Security update for ImageMagick SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2018:0621-1 Final 1 1 2018-03-06T19:30:24Z current 2018-03-06T19:30:24Z 2018-03-06T19:30:24Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for ImageMagick This update for ImageMagick fixes the following issues: - CVE-2017-9405: A memory leak in the ReadICONImage function was fixed that could lead to DoS via memory exhaustion (bsc#1042911) - CVE-2017-9407: In ImageMagick, the ReadPALMImage function in palm.c allowed attackers to cause a denial of service (memory leak) via a crafted file. (bsc#1042824) - CVE-2017-11166: In ReadXWDImage in coders\xwd.c a memoryleak could have caused memory exhaustion via a crafted length (bsc#1048110) - CVE-2017-11170: ReadTGAImage in coders\tga.c allowed for memory exhaustion via invalid colors data in the header of a TGA or VST file (bsc#1048272) - CVE-2017-11448: The ReadJPEGImage function in coders/jpeg.c in ImageMagick allowed remote attackers to obtain sensitive information from uninitialized memory locations via a crafted file. (bsc#1049375) - CVE-2017-11450: A remote denial of service in coders/jpeg.c was fixed (bsc#1049374) - CVE-2017-11528: ReadDIBImage in coders/dib.c allows remote attackers to cause DoS via memory exhaustion (bsc#1050119) - CVE-2017-11530: ReadEPTImage in coders/ept.c allows remote attackers to cause DoS via memory exhaustion (bsc#1050122) - CVE-2017-11531: When ImageMagick processed a crafted file in convert, it could lead to a Memory Leak in the WriteHISTOGRAMImage() function in coders/histogram.c. (bsc#1050126) - CVE-2017-11533: A information leak by 1 byte due to heap-based buffer over-read in the WriteUILImage() in coders/uil.c was fixed (bsc#1050132) - CVE-2017-11537: When ImageMagick processed a crafted file in convert, it can lead to a Floating Point Exception (FPE) in the WritePALMImage() function in coders/palm.c, related to an incorrect bits-per-pixel calculation. (bsc#1050048) - CVE-2017-11638, CVE-2017-11642: A NULL pointer dereference in theWriteMAPImage() in coders/map.c was fixed which could lead to a crash (bsc#1050617) - CVE-2017-12418: ImageMagick had memory leaks in the parse8BIMW and format8BIM functions in coders/meta.c, related to the WriteImage function in MagickCore/constitute.c. (bsc#1052207) - CVE-2017-12427: ProcessMSLScript coders/msl.c allowed remote attackers to cause a DoS (bsc#1052248) - CVE-2017-12429: A memory exhaustion flaw in ReadMIFFImage in coders/miff.c was fixed, which allowed attackers to cause DoS (bsc#1052251) - CVE-2017-12432: In ImageMagick, a memory exhaustion vulnerability was found in the function ReadPCXImage in coders/pcx.c, which allowed attackers to cause a denial of service. (bsc#1052254) - CVE-2017-12566: A memory leak in ReadMVGImage in coders/mvg.c, could have allowed attackers to cause DoS (bsc#1052472) - CVE-2017-12654: The ReadPICTImage function in coders/pict.c in ImageMagick allowed attackers to cause a denial of service (memory leak) via a crafted file. (bsc#1052761) - CVE-2017-12663: A memory leak in WriteMAPImage in coders/map.c was fixed that could lead to a DoS via memory exhaustion (bsc#1052754) - CVE-2017-12664: ImageMagick had a memory leak vulnerability in WritePALMImage in coders/palm.c. (bsc#1052750) - CVE-2017-12665: ImageMagick had a memory leak vulnerability in WritePICTImage in coders/pict.c. (bsc#1052747) - CVE-2017-12668: ImageMagick had a memory leak vulnerability in WritePCXImage in coders/pcx.c. (bsc#1052688) - CVE-2017-12674: A CPU exhaustion in ReadPDBImage in coders/pdb.c was fixed, which allowed attackers to cause DoS (bsc#1052711) - CVE-2017-13058: In ImageMagick, a memory leak vulnerability was found in the function WritePCXImage in coders/pcx.c, which allowed attackers to cause a denial of service via a crafted file. (bsc#1055069) - CVE-2017-13131: A memory leak vulnerability was found in thefunction ReadMIFFImage in coders/miff.c, which allowed attackers tocause a denial of service (memory consumption in NewL (bsc#1055229) - CVE-2017-14060: A NULL Pointer Dereference issue in the ReadCUTImage function in coders/cut.c was fixed that could have caused a Denial of Service (bsc#1056768) - CVE-2017-14139: A memory leak vulnerability in WriteMSLImage in coders/msl.c was fixed. (bsc#1057163) - CVE-2017-14224: A heap-based buffer overflow in WritePCXImage in coders/pcx.c could lead to denial of service or code execution. (bsc#1058009) - CVE-2017-17682: A large loop vulnerability was fixed in ExtractPostscript in coders/wpg.c, which allowed attackers to cause a denial of service (CPU exhaustion) (bsc#1072898) - CVE-2017-17885: In ImageMagick, a memory leak vulnerability was found in the function ReadPICTImage in coders/pict.c, which allowed attackers to cause a denial of service via a crafted PICT image