Alerts This Week
Warning Icon 1 758
Alerts This Week
Warning Icon 1 758

openSUSE Leap 15.1: 2021:0148-1 Moderate: ImageMagick Security Fix

opensuse
Calendar Grey January 24, 2021
Dist Opensuse Esm H88
The latest openSUSE Security Update for ImageMagick resolves 35 vulnerabilities, concentrating on critical buffer overflow and memory management flaws ensuring stability and security
An update that fixes 35 vulnerabilities is now available

Description

This update for ImageMagick fixes the following issues:

- CVE-2020-19667: Fixed a stack buffer overflow in XPM coder could result

in a crash (bsc#1179103).

- CVE-2020-25664: Fixed a heap-based buffer overflow in PopShortPixel

(bsc#1179202).

- CVE-2020-25665: Fixed a heap-based buffer overflow in WritePALMImage

(bsc#1179208).

- CVE-2020-25666: Fixed an outside the range of representable values of

type 'int' and signed integer overflow (bsc#1179212).

- CVE-2020-25674: Fixed a heap-based buffer overflow in WriteOnePNGImage

(bsc#1179223).

- CVE-2020-25675: Fixed an outside the range of representable values of

type 'long' and integer overflow (bsc#1179240).

- CVE-2020-25676: Fixed an outside the range of representable values of

type 'long' and integer overflow at MagickCore/pixel.c (bsc#1179244).

- CVE-2020-27750: Fixed a division by zero in

MagickCore/colorspace-private.h (bsc#1179260).

- CVE-2020-27751: Fixed an...

Read the Full Advisory

Patch

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods

like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 15.1:

zypper in -t patch openSUSE-2021-148=1

Package List

- openSUSE Leap 15.1 (i586 x86_64):

ImageMagick-7.0.7.34-lp151.7.26.1

ImageMagick-config-7-SUSE-7.0.7.34-lp151.7.26.1

ImageMagick-config-7-upstream-7.0.7.34-lp151.7.26.1

ImageMagick-debuginfo-7.0.7.34-lp151.7.26.1

ImageMagick-debugsource-7.0.7.34-lp151.7.26.1

ImageMagick-devel-7.0.7.34-lp151.7.26.1

ImageMagick-extra-7.0.7.34-lp151.7.26.1

ImageMagick-extra-debuginfo-7.0.7.34-lp151.7.26.1

libMagick++-7_Q16HDRI4-7.0.7.34-lp151.7.26.1

libMagick++-7_Q16HDRI4-debuginfo-7.0.7.34-lp151.7.26.1

libMagick++-devel-7.0.7.34-lp151.7.26.1

libMagickCore-7_Q16HDRI6-7.0.7.34-lp151.7.26.1

libMagickCore-7_Q16HDRI6-debuginfo-7.0.7.34-lp151.7.26.1

libMagickWand-7_Q16HDRI6-7.0.7.34-lp151.7.26.1

libMagickWand-7_Q16HDRI6-debuginfo-7.0.7.34-lp151.7.26.1

perl-PerlMagick-7.0.7.34-lp151.7.26.1

perl-PerlMagick-debuginfo-7.0.7.34-lp151.7.26.1

- openSUSE Leap 15.1 (noarch):

ImageMagick-doc-7.0.7.34-lp151.7.26.1

- openSUSE Leap 15.1 (x86_64):

ImageMagick-devel-32bit-7.0.7.34-lp151.7.26.1

libMagick++-7_Q16HDRI4-32bit-7.0.7.34-lp151.7.26.1

li...

Read the Full Advisory

References

https://www.suse.com/security/cve/CVE-2020-19667.html

https://www.suse.com/security/cve/CVE-2020-25664.html

https://www.suse.com/security/cve/CVE-2020-25665.html

https://www.suse.com/security/cve/CVE-2020-25666.html

https://www.suse.com/security/cve/CVE-2020-25674.html

https://www.suse.com/security/cve/CVE-2020-25675.html

https://www.suse.com/security/cve/CVE-2020-25676.html

https://www.suse.com/security/cve/CVE-2020-27750.html

https://www.suse.com/security/cve/CVE-2020-27751.html

https://www.suse.com/security/cve/CVE-2020-27752.html

https://www.suse.com/security/cve/CVE-2020-27753.html

https://www.suse.com/security/cve/CVE-2020-27754.html

https://www.suse.com/security/cve/CVE-2020-27755.html

https://www.suse.com/security/cve/CVE-2020-27756.html

https://www.suse.com/security/cve/CVE-2020-27757.html

https://www.suse.com/security/cve/CVE-2020-27758.html

https://www.suse.com/security/cve/CVE-2020-27759.html

https://www.suse.com/security/cve/CVE-2020-27760.html

https://www.suse.com/security/cve/CVE-2020-277...

Read the Full Advisory

Announcement ID: openSUSE-SU-2021:0148-1
Rating: moderate
Affected Products: openSUSE Leap 15.1 .

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here