Security update for ImageMagick SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2018:3203-1 Final 1 1 2018-10-17T13:17:17Z current 2018-10-17T13:17:17Z 2018-10-17T13:17:17Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for ImageMagick This update for ImageMagick fixes the following security issues: - CVE-2017-11532: Prevent a memory leak vulnerability in the WriteMPCImage() function in coders/mpc.c via a crafted file allowing for DoS (bsc#1050129) - CVE-2018-16750: Prevent memory leak in the formatIPTCfromBuffer function (bsc#1108283) - CVE-2018-16749: Added missing NULL check in ReadOneJNGImage that allowed an attacker to cause a denial of service (WriteBlob assertion failure and application exit) via a crafted file (bsc#1108282) - CVE-2018-16642: The function InsertRow allowed remote attackers to cause a denial of service via a crafted image file due to an out-of-bounds write (bsc#1107616) - CVE-2018-16640: Prevent memory leak in the function ReadOneJNGImage (bsc#1107619) - CVE-2018-16643: The functions ReadDCMImage, ReadPWPImage, ReadCALSImage, and ReadPICTImage did check the return value of the fputc function, which allowed remote attackers to cause a denial of service via a crafted image file (bsc#1107612) - CVE-2018-16644: Added missing check for length in the functions ReadDCMImage and ReadPICTImage, which allowed remote attackers to cause a denial of service via a crafted image (bsc#1107609) - CVE-2018-16645: Prevent excessive memory allocation issue in the functions ReadBMPImage and ReadDIBImage, which allowed remote attackers to cause a denial of service via a crafted image file (bsc#1107604) - CVE-2018-16413: Prevent heap-based buffer over-read in the PushShortPixel function leading to DoS (bsc#1106989) This update also relaxes the restrictions of use of Postscript like formats to 'write' only. (bsc#1105592) This update was imported from the SUSE:SLE-12:Update update project. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/opensuse-security-announce/2018-10/msg00034.html E-Mail link for openSUSE-SU-2018:3203-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE Leap 42.3 ImageMagick-6.8.8.1-70.2 ImageMagick-devel-6.8.8.1-70.2 ImageMagick-devel-32bit-6.8.8.1-70.2 ImageMagick-doc-6.8.8.1-70.2 ImageMagick-extra-6.8.8.1-70.2 libMagick++-6_Q16-3-6.8.8.1-70.2 libMagick++-6_Q16-3-32bit-6.8.8.1-70.2 libMagick++-devel-6.8.8.1-70.2 libMagick++-devel-32bit-6.8.8.1-70.2 libMagickCore-6_Q16-1-6.8.8.1-70.2 libMagickCore-6_Q16-1-32bit-6.8.8.1-70.2 libMagickWand-6_Q16-1-6.8.8.1-70.2 libMagickWand-6_Q16-1-32bit-6.8.8.1-70.2 perl-PerlMagick-6.8.8.1-70.2 ImageMagick-6.8.8.1-70.2 as a component of openSUSE Leap 42.3 ImageMagick-devel-6.8.8.1-70.2 as a component of openSUSE Leap 42.3 ImageMagick-devel-32bit-6.8.8.1-70.2 as a component of openSUSE Leap 