SUSE-SU-2018:3191-1 -- SLES ImageMagick, libMagickID: oval:org.secpod.oval:def:89002518 | Date: (C)2021-02-26 (M)2022-10-10 |
Class: PATCH | Family: unix |
This update for ImageMagick fixes the following issues: Security issues fixed: - CVE-2018-18024: Fixed an infinite loop in the ReadBMPImage function of the coders/bmp.c file. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file. - CVE-2018-18016: Fixed a memory leak in WritePCXImage . - CVE-2018-17965: Fixed a memory leak in WriteSGIImage . - CVE-2018-17966: Fixed a memory leak in WritePDBImage . - CVE-2018-12600: ReadDIBImage and WriteDIBImage allowed attackers to cause an out of bounds write via a crafted file. - CVE-2018-12599: ReadBMPImage and WriteBMPImage allowed attackers to cause an out of bounds write via a crafted file
Platform: |
SUSE Linux Enterprise Server 12 SP3 |
Product: |
ImageMagick |
libMagick |