This update for ImageMagick fixes the following issues: - security update : * CVE-2017-14343: Memory leak vulnerability in ReadXCFImage could lead to denial of service via a crafted file. CVE-2017-12691: The ReadOneLayer function in coders/xcf.c allows remote attackers to cause a denial of service via a crafted file. [bsc#1058422] - security update : * CVE-2017-14042: A memory allocation failure was discovered in the ReadPNMImage function in coders/pnm.c and could lead to remote denial of service [bsc#1056550] - security update : * CVE-2017-15281: ReadPSDImage allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted file [bsc#1063049] * CVE-2017-13061: A length-validation vulnerability was found in the function ReadPSDLayersInternal in coders/psd.c, which allows attackers to cause a denial of service via a crafted file. [bsc#1055063] * CVE-2017-12563: A Memory exhaustion vulnerability was found in the function ReadPSDImage in coders/psd.c, which allows attackers to cause a denial of service. [bsc#1052460] * CVE-2017-14174: Due to a lack of an EOF check in ReadPSDLayersInternal could cause huge CPU consumption, when a crafted PSD file, which claims a large quot;lengthquot; field in the header but does not contain sufficient backing data, is provided, the loop over \quot;length\quot; would consume huge CPU resources, since there is no EOF check inside the loop.[bsc#1057723] - security update : * CVE-2017-13062: Amemory leak vulnerability was found in the function formatIPTC in coders/meta.c, which allows attackers to cause a denial of service via a crafted file [bsc#1055053] - security update : * CVE-2017-15277: ReadGIFImage in coders/gif.c leaves the palette uninitialized when processing a GIF file that has neither a global nor local palette. If the affected product is used as a library loaded into a process that operates on interesting data, this data sometimes can be leaked via the uninitialized palette.[bsc#1063050]