42.3 ImageMagick-doc-6.8.8.1-70.2 as a component of openSUSE Leap 42.3 ImageMagick-extra-6.8.8.1-70.2 as a component of openSUSE Leap 42.3 libMagick++-6_Q16-3-6.8.8.1-70.2 as a component of openSUSE Leap 42.3 libMagick++-6_Q16-3-32bit-6.8.8.1-70.2 as a component of openSUSE Leap 42.3 libMagick++-devel-6.8.8.1-70.2 as a component of openSUSE Leap 42.3 libMagick++-devel-32bit-6.8.8.1-70.2 as a component of openSUSE Leap 42.3 libMagickCore-6_Q16-1-6.8.8.1-70.2 as a component of openSUSE Leap 42.3 libMagickCore-6_Q16-1-32bit-6.8.8.1-70.2 as a component of openSUSE Leap 42.3 libMagickWand-6_Q16-1-6.8.8.1-70.2 as a component of openSUSE Leap 42.3 libMagickWand-6_Q16-1-32bit-6.8.8.1-70.2 as a component of openSUSE Leap 42.3 perl-PerlMagick-6.8.8.1-70.2 as a component of openSUSE Leap 42.3 When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the WriteMPCImage() function in coders/mpc.c. CVE-2017-11532 openSUSE Leap 42.3:ImageMagick-6.8.8.1-70.2 openSUSE Leap 42.3:ImageMagick-devel-32bit-6.8.8.1-70.2 openSUSE Leap 42.3:ImageMagick-devel-6.8.8.1-70.2 openSUSE Leap 42.3:ImageMagick-doc-6.8.8.1-70.2 openSUSE Leap 42.3:ImageMagick-extra-6.8.8.1-70.2 openSUSE Leap 42.3:libMagick++-6_Q16-3-32bit-6.8.8.1-70.2 openSUSE Leap 42.3:libMagick++-6_Q16-3-6.8.8.1-70.2 openSUSE Leap 42.3:libMagick++-devel-32bit-6.8.8.1-70.2 openSUSE Leap 42.3:libMagick++-devel-6.8.8.1-70.2 openSUSE Leap 42.3:libMagickCore-6_Q16-1-32bit-6.8.8.1-70.2 openSUSE Leap 42.3:libMagickCore-6_Q16-1-6.8.8.1-70.2 openSUSE Leap 42.3:libMagickWand-6_Q16-1-32bit-6.8.8.1-70.2 openSUSE Leap 42.3:libMagickWand-6_Q16-1-6.8.8.1-70.2 openSUSE Leap 42.3:perl-PerlMagick-6.8.8.1-70.2 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2018-10/msg00034.html https://www.suse.com/security/cve/CVE-2017-11532.html CVE-2017-11532 https://bugzilla.suse.com/1050129 SUSE Bug 1050129 https://bugzilla.suse.com/1050623 SUSE Bug 1050623 ImageMagick 7.0.8-11 Q16 has a heap-based buffer over-read in the MagickCore/quantum-private.h PushShortPixel function when called from the coders/psd.c ParseImageResourceBlocks function. CVE-2018-16413 openSUSE Leap 42.3:ImageMagick-6.8.8.1-70.2 openSUSE Leap 42.3:ImageMagick-devel-32bit-6.8.8.1-70.2 openSUSE Leap 42.3:ImageMagick-devel-6.8.8.1-70.2 openSUSE Leap 42.3:ImageMagick-doc-6.8.8.1-70.2 openSUSE Leap 42.3:ImageMagick-extra-6.8.8.1-70.2 openSUSE Leap 42.3:libMagick++-6_Q16-3-32bit-6.8.8.1-70.2 openSUSE Leap 42.3:libMagick++-6_Q16-3-6.8.8.1-70.2 openSUSE Leap 42.3:libMagick++-devel-32bit-6.8.8.1-70.2 openSUSE Leap 42.3:libMagick++-devel-6.8.8.1-70.2 openSUSE Leap 42.3:libMagickCore-6_Q16-1-32bit-6.8.8.1-70.2 openSUSE Leap 42.3:libMagickCore-6_Q16-1-6.8.8.1-70.2 openSUSE Leap 42.3:libMagickWand-6_Q16-1-32bit-6.8.8.1-70.2 openSUSE Leap 42.3:libMagickWand-6_Q16-1-6.8.8.1-70.2 openSUSE Leap 