Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 433
Alerts This Week
Warning Icon 1 433

SUSE: 2019:1033-1 Moderate: Multiple ImageMagick Security Issues

suse
Calendar Grey April 25, 2019
Dist Suse Esm H88
SUSE Security Update: Security update for ImageMagick ______________________________________________
An update that solves 13 vulnerabilities and has one errata is now available

Summary

This update for ImageMagick fixes the following issues: Security issues fixed: - CVE-2019-9956: Fixed a stack-based buffer overflow in PopHexPixel() (bsc#1130330). - CVE-2019-10650: Fixed a heap-based buffer over-read in WriteTIFFImage() (bsc#1131317). - CVE-2019-7175: Fixed multiple memory leaks in DecodeImage function (bsc#1128649). - CVE-2018-20467: Fixed infinite loop in coders/bmp.c (bsc#1120381). - CVE-2019-7398: Fixed a memory leak in the function WriteDIBImage (bsc#1124365). - CVE-2019-7397: Fixed a memory leak in the function WritePDFImage (bsc#1124366). - CVE-2019-7395: Fixed a memory leak in the function WritePSDChannel (bsc#1124368). - CVE-2018-16413: Fixed a heap-based buffer over-read in PushShortPixel() (bsc#1106989). - CVE-2018-16412: Fixed a heap-based buffer over-read in

References

#1106989 #1106996 #1107609 #1120381 #1122033

#1124365 #1124366 #1124368 #1128649 #1130330

#1131317 #1132053 #1132054 #1132060

Cross- CVE-2018-16412 CVE-2018-16413 CVE-2018-16644

CVE-2018-20467 CVE-2019-10650 CVE-2019-11007

CVE-2019-11008 CVE-2019-11009 CVE-2019-7175

CVE-2019-7395 CVE-2019-7397 CVE-2019-7398

CVE-2019-9956

Affected Products:

SUSE OpenStack Cloud 7

SUSE Linux Enterprise Workstation Extension 12-SP4

SUSE Linux Enterprise Workstation Extension 12-SP3

SUSE Linux Enterprise Software Development Kit 12-SP4

SUSE Linux Enterprise Software Development Kit 12-SP3

SUSE Linux Enterprise Server for SAP 12-SP2

SUSE Linux Enterprise Server 12-SP4

SUSE Linux Enterprise Server 12-SP3

SUSE Linu...

Read the Full Advisory

Announcement ID: SUSE-SU-2019:1033-1
Rating: moderate

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.