file. (bsc#1074119) - CVE-2017-17934: A memory leak in the function MSLPopImage and ProcessMSLScript could have lead to a denial of service (bsc#1074170) - CVE-2017-18028: A memory exhaustion in the function ReadTIFFImage in coders/tiff.c was fixed. (bsc#1076182) - CVE-2018-5357: ImageMagick had memory leaks in the ReadDCMImage function in coders/dcm.c. (bsc#1075821) - CVE-2018-6405: In the ReadDCMImage function in coders/dcm.c in ImageMagick, each redmap, greenmap, and bluemap variable can be overwritten by a new pointer. The previous pointer is lost, which leads to a memory leak. This allowed remote attackers to cause a denial of service. (bsc#1078433) This update was imported from the SUSE:SLE-12:Update update project. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/opensuse-updates/2018-03/msg00015.html E-Mail link for openSUSE-SU-2018:0621-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE Leap 42.3 ImageMagick-6.8.8.1-55.1 ImageMagick-devel-6.8.8.1-55.1 ImageMagick-devel-32bit-6.8.8.1-55.1 ImageMagick-doc-6.8.8.1-55.1 ImageMagick-extra-6.8.8.1-55.1 libMagick++-6_Q16-3-6.8.8.1-55.1 libMagick++-6_Q16-3-32bit-6.8.8.1-55.1 libMagick++-devel-6.8.8.1-55.1 libMagick++-devel-32bit-6.8.8.1-55.1 libMagickCore-6_Q16-1-6.8.8.1-55.1 libMagickCore-6_Q16-1-32bit-6.8.8.1-55.1 libMagickWand-6_Q16-1-6.8.8.1-55.1 libMagickWand-6_Q16-1-32bit-6.8.8.1-55.1 perl-PerlMagick-6.8.8.1-55.1 ImageMagick-6.8.8.1-55.1 as a component of openSUSE Leap 42.3 ImageMagick-devel-6.8.8.1-55.1 as a component of openSUSE Leap 42.3 ImageMagick-devel-32bit-6.8.8.1-55.1 as a component of openSUSE Leap 42.3 ImageMagick-doc-6.8.8.1-55.1 as a component of openSUSE Leap 42.3 ImageMagick-extra-6.8.8.1-55.1 as a component of openSUSE Leap 42.3 libMagick++-6_Q16-3-6.8.8.1-55.1 as a component of openSUSE Leap 42.3 libMagick++-6_Q16-3-32bit-6.8.8.1-55.1 as a component of openSUSE Leap 42.3 libMagick++-devel-6.8.8.1-55.1 as a component of openSUSE Leap 42.3 libMagick++-devel-32bit-6.8.8.1-55.1 as a component of openSUSE Leap 42.3 libMagickCore-6_Q16-1-6.8.8.1-55.1 as a component of openSUSE Leap 42.3 libMagickCore-6_Q16-1-32bit-6.8.8.1-55.1 as a component of openSUSE Leap 42.3 libMagickWand-6_Q16-1-6.8.8.1-55.1 as a component of openSUSE Leap 42.3 libMagickWand-6_Q16-1-32bit-6.8.8.1-55.1 as a component of openSUSE Leap 42.3 perl-PerlMagick-6.8.8.1-55.1 as a component of openSUSE Leap 42.3 The ReadXWDImage function in coders\xwd.c in ImageMagick 7.0.5-6 has a memory leak vulnerability that can cause memory exhaustion via a crafted length (number of color-map entries) field in the header of an XWD file. CVE-2017-11166 openSUSE Leap 42.3:ImageMagick-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-devel-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-devel-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-doc-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-extra-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-devel-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-devel-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-6.8.8.1-55.1 openSUSE Leap 42.3:perl-PerlMagick-6.8.8.1-55.1 moderate 7.8 AV:N/AC:L/Au:N/C:N/I:N/A:C Please Install the update. https://lists.opensuse.org/opensuse-updates/2018-03/msg00015.html https://www.suse.com/security/cve/CVE-2017-11166.html CVE-2017-11166 https://bugzilla.suse.com/1048110 SUSE Bug 1048110 The ReadTGAImage function in coders\tga.c in ImageMagick 7.0.5-6 has a memory leak vulnerability that can cause memory exhaustion via invalid colors data in the header of a TGA or VST file. CVE-2017-11170 openSUSE Leap 42.3:ImageMagick-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-devel-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-devel-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-doc-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-extra-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-devel-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-devel-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-6.8.8.1-55.1 openSUSE Leap 42.3:perl-PerlMagick-6.8.8.1-55.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2018-03/msg00015.html https://www.suse.com/security/cve/CVE-2017-11170.html CVE-2017-11170 https://bugzilla.suse.com/1048110 SUSE Bug 1048110 https://bugzilla.suse.com/1048272 SUSE Bug 1048272 The ReadJPEGImage function in coders/jpeg.c in ImageMagick before 7.0.6-1 allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted file. CVE-2017-11448 openSUSE Leap 42.3:ImageMagick-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-devel-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-devel-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-doc-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-extra-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-devel-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-devel-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-6.8.8.1-55.1 