SUSE: 2019:14043-1 moderate: ImageMagick
Summary
This update for ImageMagick fixes the following issues: Security issues fixed: - CVE-2019-9956: Fixed a stack-based buffer overflow in PopHexPixel() (bsc#1130330). - CVE-2019-10650: Fixed a heap-based buffer over-read in WriteTIFFImage() (bsc#1131317). - CVE-2019-11007: Fixed a heap-based buffer overflow in ReadMNGImage() (bsc#1132060). - CVE-2019-11009: Fixed a heap-based buffer over-read in ReadXWDImage() (bsc#1132053). - CVE-2019-11472: Fixed a denial-of-service in ReadXWDImage() (bsc#1133204). - CVE-2019-11470: Fixed a denial-of-service in ReadCINImage() (bsc#1133205). - CVE-2019-11506: Fixed a heap-based buffer overflow in the WriteMATLABImage() (bsc#1133498). - CVE-2019-11505: Fixed a heap-based buffer overflow in the WritePDBImage() (bsc#1133501). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-ImageMagick-14043=1 Package List: - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ppc64 s390x x86_64): ImageMagick-debuginfo-6.4.3.6-78.97.1 ImageMagick-debugsource-6.4.3.6-78.97.1
References
#1130330 #1131317 #1132053 #1132060 #1133204
#1133205 #1133498 #1133501
Cross- CVE-2019-10650 CVE-2019-11007 CVE-2019-11009
CVE-2019-11470 CVE-2019-11472 CVE-2019-11505
CVE-2019-11506 CVE-2019-9956
Affected Products:
SUSE Linux Enterprise Debuginfo 11-SP4
https://www.suse.com/security/cve/CVE-2019-10650.html
https://www.suse.com/security/cve/CVE-2019-11007.html
https://www.suse.com/security/cve/CVE-2019-11009.html
https://www.suse.com/security/cve/CVE-2019-11470.html
https://www.suse.com/security/cve/CVE-2019-11472.html
https://www.suse.com/security/cve/CVE-2019-11505.html
https://www.suse.com/security/cve/CVE-2019-11506.html
https://www.suse.com/security/cve/CVE-2019-9956.html
https://bugzilla.suse.com/1130330
https://bugzilla.suse.com/1131317
https://bugzilla.suse.com/1132053
https://bugzilla.suse.com/1132060
https://bugzilla.suse.com/1133204
https://bugzilla.suse.com/1133205
https://bugzilla.suse.com/1133498
https://bugzilla.suse.com/1133501