Security update for ImageMagick SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2018:3014-1 Final 1 1 2018-10-05T07:04:14Z current 2018-10-05T07:04:14Z 2018-10-05T07:04:14Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for ImageMagick This update for ImageMagick fixes the following security issues: - CVE-2018-16413: Prevent heap-based buffer over-read in the PushShortPixel function leading to DoS (bsc#1106989) - CVE-2018-16329: Prevent NULL pointer dereference in the GetMagickProperty function leading to DoS (bsc#1106858). - CVE-2018-16328: Prevent NULL pointer dereference exists in the CheckEventLogging function leading to DoS (bsc#1106857). - CVE-2018-16323: ReadXBMImage left data uninitialized when processing an XBM file that has a negative pixel value. If the affected code was used as a library loaded into a process that includes sensitive information, that information sometimes can be leaked via the image data (bsc#1106855) - CVE-2018-16642: The function InsertRow allowed remote attackers to cause a denial of service via a crafted image file due to an out-of-bounds write (bsc#1107616) - CVE-2018-16640: Prevent memory leak in the function ReadOneJNGImage (bsc#1107619) - CVE-2018-16641: Prevent memory leak in the TIFFWritePhotoshopLayers function (bsc#1107618). - CVE-2018-16643: The functions ReadDCMImage, ReadPWPImage, ReadCALSImage, and ReadPICTImage did check the return value of the fputc function, which allowed remote attackers to cause a denial of service via a crafted image file (bsc#1107612) - CVE-2018-16644: Added missing check for length in the functions ReadDCMImage and ReadPICTImage, which allowed remote attackers to cause a denial of service via a crafted image (bsc#1107609) - CVE-2018-16645: Prevent excessive memory allocation issue in the functions ReadBMPImage and ReadDIBImage, which allowed remote attackers to cause a denial of service via a crafted image file (bsc#1107604) This update was imported from the SUSE:SLE-15:Update update project. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) http://lists.opensuse.org/opensuse-security-announce/2018-10/msg00008.html E-Mail link for openSUSE-SU-2018:3014-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE Leap 15.0 ImageMagick-7.0.7.34-lp150.2.15.1 ImageMagick-devel-7.0.7.34-lp150.2.15.1 ImageMagick-devel-32bit-7.0.7.34-lp150.2.15.1 ImageMagick-doc-7.0.7.34-lp150.2.15.1 ImageMagick-extra-7.0.7.34-lp150.2.15.1 libMagick++-7_Q16HDRI4-7.0.7.34-lp150.2.15.1 libMagick++-7_Q16HDRI4-32bit-7.0.7.34-lp150.2.15.1 libMagick++-devel-7.0.7.34-lp150.2.15.1 libMagick++-devel-32bit-7.0.7.34-lp150.2.15.1 libMagickCore-7_Q16HDRI6-7.0.7.34-lp150.2.15.1 libMagickCore-7_Q16HDRI6-32bit-7.0.7.34-lp150.2.15.1 libMagickWand-7_Q16HDRI6-7.0.7.34-lp150.2.15.1 libMagickWand-7_Q16HDRI6-32bit-7.0.7.34-lp150.2.15.1 perl-PerlMagick-7.0.7.34-lp150.2.15.1 ImageMagick-7.0.7.34-lp150.2.15.1 as a component of openSUSE Leap 15.0 ImageMagick-devel-7.0.7.34-lp150.2.15.1 as a component of openSUSE Leap 15.0 ImageMagick-devel-32bit-7.0.7.34-lp150.2.15.1 as a component of openSUSE Leap 15.0 ImageMagick-doc-7.0.7.34-lp150.2.15.1 as a component of openSUSE Leap 15.0 ImageMagick-extra-7.0.7.34-lp150.2.15.1 as a component of openSUSE Leap 15.0 libMagick++-7_Q16HDRI4-7.0.7.34-lp150.2.15.1 as a component of openSUSE Leap 15.0 libMagick++-7_Q16HDRI4-32bit-7.0.7.34-lp150.2.15.1 as a component of openSUSE Leap 15.0 libMagick++-devel-7.0.7.34-lp150.2.15.1 as a component of openSUSE Leap 15.0 libMagick++-devel-32bit-7.0.7.34-lp150.2.15.1 as a component of openSUSE Leap 15.0 libMagickCore-7_Q16HDRI6-7.0.7.34-lp150.2.15.1 as a component of openSUSE Leap 15.0 libMagickCore-7_Q16HDRI6-32bit-7.0.7.34-lp150.2.15.1 as a component of openSUSE Leap 15.0 libMagickWand-7_Q16HDRI6-7.0.7.34-lp150.2.15.1 as a component of openSUSE Leap 15.0 libMagickWand-7_Q16HDRI6-32bit-7.0.7.34-lp150.2.15.1 as a component of openSUSE Leap 15.0 perl-PerlMagick-7.0.7.34-lp150.2.15.1 as a component of openSUSE Leap 15.0 ReadXBMImage in coders/xbm.c in ImageMagick before 7.0.8-9 leaves data uninitialized when processing an XBM file that has a negative pixel value. If the affected code is used as a library loaded into a process that includes sensitive information, that information sometimes can be leaked via the image data. CVE-2018-16323 openSUSE Leap 