openSUSE Leap 42.3:perl-PerlMagick-6.8.8.1-55.1 moderate 4.3 AV:N/AC:M/Au:N/C:P/I:N/A:N Please Install the update. https://lists.opensuse.org/opensuse-updates/2018-03/msg00015.html https://www.suse.com/security/cve/CVE-2017-11448.html CVE-2017-11448 https://bugzilla.suse.com/1049375 SUSE Bug 1049375 coders/jpeg.c in ImageMagick before 7.0.6-1 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via JPEG data that is too short. CVE-2017-11450 openSUSE Leap 42.3:ImageMagick-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-devel-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-devel-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-doc-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-extra-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-devel-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-devel-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-6.8.8.1-55.1 openSUSE Leap 42.3:perl-PerlMagick-6.8.8.1-55.1 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2018-03/msg00015.html https://www.suse.com/security/cve/CVE-2017-11450.html CVE-2017-11450 https://bugzilla.suse.com/1049374 SUSE Bug 1049374 The ReadDIBImage function in coders/dib.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory leak) via a crafted file. CVE-2017-11528 openSUSE Leap 42.3:ImageMagick-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-devel-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-devel-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-doc-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-extra-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-devel-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-devel-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-6.8.8.1-55.1 openSUSE Leap 42.3:perl-PerlMagick-6.8.8.1-55.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2018-03/msg00015.html https://www.suse.com/security/cve/CVE-2017-11528.html CVE-2017-11528 https://bugzilla.suse.com/1050119 SUSE Bug 1050119 The ReadEPTImage function in coders/ept.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory consumption) via a crafted file. CVE-2017-11530 openSUSE Leap 42.3:ImageMagick-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-devel-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-devel-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-doc-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-extra-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-devel-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-devel-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-6.8.8.1-55.1 openSUSE Leap 42.3:perl-PerlMagick-6.8.8.1-55.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2018-03/msg00015.html https://www.suse.com/security/cve/CVE-2017-11530.html CVE-2017-11530 https://bugzilla.suse.com/1050122 SUSE Bug 1050122 When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the WriteHISTOGRAMImage() function in coders/histogram.c. CVE-2017-11531 openSUSE Leap 42.3:ImageMagick-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-devel-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-devel-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-doc-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-extra-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-devel-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-devel-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-6.8.8.1-55.1 openSUSE Leap 42.3:perl-PerlMagick-6.8.8.1-55.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2018-03/msg00015.html https://www.suse.com/security/cve/CVE-2017-11531.html CVE-2017-11531 https://bugzilla.suse.com/1050126 SUSE Bug 1050126 When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a heap-based buffer over-read in the WriteUILImage() function in coders/uil.c. CVE-2017-11533 openSUSE Leap 42.3:ImageMagick-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-devel-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-devel-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-doc-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-extra-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-devel-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-devel-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-6.8.8.1-55.1 openSUSE Leap 42.3:perl-PerlMagick-6.8.8.1-55.