-6_Q16-3-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-6_Q16-3-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-devel-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickCore-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickCore-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickWand-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickWand-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.2:perl-PerlMagick-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-devel-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-doc-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-extra-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-devel-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.3:perl-PerlMagick-6.8.8.1-40.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-12/msg00087.html https://www.suse.com/security/cve/CVE-2017-14138.html CVE-2017-14138 https://bugzilla.suse.com/1057153 SUSE Bug 1057153 https://bugzilla.suse.com/1057157 SUSE Bug 1057157 In coders/ps.c in ImageMagick 7.0.7-0 Q16, a DoS in ReadPSImage() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted PSD file, which claims a large "extent" field in the header but does not contain sufficient backing data, is provided, the loop over "length" would consume huge CPU resources, since there is no EOF check inside the loop. CVE-2017-14172 openSUSE Leap 42.2:ImageMagick-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-devel-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-doc-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-extra-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-6_Q16-3-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-6_Q16-3-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-devel-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickCore-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickCore-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickWand-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickWand-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.2:perl-PerlMagick-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-devel-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-doc-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-extra-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-devel-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.3:perl-PerlMagick-6.8.8.1-40.1 low 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-12/msg00087.html https://www.suse.com/security/cve/CVE-2017-14172.html CVE-2017-14172 https://bugzilla.suse.com/1057730 SUSE Bug 1057730 In the function ReadTXTImage() in coders/txt.c in ImageMagick 7.0.6-10, an integer overflow might occur for the addition operation "GetQuantumRange(depth)+1" when "depth" is large, producing a smaller value than expected. As a result, an infinite loop would occur for a crafted TXT file that claims a very large "max_value" value. CVE-2017-14173 openSUSE Leap 42.2:ImageMagick-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-devel-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-doc-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-extra-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-6_Q16-3-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-6_Q16-3-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-devel-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickCore-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickCore-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickWand-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickWand-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.2:perl-PerlMagick-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-devel-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-doc-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-extra-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-devel-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.3:perl-PerlMagick-6.8.8.1-40.1 low 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-12/msg00087.html https://www.suse.com/security/cve/CVE-2017-14173.html CVE-2017-14173 https://bugzilla.suse.com/1057729 SUSE Bug 1057729 In coders/xbm.c in ImageMagick 7.0.6-1 Q16, a DoS in ReadXBMImage() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted XBM file, which claims large rows and columns fields in the header but does not contain sufficient backing data, is provided, the loop over the rows would consume huge CPU resources, since there is no EOF check inside the loop. CVE-2017-14175 openSUSE Leap 42.2:ImageMagick-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-devel-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-doc-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-extra-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-6_Q16-3-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-6_Q16-3-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-devel-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickCore-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickCore-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickWand-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickWand-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.2:perl-PerlMagick-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-devel-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-doc-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-extra-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-devel-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.3:perl-PerlMagick-6.8.8.1-40.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-12/msg00087.html https://www.suse.com/security/cve/CVE-2017-14175.html CVE-2017-14175 https://bugzilla.suse.com/1056426 SUSE Bug 1056426 https://bugzilla.suse.com/1056429 SUSE Bug 1056429 https://bugzilla.suse.com/1057719 SUSE Bug 1057719 ImageMagick 7.0.6-6 has a large loop vulnerability in ReadWPGImage in coders/wpg.c, causing CPU exhaustion via a crafted wpg image file. CVE-2017-14341 openSUSE Leap 42.2:ImageMagick-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-devel-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-doc-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-extra-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-6_Q16-3-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-6_Q16-3-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-devel-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickCore-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickCore-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickWand-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickWand-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.2:perl-PerlMagick-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-devel-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-doc-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-extra-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-devel-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.3:perl-PerlMagick-6.8.8.1-40.1 low 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-12/msg00087.html https://www.suse.com/security/cve/CVE-2017-14341.html CVE-2017-14341 https://bugzilla.suse.com/1058637 SUSE Bug 1058637 ImageMagick 7.0.6-6 has a memory exhaustion vulnerability in ReadWPGImage in coders/wpg.c via a crafted wpg image file. CVE-2017-14342 openSUSE Leap 