15.0:ImageMagick-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:ImageMagick-devel-32bit-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:ImageMagick-devel-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:ImageMagick-doc-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:ImageMagick-extra-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:libMagick++-7_Q16HDRI4-32bit-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:libMagick++-7_Q16HDRI4-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:libMagick++-devel-32bit-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:libMagick++-devel-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:libMagickCore-7_Q16HDRI6-32bit-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:libMagickCore-7_Q16HDRI6-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:libMagickWand-7_Q16HDRI6-32bit-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:libMagickWand-7_Q16HDRI6-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:perl-PerlMagick-7.0.7.34-lp150.2.15.1 moderate Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2018-10/msg00008.html https://www.suse.com/security/cve/CVE-2018-16323.html CVE-2018-16323 https://bugzilla.suse.com/1106855 SUSE Bug 1106855 In ImageMagick before 7.0.8-8, a NULL pointer dereference exists in the CheckEventLogging function in MagickCore/log.c. CVE-2018-16328 openSUSE Leap 15.0:ImageMagick-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:ImageMagick-devel-32bit-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:ImageMagick-devel-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:ImageMagick-doc-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:ImageMagick-extra-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:libMagick++-7_Q16HDRI4-32bit-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:libMagick++-7_Q16HDRI4-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:libMagick++-devel-32bit-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:libMagick++-devel-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:libMagickCore-7_Q16HDRI6-32bit-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:libMagickCore-7_Q16HDRI6-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:libMagickWand-7_Q16HDRI6-32bit-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:libMagickWand-7_Q16HDRI6-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:perl-PerlMagick-7.0.7.34-lp150.2.15.1 moderate Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2018-10/msg00008.html https://www.suse.com/security/cve/CVE-2018-16328.html CVE-2018-16328 https://bugzilla.suse.com/1106857 SUSE Bug 1106857 In ImageMagick before 7.0.8-8, a NULL pointer dereference exists in the GetMagickProperty function in MagickCore/property.c. CVE-2018-16329 openSUSE Leap 15.0:ImageMagick-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:ImageMagick-devel-32bit-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:ImageMagick-devel-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:ImageMagick-doc-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:ImageMagick-extra-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:libMagick++-7_Q16HDRI4-32bit-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:libMagick++-7_Q16HDRI4-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:libMagick++-devel-32bit-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:libMagick++-devel-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:libMagickCore-7_Q16HDRI6-32bit-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:libMagickCore-7_Q16HDRI6-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:libMagickWand-7_Q16HDRI6-32bit-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:libMagickWand-7_Q16HDRI6-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:perl-PerlMagick-7.0.7.34-lp150.2.15.1 moderate Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2018-10/msg00008.html https://www.suse.com/security/cve/CVE-2018-16329.html CVE-2018-16329 https://bugzilla.suse.com/1106858 SUSE Bug 1106858 ImageMagick 7.0.8-11 Q16 has a heap-based buffer over-read in the MagickCore/quantum-private.h PushShortPixel function when called from the coders/psd.c ParseImageResourceBlocks function. CVE-2018-16413 openSUSE Leap 15.0:ImageMagick-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:ImageMagick-devel-32bit-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:ImageMagick-devel-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:ImageMagick-doc-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:ImageMagick-extra-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:libMagick++-7_Q16HDRI4-32bit-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:libMagick++-7_Q16HDRI4-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:libMagick++-devel-32bit-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:libMagick++-devel-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:libMagickCore-7_Q16HDRI6-32bit-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:libMagickCore-7_Q16HDRI6-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:libMagickWand-7_Q16HDRI6-32bit-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:libMagickWand-7_Q16HDRI6-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:perl-PerlMagick-7.0.7.34-lp150.2.15.1 low Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2018-10/msg00008.html https://www.suse.com/security/cve/CVE-2018-16413.html CVE-2018-16413 https://bugzilla.suse.com/1106989 SUSE Bug 1106989 https://bugzilla.suse.com/1106996 SUSE Bug 1106996 ImageMagick 7.0.8-5 has a memory leak vulnerability in the function ReadOneJNGImage in coders/png.c. CVE-2018-16640 openSUSE Leap 15.0:ImageMagick-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:ImageMagick-devel-32bit-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:ImageMagick-devel-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:ImageMagick-doc-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:ImageMagick-extra-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:libMagick++-7_Q16HDRI4-32bit-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:libMagick++-7_Q16HDRI4-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:libMagick++-devel-32bit-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:libMagick++-devel-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:libMagickCore-7_Q16HDRI6-32bit-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:libMagickCore-7_Q16HDRI6-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:libMagickWand-7_Q16HDRI6-32bit-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:libMagickWand-7_Q16HDRI6-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:perl-PerlMagick-7.0.7.34-lp150.2.15.1 low Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2018-10/msg00008.html https://www.suse.com/security/cve/CVE-2018-16640.html CVE-2018-16640 https://bugzilla.suse.com/1107619 SUSE Bug 1107619 ImageMagick 7.0.8-6 has a memory leak vulnerability in the TIFFWritePhotoshopLayers function in coders/tiff.c. CVE-2018-16641 openSUSE Leap 15.0:ImageMagick-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:ImageMagick-devel-32bit-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:ImageMagick-devel-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:ImageMagick-doc-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:ImageMagick-extra-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:libMagick++-7_Q16HDRI4-32bit-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:libMagick++-7_Q16HDRI4-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:libMagick++-devel-32bit-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:libMagick++-devel-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:libMagickCore-7_Q16HDRI6-32bit-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:libMagickCore-7_Q16HDRI6-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:libMagickWand-7_Q16HDRI6-32bit-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:libMagickWand-7_Q16HDRI6-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:perl-PerlMagick-7.0.7.34-lp150.2.15.1 low Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2018-10/msg00008.html https://www.suse.com/security/cve/CVE-2018-16641.html CVE-2018-16641 https://bugzilla.suse.com/1107618 SUSE Bug 1107618 The function InsertRow in coders/cut.c in ImageMagick 7.0.7-37 allows remote attackers to cause a denial of service via a crafted image file due to an out-of-bounds write. CVE-2018-16642 openSUSE Leap 15.0:ImageMagick-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:ImageMagick-devel-32bit-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:ImageMagick-devel-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:ImageMagick-doc-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:ImageMagick-extra-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:libMagick++-7_Q16HDRI4-32bit-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:libMagick++-7_Q16HDRI4-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:libMagick++-devel-32bit-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:libMagick++-devel-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:libMagickCore-7_Q16HDRI6-32bit-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:libMagickCore-7_Q16HDRI6-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:libMagickWand-7_Q16HDRI6-32bit-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:libMagickWand-7_Q16HDRI6-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:perl-PerlMagick-7.0.7.34-lp150.2.15.1 moderate Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2018-10/msg00008.html https://www.suse.com/security/cve/CVE-2018-16642.html CVE-2018-16642 https://bugzilla.suse.com/1107616 