42.3:perl-PerlMagick-6.8.8.1-70.2 low Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2018-10/msg00034.html https://www.suse.com/security/cve/CVE-2018-16413.html CVE-2018-16413 https://bugzilla.suse.com/1106989 SUSE Bug 1106989 https://bugzilla.suse.com/1106996 SUSE Bug 1106996 ImageMagick 7.0.8-5 has a memory leak vulnerability in the function ReadOneJNGImage in coders/png.c. CVE-2018-16640 openSUSE Leap 42.3:ImageMagick-6.8.8.1-70.2 openSUSE Leap 42.3:ImageMagick-devel-32bit-6.8.8.1-70.2 openSUSE Leap 42.3:ImageMagick-devel-6.8.8.1-70.2 openSUSE Leap 42.3:ImageMagick-doc-6.8.8.1-70.2 openSUSE Leap 42.3:ImageMagick-extra-6.8.8.1-70.2 openSUSE Leap 42.3:libMagick++-6_Q16-3-32bit-6.8.8.1-70.2 openSUSE Leap 42.3:libMagick++-6_Q16-3-6.8.8.1-70.2 openSUSE Leap 42.3:libMagick++-devel-32bit-6.8.8.1-70.2 openSUSE Leap 42.3:libMagick++-devel-6.8.8.1-70.2 openSUSE Leap 42.3:libMagickCore-6_Q16-1-32bit-6.8.8.1-70.2 openSUSE Leap 42.3:libMagickCore-6_Q16-1-6.8.8.1-70.2 openSUSE Leap 42.3:libMagickWand-6_Q16-1-32bit-6.8.8.1-70.2 openSUSE Leap 42.3:libMagickWand-6_Q16-1-6.8.8.1-70.2 openSUSE Leap 42.3:perl-PerlMagick-6.8.8.1-70.2 low Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2018-10/msg00034.html https://www.suse.com/security/cve/CVE-2018-16640.html CVE-2018-16640 https://bugzilla.suse.com/1107619 SUSE Bug 1107619 The function InsertRow in coders/cut.c in ImageMagick 7.0.7-37 allows remote attackers to cause a denial of service via a crafted image file due to an out-of-bounds write. CVE-2018-16642 openSUSE Leap 42.3:ImageMagick-6.8.8.1-70.2 openSUSE Leap 42.3:ImageMagick-devel-32bit-6.8.8.1-70.2 openSUSE Leap 42.3:ImageMagick-devel-6.8.8.1-70.2 openSUSE Leap 42.3:ImageMagick-doc-6.8.8.1-70.2 openSUSE Leap 42.3:ImageMagick-extra-6.8.8.1-70.2 openSUSE Leap 42.3:libMagick++-6_Q16-3-32bit-6.8.8.1-70.2 openSUSE Leap 42.3:libMagick++-6_Q16-3-6.8.8.1-70.2 openSUSE Leap 42.3:libMagick++-devel-32bit-6.8.8.1-70.2 openSUSE Leap 42.3:libMagick++-devel-6.8.8.1-70.2 openSUSE Leap 42.3:libMagickCore-6_Q16-1-32bit-6.8.8.1-70.2 openSUSE Leap 42.3:libMagickCore-6_Q16-1-6.8.8.1-70.2 openSUSE Leap 42.3:libMagickWand-6_Q16-1-32bit-6.8.8.1-70.2 openSUSE Leap 42.3:libMagickWand-6_Q16-1-6.8.8.1-70.2 openSUSE Leap 42.3:perl-PerlMagick-6.8.8.1-70.2 moderate Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2018-10/msg00034.html https://www.suse.com/security/cve/CVE-2018-16642.html CVE-2018-16642 https://bugzilla.suse.com/1107616 SUSE Bug 1107616 The functions ReadDCMImage in coders/dcm.c, ReadPWPImage in coders/pwp.c, ReadCALSImage in coders/cals.c, and ReadPICTImage in coders/pict.c in ImageMagick 7.0.8-4 do not check the return value of the fputc function, which allows remote attackers to cause a denial of service via a crafted image file. CVE-2018-16643 openSUSE Leap 