42.2:ImageMagick-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-devel-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-doc-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-extra-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-6_Q16-3-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-6_Q16-3-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-devel-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickCore-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickCore-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickWand-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickWand-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.2:perl-PerlMagick-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-devel-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-doc-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-extra-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-devel-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.3:perl-PerlMagick-6.8.8.1-40.1 low 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-12/msg00087.html https://www.suse.com/security/cve/CVE-2017-14342.html CVE-2017-14342 https://bugzilla.suse.com/1058485 SUSE Bug 1058485 ImageMagick 7.0.7-0 has a memory exhaustion issue in ReadSUNImage in coders/sun.c. CVE-2017-14531 openSUSE Leap 42.2:ImageMagick-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-devel-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-doc-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-extra-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-6_Q16-3-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-6_Q16-3-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-devel-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickCore-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickCore-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickWand-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickWand-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.2:perl-PerlMagick-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-devel-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-doc-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-extra-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-devel-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.3:perl-PerlMagick-6.8.8.1-40.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-12/msg00087.html https://www.suse.com/security/cve/CVE-2017-14531.html CVE-2017-14531 https://bugzilla.suse.com/1057508 SUSE Bug 1057508 https://bugzilla.suse.com/1059666 SUSE Bug 1059666 In ImageMagick 7.0.7-4 Q16, an out of bounds read flaw related to ReadTIFFImage has been reported in coders/tiff.c. An attacker could possibly exploit this flaw to disclose potentially sensitive memory or cause an application crash. CVE-2017-14607 openSUSE Leap 42.2:ImageMagick-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-devel-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-doc-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-extra-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-6_Q16-3-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-6_Q16-3-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-devel-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickCore-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickCore-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickWand-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickWand-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.2:perl-PerlMagick-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-devel-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-doc-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-extra-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-devel-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.3:perl-PerlMagick-6.8.8.1-40.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-12/msg00087.html https://www.suse.com/security/cve/CVE-2017-14607.html CVE-2017-14607 https://bugzilla.suse.com/1059778 SUSE Bug 1059778 GetNextToken in MagickCore/token.c in ImageMagick 7.0.6 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted SVG document, a different vulnerability than CVE-2017-10928. CVE-2017-14682 openSUSE Leap 42.2:ImageMagick-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-devel-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-doc-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-extra-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-6_Q16-3-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-6_Q16-3-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-devel-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickCore-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickCore-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickWand-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickWand-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.2:perl-PerlMagick-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-devel-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-doc-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-extra-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-devel-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.3:perl-PerlMagick-6.8.8.1-40.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-12/msg00087.html https://www.suse.com/security/cve/CVE-2017-14682.html CVE-2017-14682 https://bugzilla.suse.com/1047356 SUSE Bug 1047356 https://bugzilla.suse.com/1060176 SUSE Bug 1060176 ReadRLEImage in coders/rle.c in GraphicsMagick 1.3.26 mishandles RLE headers that specify too few colors, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file. CVE-2017-14733 openSUSE Leap 42.2:ImageMagick-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-devel-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-doc-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-extra-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-6_Q16-3-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-6_Q16-3-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-devel-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickCore-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickCore-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickWand-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickWand-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.2:perl-PerlMagick-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-devel-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-doc-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-extra-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-devel-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.3:perl-PerlMagick-6.8.8.1-40.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-12/msg00087.html https://www.suse.com/security/cve/CVE-2017-14733.html CVE-2017-14733 https://bugzilla.suse.com/1060577 SUSE Bug 1060577 A use-after-free in RenderFreetype in MagickCore/annotate.c in ImageMagick 7.0.7-4 Q16 allows attackers to crash the application via a crafted font file, because the FT_Done_Glyph function (from FreeType 2) is called at an incorrect place in the ImageMagick code. CVE-2017-14989 openSUSE Leap 42.2:ImageMagick-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-devel-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-doc-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-extra-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-6_Q16-3-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-6_Q16-3-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-devel-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickCore-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickCore-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickWand-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickWand-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.2:perl-PerlMagick-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-devel-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-doc-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-extra-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-devel-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.3:perl-PerlMagick-6.8.8.1-40.