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2018-03/msg00015.html https://www.suse.com/security/cve/CVE-2017-11533.html CVE-2017-11533 https://bugzilla.suse.com/1050132 SUSE Bug 1050132 When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Floating Point Exception (FPE) in the WritePALMImage() function in coders/palm.c, related to an incorrect bits-per-pixel calculation. CVE-2017-11537 openSUSE Leap 42.3:ImageMagick-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-devel-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-devel-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-doc-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-extra-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-devel-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-devel-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-6.8.8.1-55.1 openSUSE Leap 42.3:perl-PerlMagick-6.8.8.1-55.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2018-03/msg00015.html https://www.suse.com/security/cve/CVE-2017-11537.html CVE-2017-11537 https://bugzilla.suse.com/1050048 SUSE Bug 1050048 GraphicsMagick 1.3.26 has a segmentation violation in the WriteMAPImage() function in coders/map.c when processing a non-colormapped image, a different vulnerability than CVE-2017-11642. CVE-2017-11638 openSUSE Leap 42.3:ImageMagick-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-devel-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-devel-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-doc-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-extra-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-devel-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-devel-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-6.8.8.1-55.1 openSUSE Leap 42.3:perl-PerlMagick-6.8.8.1-55.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2018-03/msg00015.html https://www.suse.com/security/cve/CVE-2017-11638.html CVE-2017-11638 https://bugzilla.suse.com/1050617 SUSE Bug 1050617 GraphicsMagick 1.3.26 has a NULL pointer dereference in the WriteMAPImage() function in coders/map.c when processing a non-colormapped image, a different vulnerability than CVE-2017-11638. CVE-2017-11642 openSUSE Leap 42.3:ImageMagick-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-devel-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-devel-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-doc-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-extra-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-devel-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-devel-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-6.8.8.1-55.1 openSUSE Leap 42.3:perl-PerlMagick-6.8.8.1-55.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2018-03/msg00015.html https://www.suse.com/security/cve/CVE-2017-11642.html CVE-2017-11642 https://bugzilla.suse.com/1050617 SUSE Bug 1050617 ImageMagick 7.0.6-5 has memory leaks in the parse8BIMW and format8BIM functions in coders/meta.c, related to the WriteImage function in MagickCore/constitute.c. CVE-2017-12418 openSUSE Leap 42.3:ImageMagick-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-devel-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-devel-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-doc-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-extra-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-devel-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-devel-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-6.8.8.1-55.1 openSUSE Leap 42.3:perl-PerlMagick-6.8.8.1-55.1 low 2.6 AV:N/AC:H/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2018-03/msg00015.html https://www.suse.com/security/cve/CVE-2017-12418.html CVE-2017-12418 https://bugzilla.suse.com/1052207 SUSE Bug 1052207 The ProcessMSLScript function in coders/msl.c in ImageMagick before 6.9.9-5 and 7.x before 7.0.6-5 allows remote attackers to cause a denial of service (memory leak) via a crafted file, related to the WriteMSLImage function. CVE-2017-12427 openSUSE Leap 42.3:ImageMagick-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-devel-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-devel-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-doc-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-extra-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-devel-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-devel-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-6.8.8.1-55.1 openSUSE Leap 42.3:perl-PerlMagick-6.8.8.1-55.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2018-03/msg00015.html https://www.suse.com/security/cve/CVE-2017-12427.html CVE-2017-12427 https://bugzilla.suse.com/1052248 SUSE Bug 1052248 In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in the function ReadMIFFImage in coders/miff.c, which allows attackers to cause a denial of service. CVE-2017-12429 openSUSE Leap 42.3:ImageMagick-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-devel-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-devel-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-doc-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-extra-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-devel-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-devel-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-6.8.8.1-55.1 openSUSE Leap 42.3:perl-PerlMagick-6.8.8.1-55.