Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 568
Alerts This Week
Warning Icon 1 568

SUSE: 2018:3753-1 Moderate: ImageMagick Remote DoS and Memory Leak

suse
Calendar Grey November 13, 2018
Dist Suse Esm H88
SUSE Security Patch for ImageMagick addresses three moderate risk vulnerabilities impacting Development and Desktop components.
An update that solves three vulnerabilities and has one errata is now available

Summary

This update for ImageMagick fixes the following issues: Security issues fixed: - CVE-2018-18024: Fixed an infinite loop in the ReadBMPImage function. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file. (bsc#1111069) - CVE-2018-18016: Fixed a memory leak in WritePCXImage (bsc#1111072). - CVE-2018-17966: Fixed a memory leak in WritePDBImage (bsc#1110746). Non security issues fixed: - Fixed -morphology EdgeIn output (bsc#1106254) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Development Tools 15:

References

#1106254 #1110746 #1111069 #1111072

Cross- CVE-2018-17966 CVE-2018-18016 CVE-2018-18024

Affected Products:

SUSE Linux Enterprise Module for Development Tools 15

SUSE Linux Enterprise Module for Desktop Applications 15

https://www.suse.com/security/cve/CVE-2018-17966.html

https://www.suse.com/security/cve/CVE-2018-18016.html

https://www.suse.com/security/cve/CVE-2018-18024.html

https://bugzilla.suse.com/1106254

https://bugzilla.suse.com/1110746

https://bugzilla.suse.com/1111069

https://bugzilla.suse.com/1111072

Announcement ID: SUSE-SU-2018:3753-1
Rating: moderate

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.