SUSE-SU-2017:2949-1 -- SLES ImageMagick, libMagickCore-6_Q16-1, libMagickWand-6_Q16-1ID: oval:org.secpod.oval:def:89044944 | Date: (C)2021-07-20 (M)2022-10-10 |
Class: PATCH | Family: unix |
This update for ImageMagick fixes the following issues: Security issues fixed: * CVE-2017-15033: A denial of service attack was fixed in ReadYUVImage in coders/yuv.c [bsc#1061873] * CVE-2017-11446: An infinite loop in ReadPESImage was fixed. * CVE-2017-12433: A memory leak in ReadPESImage in coders/pes.c was fixed. * CVE-2017-12428: A memory leak in ReadWMFImage in coders/wmf.c was fixed. * CVE-2017-12431: A use-after-free in ReadWMFImage was fixed. * CVE-2017-11534: A memory leak in the lite_font_map in coders/wmf.c was fixed. * CVE-2017-13133: A memory exhaustion in load_level function in coders/xcf.c was fixed. * CVE-2017-13139: A out-of-bounds read in the ReadOneMNGImage was fixed. This update also reverts an incorrect fix for CVE-2016-7530 [bsc#1054924].
Platform: |
SUSE Linux Enterprise Server 12 SP3 |
SUSE Linux Enterprise Server 12 SP2 |
Product: |
ImageMagick |
libMagickCore-6_Q16-1 |
libMagickWand-6_Q16-1 |