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2018-03/msg00015.html https://www.suse.com/security/cve/CVE-2017-12429.html CVE-2017-12429 https://bugzilla.suse.com/1052251 SUSE Bug 1052251 In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in the function ReadPCXImage in coders/pcx.c, which allows attackers to cause a denial of service. CVE-2017-12432 openSUSE Leap 42.3:ImageMagick-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-devel-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-devel-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-doc-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-extra-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-devel-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-devel-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-6.8.8.1-55.1 openSUSE Leap 42.3:perl-PerlMagick-6.8.8.1-55.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2018-03/msg00015.html https://www.suse.com/security/cve/CVE-2017-12432.html CVE-2017-12432 https://bugzilla.suse.com/1052254 SUSE Bug 1052254 In ImageMagick 7.0.6-2, a memory leak vulnerability was found in the function ReadMVGImage in coders/mvg.c, which allows attackers to cause a denial of service, related to the function ReadSVGImage in svg.c. CVE-2017-12566 openSUSE Leap 42.3:ImageMagick-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-devel-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-devel-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-doc-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-extra-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-devel-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-devel-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-6.8.8.1-55.1 openSUSE Leap 42.3:perl-PerlMagick-6.8.8.1-55.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2018-03/msg00015.html https://www.suse.com/security/cve/CVE-2017-12566.html CVE-2017-12566 https://bugzilla.suse.com/1052472 SUSE Bug 1052472 The ReadPICTImage function in coders/pict.c in ImageMagick 7.0.6-3 allows attackers to cause a denial of service (memory leak) via a crafted file. CVE-2017-12654 openSUSE Leap 42.3:ImageMagick-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-devel-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-devel-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-doc-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-extra-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-devel-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-devel-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-6.8.8.1-55.1 openSUSE Leap 42.3:perl-PerlMagick-6.8.8.1-55.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2018-03/msg00015.html https://www.suse.com/security/cve/CVE-2017-12654.html CVE-2017-12654 https://bugzilla.suse.com/1052761 SUSE Bug 1052761 https://bugzilla.suse.com/1074119 SUSE Bug 1074119 ImageMagick 7.0.6-2 has a memory leak vulnerability in WriteMAPImage in coders/map.c. CVE-2017-12663 openSUSE Leap 42.3:ImageMagick-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-devel-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-devel-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-doc-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-extra-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-devel-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-devel-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-6.8.8.1-55.1 openSUSE Leap 42.3:perl-PerlMagick-6.8.8.1-55.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2018-03/msg00015.html https://www.suse.com/security/cve/CVE-2017-12663.html CVE-2017-12663 https://bugzilla.suse.com/1052754 SUSE Bug 1052754 ImageMagick 7.0.6-2 has a memory leak vulnerability in WritePALMImage in coders/palm.c. CVE-2017-12664 openSUSE Leap 42.3:ImageMagick-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-devel-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-devel-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-doc-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-extra-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-devel-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-devel-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-6.8.8.1-55.1 openSUSE Leap 42.3:perl-PerlMagick-6.8.8.1-55.