SUSE: 2017:3435-1 Important: GraphicsMagick Denial Of Service

suse

December 27, 2017

An update that fixes 14 vulnerabilities is now available

Summary

This update for GraphicsMagick fixes the following issues: * CVE-2017-11640: NULL pointer deref in WritePTIFImage() in coders/tiff.c could lead to denial of service [bsc#1050632] * CVE-2017-14342: Memory exhaustion in ReadWPGImage in coders/wpg.c could lead to denial of service [bsc#1058485] * CVE-2017-14341: Infinite loop in the ReadWPGImage function could lead to denial of service [bsc#1058637] * CVE-2017-16546: Issue in ReadWPGImage function in coders/wpg.c could lead to denial of service [bsc#1067181] * CVE-2017-16545: The ReadWPGImage function in coders/wpg.c in validation problems could lead to denial of service [bsc#1067184] * CVE-2017-16669: coders/wpg.c allows remote attackers to cause a denial of service via crafted file [bsc#1067409]

Topics Covered

security advisory denial of service critical issue software update important SUSE GraphicsMagick

References

#1050632 #1052450 #1054757 #1055214 #1056426

#1056429 #1057508 #1058485 #1058637 #1066003

#1067181 #1067184 #1067409

Cross- CVE-2016-7996 CVE-2017-11640 CVE-2017-12587

CVE-2017-12983 CVE-2017-13134 CVE-2017-13776

CVE-2017-13777 CVE-2017-14165 CVE-2017-14341

CVE-2017-14342 CVE-2017-15930 CVE-2017-16545

CVE-2017-16546 CVE-2017-16669

Affected Products:

SUSE Studio Onsite 1.3

SUSE Linux Enterprise Software Development Kit 11-SP4

SUSE Linux Enterprise Debuginfo 11-SP4

https://www.suse.com/security/cve/CVE-2016-7996.html

https://www.suse.com/security/cve/CVE-2017-11640.html

https://www.suse.com/security/cve/CVE-2017-12587.html

https://www.suse.com/security/cve/CVE-2017-12983.html

https://www.suse.com/security/cve/CVE-2017-13134.html

Severity

important

Lowest

Low

Medium

High

Critical

Announcement ID: SUSE-SU-2017:3435-1

Rating: important

Topics Covered

security advisory denial of service critical issue software update important SUSE GraphicsMagick

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2017:3435-1 Important: GraphicsMagick Denial Of Service

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2017:3435-1 Important: GraphicsMagick Denial Of Service

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!