Explore top 10 tips to secure your open-source projects now. Read More
×
This update for ImageMagick fixes the following issues:
- security update (xcf.c):
* CVE-2017-14343: Memory leak vulnerability in ReadXCFImage could lead
to denial of service via a crafted file. CVE-2017-12691: The
ReadOneLayer function in coders/xcf.c allows remote attackers to cause
a denial of service (memory consumption) via a crafted file.
[bsc#1058422]
- security update (pnm.c):
* CVE-2017-14042: A memory allocation failure was discovered in the
ReadPNMImage function in coders/pnm.c and could lead to remote denial
of service [bsc#1056550]
- security update (psd.c):
* CVE-2017-15281: ReadPSDImage allows remote attackers to cause a denial
of service (application crash) or possibly have unspecified other
impact via a crafted file [bsc#1063049]
* CVE-2017-13061: A length-validation vulnerability was found in the
function ReadPSDLayersInternal in coders/psd.c, which allows attackers ...
Read the Full AdvisoryPatch Instructions:
To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE Leap 42.3:
zypper in -t patch openSUSE-2018-7=1
- openSUSE Leap 42.2:
zypper in -t patch openSUSE-2018-7=1
To bring your system up-to-date, use "zypper patch".
- openSUSE Leap 42.3 (i586 x86_64):
ImageMagick-6.8.8.1-43.1
ImageMagick-debuginfo-6.8.8.1-43.1
ImageMagick-debugsource-6.8.8.1-43.1
ImageMagick-devel-6.8.8.1-43.1
ImageMagick-extra-6.8.8.1-43.1
ImageMagick-extra-debuginfo-6.8.8.1-43.1
libMagick++-6_Q16-3-6.8.8.1-43.1
libMagick++-6_Q16-3-debuginfo-6.8.8.1-43.1
libMagick++-devel-6.8.8.1-43.1
libMagickCore-6_Q16-1-6.8.8.1-43.1
libMagickCore-6_Q16-1-debuginfo-6.8.8.1-43.1
libMagickWand-6_Q16-1-6.8.8.1-43.1
libMagickWand-6_Q16-1-debuginfo-6.8.8.1-43.1
perl-PerlMagick-6.8.8.1-43.1
perl-PerlMagick-debuginfo-6.8.8.1-43.1
- openSUSE Leap 42.3 (noarch):
ImageMagick-doc-6.8.8.1-43.1
- openSUSE Leap 42.3 (x86_64):
ImageMagick-devel-32bit-6.8.8.1-43.1
libMagick++-6_Q16-3-32bit-6.8.8.1-43.1
libMagick++-6_Q16-3-debuginfo-32bit-6.8.8.1-43.1
libMagick++-devel-32bit-6.8.8.1-43.1
libMagickCore-6_Q16-1-32bit-6.8.8.1-43.1
libMagickCore-6_Q16-1-debuginfo-32bit-6.8.8.1-43.1
libMagickWand-6_Q16-1-32bit-6.8.8.1-43.1
libMagickWand-6_Q16-1-debuginfo-32bit-6.8.8.1-43.1
- openSUSE Leap...
Read the Full Advisoryhttps://www.suse.com/security/cve/CVE-2017-12563.html
https://www.suse.com/security/cve/CVE-2017-12691.html
https://www.suse.com/security/cve/CVE-2017-13061.html
https://www.suse.com/security/cve/CVE-2017-14042.html
https://www.suse.com/security/cve/CVE-2017-14174.html
https://www.suse.com/security/cve/CVE-2017-14343.html
https://www.suse.com/security/cve/CVE-2017-15277.html
https://www.suse.com/security/cve/CVE-2017-15281.html
https://bugzilla.suse.com/1052460
https://bugzilla.suse.com/1055053
https://bugzilla.suse.com/1055063
https://bugzilla.suse.com/1056550
https://bugzilla.suse.com/1057723
https://bugzilla.suse.com/1058422
https://bugzilla.suse.com/1063049
https://bugzilla.suse.com/1063050
Get the latest Linux and open source security news straight to your inbox.