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2018-03/msg00015.html https://www.suse.com/security/cve/CVE-2017-12664.html CVE-2017-12664 https://bugzilla.suse.com/1052750 SUSE Bug 1052750 ImageMagick 7.0.6-2 has a memory leak vulnerability in WritePICTImage in coders/pict.c. CVE-2017-12665 openSUSE Leap 42.3:ImageMagick-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-devel-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-devel-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-doc-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-extra-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-devel-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-devel-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-6.8.8.1-55.1 openSUSE Leap 42.3:perl-PerlMagick-6.8.8.1-55.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2018-03/msg00015.html https://www.suse.com/security/cve/CVE-2017-12665.html CVE-2017-12665 https://bugzilla.suse.com/1052747 SUSE Bug 1052747 ImageMagick 7.0.6-2 has a memory leak vulnerability in WritePCXImage in coders/pcx.c. CVE-2017-12668 openSUSE Leap 42.3:ImageMagick-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-devel-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-devel-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-doc-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-extra-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-devel-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-devel-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-6.8.8.1-55.1 openSUSE Leap 42.3:perl-PerlMagick-6.8.8.1-55.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2018-03/msg00015.html https://www.suse.com/security/cve/CVE-2017-12668.html CVE-2017-12668 https://bugzilla.suse.com/1052688 SUSE Bug 1052688 In ImageMagick 7.0.6-2, a CPU exhaustion vulnerability was found in the function ReadPDBImage in coders/pdb.c, which allows attackers to cause a denial of service. CVE-2017-12674 openSUSE Leap 42.3:ImageMagick-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-devel-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-devel-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-doc-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-extra-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-devel-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-devel-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-6.8.8.1-55.1 openSUSE Leap 42.3:perl-PerlMagick-6.8.8.1-55.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2018-03/msg00015.html https://www.suse.com/security/cve/CVE-2017-12674.html CVE-2017-12674 https://bugzilla.suse.com/1052711 SUSE Bug 1052711 In ImageMagick 7.0.6-6, a memory leak vulnerability was found in the function WritePCXImage in coders/pcx.c, which allows attackers to cause a denial of service via a crafted file. CVE-2017-13058 openSUSE Leap 42.3:ImageMagick-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-devel-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-devel-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-doc-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-extra-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-devel-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-devel-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-6.8.8.1-55.1 openSUSE Leap 42.3:perl-PerlMagick-6.8.8.1-55.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2018-03/msg00015.html https://www.suse.com/security/cve/CVE-2017-13058.html CVE-2017-13058 https://bugzilla.suse.com/1055069 SUSE Bug 1055069 https://bugzilla.suse.com/1111072 SUSE Bug 1111072 https://bugzilla.suse.com/1117463 SUSE Bug 1117463 In ImageMagick 7.0.6-8, a memory leak vulnerability was found in the function ReadMIFFImage in coders/miff.c, which allows attackers to cause a denial of service (memory consumption in NewLinkedList in MagickCore/linked-list.c) via a crafted file. CVE-2017-13131 openSUSE Leap 42.3:ImageMagick-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-devel-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-devel-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-doc-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-extra-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-devel-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-devel-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-6.8.8.1-55.1 openSUSE Leap 42.3:perl-PerlMagick-6.8.8.1-55.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2018-03/msg00015.html https://www.suse.com/security/cve/CVE-2017-13131.html CVE-2017-13131 https://bugzilla.suse.com/1055229 SUSE Bug 1055229 In ImageMagick 7.0.6-10, a NULL Pointer Dereference issue is present in the ReadCUTImage function in coders/cut.c that could allow an attacker to cause a Denial of Service (in the QueueAuthenticPixelCacheNexus function within the MagickCore/cache.c file) by submitting a malformed image file. CVE-2017-14060 openSUSE Leap 42.3:ImageMagick-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-devel-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-devel-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-doc-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-extra-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-devel-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-devel-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-6.8.8.1-55.1 openSUSE Leap 42.3:perl-PerlMagick-6.8.8.1-55.