42.3:ImageMagick-6.8.8.1-70.2 openSUSE Leap 42.3:ImageMagick-devel-32bit-6.8.8.1-70.2 openSUSE Leap 42.3:ImageMagick-devel-6.8.8.1-70.2 openSUSE Leap 42.3:ImageMagick-doc-6.8.8.1-70.2 openSUSE Leap 42.3:ImageMagick-extra-6.8.8.1-70.2 openSUSE Leap 42.3:libMagick++-6_Q16-3-32bit-6.8.8.1-70.2 openSUSE Leap 42.3:libMagick++-6_Q16-3-6.8.8.1-70.2 openSUSE Leap 42.3:libMagick++-devel-32bit-6.8.8.1-70.2 openSUSE Leap 42.3:libMagick++-devel-6.8.8.1-70.2 openSUSE Leap 42.3:libMagickCore-6_Q16-1-32bit-6.8.8.1-70.2 openSUSE Leap 42.3:libMagickCore-6_Q16-1-6.8.8.1-70.2 openSUSE Leap 42.3:libMagickWand-6_Q16-1-32bit-6.8.8.1-70.2 openSUSE Leap 42.3:libMagickWand-6_Q16-1-6.8.8.1-70.2 openSUSE Leap 42.3:perl-PerlMagick-6.8.8.1-70.2 low Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2018-10/msg00034.html https://www.suse.com/security/cve/CVE-2018-16643.html CVE-2018-16643 https://bugzilla.suse.com/1107612 SUSE Bug 1107612 There is a missing check for length in the functions ReadDCMImage of coders/dcm.c and ReadPICTImage of coders/pict.c in ImageMagick 7.0.8-11, which allows remote attackers to cause a denial of service via a crafted image. CVE-2018-16644 openSUSE Leap 42.3:ImageMagick-6.8.8.1-70.2 openSUSE Leap 42.3:ImageMagick-devel-32bit-6.8.8.1-70.2 openSUSE Leap 42.3:ImageMagick-devel-6.8.8.1-70.2 openSUSE Leap 42.3:ImageMagick-doc-6.8.8.1-70.2 openSUSE Leap 42.3:ImageMagick-extra-6.8.8.1-70.2 openSUSE Leap 42.3:libMagick++-6_Q16-3-32bit-6.8.8.1-70.2 openSUSE Leap 42.3:libMagick++-6_Q16-3-6.8.8.1-70.2 openSUSE Leap 42.3:libMagick++-devel-32bit-6.8.8.1-70.2 openSUSE Leap 42.3:libMagick++-devel-6.8.8.1-70.2 openSUSE Leap 42.3:libMagickCore-6_Q16-1-32bit-6.8.8.1-70.2 openSUSE Leap 42.3:libMagickCore-6_Q16-1-6.8.8.1-70.2 openSUSE Leap 42.3:libMagickWand-6_Q16-1-32bit-6.8.8.1-70.2 openSUSE Leap 42.3:libMagickWand-6_Q16-1-6.8.8.1-70.2 openSUSE Leap 42.3:perl-PerlMagick-6.8.8.1-70.2 low Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2018-10/msg00034.html https://www.suse.com/security/cve/CVE-2018-16644.html CVE-2018-16644 https://bugzilla.suse.com/1107609 SUSE Bug 1107609 https://bugzilla.suse.com/1107612 SUSE Bug 1107612 https://bugzilla.suse.com/1117463 SUSE Bug 1117463 There is an excessive memory allocation issue in the functions ReadBMPImage of coders/bmp.c and ReadDIBImage of coders/dib.c in ImageMagick 7.0.8-11, which allows remote attackers to cause a denial of service via a crafted image file. CVE-2018-16645 openSUSE Leap 42.3:ImageMagick-6.8.8.1-70.2 openSUSE Leap 42.3:ImageMagick-devel-32bit-6.8.8.1-70.2 openSUSE Leap 42.3:ImageMagick-devel-6.8.8.1-70.2 openSUSE Leap 42.3:ImageMagick-doc-6.8.8.1-70.2 openSUSE Leap 42.3:ImageMagick-extra-6.8.8.1-70.2 openSUSE Leap 42.3:libMagick++-6_Q16-3-32bit-6.8.8.1-70.2 openSUSE Leap 42.3:libMagick++-6_Q16-3-6.8.8.1-70.2 openSUSE