SUSE-SU-2018:1851-1 -- SLES ImageMagick, libMagickID: oval:org.secpod.oval:def:89002414 | Date: (C)2021-02-26 (M)2024-04-04 |
Class: PATCH | Family: unix |
This update for ImageMagick fixes the following issues: These security issues were fixed: - CVE-2017-13758: Prevent heap-based buffer overflow in the TracePoint function . - CVE-2017-10928: Prevent heap-based buffer over-read in the GetNextToken function that allowed remote attackers to obtain sensitive information from process memory or possibly have unspecified other impact via a crafted SVG document . - CVE-2018-9133: Long compute times in the tiff decoder have been fixed . - CVE-2018-11251: Heap-based buffer over-read in ReadSUNImage in coders/sun.c, which allows attackers to cause denial of service . - CVE-2017-18271: Infinite loop in the function ReadMIFFImage in coders/miff.c, which allows attackers to cause a denial of service . - CVE-2018-11655: Memory leak in the GetImagePixelCache in MagickCore/cache.c was fixed - CVE-2018-10804: Memory leak in WriteTIFFImage in coders/tiff.c was fixed - CVE-2018-10805: Fixed memory leaks in bgr.c, rgb.c, cmyk.c, gray.c, ycbcr.c
Platform: |
SUSE Linux Enterprise Server 12 SP3 |
Product: |
ImageMagick |
libMagick |