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2018-03/msg00015.html https://www.suse.com/security/cve/CVE-2017-14060.html CVE-2017-14060 https://bugzilla.suse.com/1056768 SUSE Bug 1056768 ImageMagick 7.0.6-2 has a memory leak vulnerability in WriteMSLImage in coders/msl.c. CVE-2017-14139 openSUSE Leap 42.3:ImageMagick-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-devel-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-devel-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-doc-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-extra-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-devel-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-devel-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-6.8.8.1-55.1 openSUSE Leap 42.3:perl-PerlMagick-6.8.8.1-55.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2018-03/msg00015.html https://www.suse.com/security/cve/CVE-2017-14139.html CVE-2017-14139 https://bugzilla.suse.com/1057163 SUSE Bug 1057163 A heap-based buffer overflow in WritePCXImage in coders/pcx.c in ImageMagick 7.0.6-8 Q16 allows remote attackers to cause a denial of service or code execution via a crafted file. CVE-2017-14224 openSUSE Leap 42.3:ImageMagick-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-devel-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-devel-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-doc-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-extra-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-devel-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-devel-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-6.8.8.1-55.1 openSUSE Leap 42.3:perl-PerlMagick-6.8.8.1-55.1 low Please Install the update. https://lists.opensuse.org/opensuse-updates/2018-03/msg00015.html https://www.suse.com/security/cve/CVE-2017-14224.html CVE-2017-14224 https://bugzilla.suse.com/1058009 SUSE Bug 1058009 In ImageMagick 7.0.7-12 Q16, a large loop vulnerability was found in the function ExtractPostscript in coders/wpg.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted wpg image file that triggers a ReadWPGImage call. CVE-2017-17682 openSUSE Leap 42.3:ImageMagick-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-devel-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-devel-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-doc-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-extra-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-devel-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-devel-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-6.8.8.1-55.1 openSUSE Leap 42.3:perl-PerlMagick-6.8.8.1-55.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2018-03/msg00015.html https://www.suse.com/security/cve/CVE-2017-17682.html CVE-2017-17682 https://bugzilla.suse.com/1072898 SUSE Bug 1072898 In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadPICTImage in coders/pict.c, which allows attackers to cause a denial of service via a crafted PICT image file. CVE-2017-17885 openSUSE Leap 42.3:ImageMagick-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-devel-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-devel-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-doc-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-extra-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-devel-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-devel-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-6.8.8.1-55.1 openSUSE Leap 42.3:perl-PerlMagick-6.8.8.1-55.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2018-03/msg00015.html https://www.suse.com/security/cve/CVE-2017-17885.html CVE-2017-17885 https://bugzilla.suse.com/1074119 SUSE Bug 1074119 ImageMagick 7.0.7-17 Q16 x86_64 has memory leaks in coders/msl.c, related to MSLPopImage and ProcessMSLScript, and associated with mishandling of MSLPushImage calls. CVE-2017-17934 openSUSE Leap 42.3:ImageMagick-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-devel-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-devel-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-doc-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-extra-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-devel-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-devel-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-6.8.8.1-55.1 openSUSE Leap 42.3:perl-PerlMagick-6.8.8.1-55.