Leap 42.3:libMagick++-devel-32bit-6.8.8.1-70.2 openSUSE Leap 42.3:libMagick++-devel-6.8.8.1-70.2 openSUSE Leap 42.3:libMagickCore-6_Q16-1-32bit-6.8.8.1-70.2 openSUSE Leap 42.3:libMagickCore-6_Q16-1-6.8.8.1-70.2 openSUSE Leap 42.3:libMagickWand-6_Q16-1-32bit-6.8.8.1-70.2 openSUSE Leap 42.3:libMagickWand-6_Q16-1-6.8.8.1-70.2 openSUSE Leap 42.3:perl-PerlMagick-6.8.8.1-70.2 low Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2018-10/msg00034.html https://www.suse.com/security/cve/CVE-2018-16645.html CVE-2018-16645 https://bugzilla.suse.com/1107604 SUSE Bug 1107604 In ImageMagick 7.0.7-29 and earlier, a missing NULL check in ReadOneJNGImage in coders/png.c allows an attacker to cause a denial of service (WriteBlob assertion failure and application exit) via a crafted file. CVE-2018-16749 openSUSE Leap 42.3:ImageMagick-6.8.8.1-70.2 openSUSE Leap 42.3:ImageMagick-devel-32bit-6.8.8.1-70.2 openSUSE Leap 42.3:ImageMagick-devel-6.8.8.1-70.2 openSUSE Leap 42.3:ImageMagick-doc-6.8.8.1-70.2 openSUSE Leap 42.3:ImageMagick-extra-6.8.8.1-70.2 openSUSE Leap 42.3:libMagick++-6_Q16-3-32bit-6.8.8.1-70.2 openSUSE Leap 42.3:libMagick++-6_Q16-3-6.8.8.1-70.2 openSUSE Leap 42.3:libMagick++-devel-32bit-6.8.8.1-70.2 openSUSE Leap 42.3:libMagick++-devel-6.8.8.1-70.2 openSUSE Leap 42.3:libMagickCore-6_Q16-1-32bit-6.8.8.1-70.2 openSUSE Leap 42.3:libMagickCore-6_Q16-1-6.8.8.1-70.2 openSUSE Leap 42.3:libMagickWand-6_Q16-1-32bit-6.8.8.1-70.2 openSUSE Leap 42.3:libMagickWand-6_Q16-1-6.8.8.1-70.2 openSUSE Leap 42.3:perl-PerlMagick-6.8.8.1-70.2 low Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2018-10/msg00034.html https://www.suse.com/security/cve/CVE-2018-16749.html CVE-2018-16749 https://bugzilla.suse.com/1108282 SUSE Bug 1108282 In ImageMagick 7.0.7-29 and earlier, a memory leak in the formatIPTCfromBuffer function in coders/meta.c was found. CVE-2018-16750 openSUSE Leap 42.3:ImageMagick-6.8.8.1-70.2 openSUSE Leap 42.3:ImageMagick-devel-32bit-6.8.8.1-70.2 openSUSE Leap 42.3:ImageMagick-devel-6.8.8.1-70.2 openSUSE Leap 42.3:ImageMagick-doc-6.8.8.1-70.2 openSUSE Leap 42.3:ImageMagick-extra-6.8.8.1-70.2 openSUSE Leap 42.3:libMagick++-6_Q16-3-32bit-6.8.8.1-70.2 openSUSE Leap 42.3:libMagick++-6_Q16-3-6.8.8.1-70.2 openSUSE Leap 42.3:libMagick++-devel-32bit-6.8.8.1-70.2 openSUSE Leap 42.3:libMagick++-devel-6.8.8.1-70.2 openSUSE Leap 42.3:libMagickCore-6_Q16-1-32bit-6.8.8.1-70.2 openSUSE Leap 42.3:libMagickCore-6_Q16-1-6.8.8.1-70.2 openSUSE Leap 42.3:libMagickWand-6_Q16-1-32bit-6.8.8.1-70.2 openSUSE Leap 42.3:libMagickWand-6_Q16-1-6.8.8.1-70.2 openSUSE Leap 42.3:perl-PerlMagick-6.8.8.1-70.2 low Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2018-10/msg00034.html https://www.suse.com/security/cve/CVE-2018-16750.html CVE-2018-16750 https://bugzilla.suse.com/1108283 SUSE Bug 1108283