SUSE Bug 1107616 The functions ReadDCMImage in coders/dcm.c, ReadPWPImage in coders/pwp.c, ReadCALSImage in coders/cals.c, and ReadPICTImage in coders/pict.c in ImageMagick 7.0.8-4 do not check the return value of the fputc function, which allows remote attackers to cause a denial of service via a crafted image file. CVE-2018-16643 openSUSE Leap 15.0:ImageMagick-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:ImageMagick-devel-32bit-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:ImageMagick-devel-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:ImageMagick-doc-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:ImageMagick-extra-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:libMagick++-7_Q16HDRI4-32bit-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:libMagick++-7_Q16HDRI4-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:libMagick++-devel-32bit-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:libMagick++-devel-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:libMagickCore-7_Q16HDRI6-32bit-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:libMagickCore-7_Q16HDRI6-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:libMagickWand-7_Q16HDRI6-32bit-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:libMagickWand-7_Q16HDRI6-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:perl-PerlMagick-7.0.7.34-lp150.2.15.1 low Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2018-10/msg00008.html https://www.suse.com/security/cve/CVE-2018-16643.html CVE-2018-16643 https://bugzilla.suse.com/1107612 SUSE Bug 1107612 There is a missing check for length in the functions ReadDCMImage of coders/dcm.c and ReadPICTImage of coders/pict.c in ImageMagick 7.0.8-11, which allows remote attackers to cause a denial of service via a crafted image. CVE-2018-16644 openSUSE Leap 15.0:ImageMagick-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:ImageMagick-devel-32bit-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:ImageMagick-devel-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:ImageMagick-doc-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:ImageMagick-extra-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:libMagick++-7_Q16HDRI4-32bit-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:libMagick++-7_Q16HDRI4-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:libMagick++-devel-32bit-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:libMagick++-devel-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:libMagickCore-7_Q16HDRI6-32bit-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:libMagickCore-7_Q16HDRI6-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:libMagickWand-7_Q16HDRI6-32bit-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:libMagickWand-7_Q16HDRI6-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:perl-PerlMagick-7.0.7.34-lp150.2.15.1 low Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2018-10/msg00008.html https://www.suse.com/security/cve/CVE-2018-16644.html CVE-2018-16644 https://bugzilla.suse.com/1107609 SUSE Bug 1107609 https://bugzilla.suse.com/1107612 SUSE Bug 1107612 https://bugzilla.suse.com/1117463 SUSE Bug 1117463 There is an excessive memory allocation issue in the functions ReadBMPImage of coders/bmp.c and ReadDIBImage of coders/dib.c in ImageMagick 7.0.8-11, which allows remote attackers to cause a denial of service via a crafted image file. CVE-2018-16645 openSUSE Leap 15.0:ImageMagick-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:ImageMagick-devel-32bit-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:ImageMagick-devel-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:ImageMagick-doc-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:ImageMagick-extra-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:libMagick++-7_Q16HDRI4-32bit-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:libMagick++-7_Q16HDRI4-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:libMagick++-devel-32bit-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:libMagick++-devel-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:libMagickCore-7_Q16HDRI6-32bit-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:libMagickCore-7_Q16HDRI6-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:libMagickWand-7_Q16HDRI6-32bit-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:libMagickWand-7_Q16HDRI6-7.0.7.34-lp150.2.15.1 openSUSE Leap 15.0:perl-PerlMagick-7.0.7.34-lp150.2.15.1 low Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2018-10/msg00008.html https://www.suse.com/security/cve/CVE-2018-16645.html CVE-2018-16645 https://bugzilla.suse.com/1107604 SUSE Bug 1107604