Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 438
Alerts This Week
Warning Icon 1 438

SUSE: 2017:3378-1 Important: ImageMagick Critical DoS Fix

suse
Calendar Grey December 20, 2017
Dist Suse Esm H88
SUSE Patch for ImageMagick addresses 26 vulnerabilities, such as denial of service and memory leaks. Make sure your software is updated.
An update that fixes 26 vulnerabilities is now available

Summary

This update for ImageMagick fixes the following issues: * CVE-2017-14607: out of bounds read flaw related to ReadTIFFImagehas could possibly disclose potentially sensitive memory [bsc#1059778] * CVE-2017-11640: NULL pointer deref in WritePTIFImage() in coders/tiff.c [bsc#1050632] * CVE-2017-14342: a memory exhaustion vulnerability in ReadWPGImage in coders/wpg.c could lead to denial of service [bsc#1058485] * CVE-2017-14341: Infinite loop in the ReadWPGImage function [bsc#1058637] * CVE-2017-16546: problem in the function ReadWPGImage in coders/wpg.c could lead to denial of service [bsc#1067181] * CVE-2017-16545: The ReadWPGImage function in coders/wpg.c in validation problems could lead to denial of service [bsc#1067184] * CVE-2017-14175: Lack of End of File check could lead to denial of

References

#1048457 #1049796 #1050116 #1050139 #1050632

#1051441 #1051847 #1052450 #1052553 #1052689

#1052758 #1052764 #1054757 #1055214 #1056432

#1057719 #1057729 #1057730 #1058485 #1058637

#1059666 #1059778 #1060577 #1066003 #1067181

#1067184

Cross- CVE-2017-11188 CVE-2017-11478 CVE-2017-11527

CVE-2017-11535 CVE-2017-11640 CVE-2017-11752

CVE-2017-12140 CVE-2017-12435 CVE-2017-12587

CVE-2017-12644 CVE-2017-12662 CVE-2017-12669

CVE-2017-12983 CVE-2017-13134 CVE-2017-13769

CVE-2017-14172 CVE-2017-14173 CVE-2017-14175

CVE-2017-14341 CVE-2017-14342 CVE-2017-14531

CVE-2017-14607 CVE-2017-14733 CVE-2017-15930

CVE-2017-16545 CVE-2017-16546

Affected Products:

SUSE Linux Enterprise Software Development Kit 11-SP4

...

Read the Full Advisory

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2017:3378-1
Rating: important

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.