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-12/msg00087.html https://www.suse.com/security/cve/CVE-2017-14989.html CVE-2017-14989 https://bugzilla.suse.com/1061254 SUSE Bug 1061254 ImageMagick 7.0.7-2 has a memory leak in ReadSGIImage in coders/sgi.c. CVE-2017-15217 openSUSE Leap 42.2:ImageMagick-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-devel-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-doc-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-extra-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-6_Q16-3-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-6_Q16-3-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-devel-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickCore-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickCore-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickWand-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickWand-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.2:perl-PerlMagick-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-devel-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-doc-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-extra-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-devel-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.3:perl-PerlMagick-6.8.8.1-40.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-12/msg00087.html https://www.suse.com/security/cve/CVE-2017-15217.html CVE-2017-15217 https://bugzilla.suse.com/1062750 SUSE Bug 1062750 In ReadOneJNGImage in coders/png.c in GraphicsMagick 1.3.26, a Null Pointer Dereference occurs while transferring JPEG scanlines, related to a PixelPacket pointer. CVE-2017-15930 openSUSE Leap 42.2:ImageMagick-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-devel-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-doc-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-extra-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-6_Q16-3-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-6_Q16-3-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-devel-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickCore-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickCore-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickWand-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickWand-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.2:perl-PerlMagick-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-devel-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-doc-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-extra-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-devel-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.3:perl-PerlMagick-6.8.8.1-40.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-12/msg00087.html https://www.suse.com/security/cve/CVE-2017-15930.html CVE-2017-15930 https://bugzilla.suse.com/1066003 SUSE Bug 1066003 The ReadWPGImage function in coders/wpg.c in GraphicsMagick 1.3.26 does not properly validate colormapped images, which allows remote attackers to cause a denial of service (ImportIndexQuantumType invalid write and application crash) or possibly have unspecified other impact via a malformed WPG image. CVE-2017-16545 openSUSE Leap 42.2:ImageMagick-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-devel-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-doc-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-extra-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-6_Q16-3-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-6_Q16-3-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-devel-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickCore-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickCore-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickWand-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickWand-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.2:perl-PerlMagick-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-devel-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-doc-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-extra-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-devel-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.3:perl-PerlMagick-6.8.8.1-40.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-12/msg00087.html https://www.suse.com/security/cve/CVE-2017-16545.html CVE-2017-16545 https://bugzilla.suse.com/1067184 SUSE Bug 1067184 The ReadWPGImage function in coders/wpg.c in ImageMagick 7.0.7-9 does not properly validate the colormap index in a WPG palette, which allows remote attackers to cause a denial of service (use of uninitialized data or invalid memory allocation) or possibly have unspecified other impact via a malformed WPG file. CVE-2017-16546 openSUSE Leap 42.2:ImageMagick-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-devel-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-doc-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-extra-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-6_Q16-3-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-6_Q16-3-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-devel-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickCore-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickCore-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickWand-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickWand-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.2:perl-PerlMagick-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-devel-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-doc-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-extra-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-devel-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.3:perl-PerlMagick-6.8.8.1-40.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-12/msg00087.html https://www.suse.com/security/cve/CVE-2017-16546.html CVE-2017-16546 https://bugzilla.suse.com/1067181 SUSE Bug 1067181 coders/wpg.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted file, related to the AcquireCacheNexus function in magick/pixel_cache.c. CVE-2017-16669 openSUSE Leap 42.2:ImageMagick-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-devel-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-doc-6.8.8.1-40.1 openSUSE Leap 42.2:ImageMagick-extra-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-6_Q16-3-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-6_Q16-3-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagick++-devel-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickCore-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickCore-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickWand-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.2:libMagickWand-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.2:perl-PerlMagick-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-devel-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-doc-6.8.8.1-40.1 openSUSE Leap 42.3:ImageMagick-extra-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-devel-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagick++-devel-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-32bit-6.8.8.1-40.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-6.8.8.1-40.1 openSUSE Leap 42.3:perl-PerlMagick-6.8.8.1-40.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-12/msg00087.html https://www.suse.com/security/cve/CVE-2017-16669.html CVE-2017-16669 https://bugzilla.suse.com/1067409 SUSE Bug 1067409 https://bugzilla.suse.com/1072898 SUSE Bug 1072898