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2018-03/msg00015.html https://www.suse.com/security/cve/CVE-2017-17934.html CVE-2017-17934 https://bugzilla.suse.com/1074170 SUSE Bug 1074170 In ImageMagick 7.0.7-1 Q16, a memory exhaustion vulnerability was found in the function ReadTIFFImage in coders/tiff.c, which allow remote attackers to cause a denial of service via a crafted file. CVE-2017-18028 openSUSE Leap 42.3:ImageMagick-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-devel-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-devel-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-doc-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-extra-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-devel-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-devel-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-6.8.8.1-55.1 openSUSE Leap 42.3:perl-PerlMagick-6.8.8.1-55.1 low Please Install the update. https://lists.opensuse.org/opensuse-updates/2018-03/msg00015.html https://www.suse.com/security/cve/CVE-2017-18028.html CVE-2017-18028 https://bugzilla.suse.com/1076182 SUSE Bug 1076182 https://bugzilla.suse.com/1082792 SUSE Bug 1082792 https://bugzilla.suse.com/1085236 SUSE Bug 1085236 In ImageMagick 7.0.5-5, the ReadICONImage function in icon.c:452 allows attackers to cause a denial of service (memory leak) via a crafted file. CVE-2017-9405 openSUSE Leap 42.3:ImageMagick-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-devel-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-devel-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-doc-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-extra-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-devel-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-devel-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-6.8.8.1-55.1 openSUSE Leap 42.3:perl-PerlMagick-6.8.8.1-55.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2018-03/msg00015.html https://www.suse.com/security/cve/CVE-2017-9405.html CVE-2017-9405 https://bugzilla.suse.com/1042911 SUSE Bug 1042911 In ImageMagick 7.0.5-5, the ReadPALMImage function in palm.c allows attackers to cause a denial of service (memory leak) via a crafted file. CVE-2017-9407 openSUSE Leap 42.3:ImageMagick-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-devel-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-devel-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-doc-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-extra-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-devel-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-devel-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-6.8.8.1-55.1 openSUSE Leap 42.3:perl-PerlMagick-6.8.8.1-55.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2018-03/msg00015.html https://www.suse.com/security/cve/CVE-2017-9407.html CVE-2017-9407 https://bugzilla.suse.com/1042824 SUSE Bug 1042824 ImageMagick 7.0.7-22 Q16 has memory leaks in the ReadDCMImage function in coders/dcm.c. CVE-2018-5357 openSUSE Leap 42.3:ImageMagick-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-devel-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-devel-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-doc-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-extra-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-devel-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-devel-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-6.8.8.1-55.1 openSUSE Leap 42.3:perl-PerlMagick-6.8.8.1-55.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2018-03/msg00015.html https://www.suse.com/security/cve/CVE-2018-5357.html CVE-2018-5357 https://bugzilla.suse.com/1075821 SUSE Bug 1075821 https://bugzilla.suse.com/1095726 SUSE Bug 1095726 In the ReadDCMImage function in coders/dcm.c in ImageMagick before 7.0.7-23, each redmap, greenmap, and bluemap variable can be overwritten by a new pointer. The previous pointer is lost, which leads to a memory leak. This allows remote attackers to cause a denial of service. CVE-2018-6405 openSUSE Leap 42.3:ImageMagick-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-devel-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-devel-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-doc-6.8.8.1-55.1 openSUSE Leap 42.3:ImageMagick-extra-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-6_Q16-3-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-devel-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagick++-devel-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickCore-6_Q16-1-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-32bit-6.8.8.1-55.1 openSUSE Leap 42.3:libMagickWand-6_Q16-1-6.8.8.1-55.1 openSUSE Leap 42.3:perl-PerlMagick-6.8.8.1-55.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2018-03/msg00015.html https://www.suse.com/security/cve/CVE-2018-6405.html CVE-2018-6405 https://bugzilla.suse.com/1078433 SUSE Bug 1078433 https://bugzilla.suse.com/1095726 SUSE Bug 1095726