SUSE-SU-2016:1301-1

See a problem?

Import Source

https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2016:1301-1.json

JSON Data

https://api.osv.dev/v1/vulns/SUSE-SU-2016:1301-1

Related

CVE-2016-3714

Published

2016-05-13T14:27:21Z

Modified

2016-05-13T14:27:21Z

Summary

Security update for ImageMagick

Details

This update for ImageMagick fixes the following issues:

bsc#978061: A vulnerability in ImageMagick's 'https' module allowed users to execute arbitrary shell commands on the host performing the image conversion. The issue had the potential for remote command injection. This update mitigates the vulnerability by disabling all access to the 'https' module in the 'delegates.xml' config file. (CVE-2016-3714)

References

Affected packages

SUSE:Linux Enterprise Software Development Kit 11 SP4 / ImageMagick

Package

Name: ImageMagick
Purl: purl:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2011%20SP4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.4.3.6-7.37.1

Ecosystem specific

{
    "binaries": [
        {
            "perl-PerlMagick": "6.4.3.6-7.37.1",
            "ImageMagick-devel": "6.4.3.6-7.37.1",
            "ImageMagick": "6.4.3.6-7.37.1",
            "libMagickWand1": "6.4.3.6-7.37.1",
            "libMagick++1": "6.4.3.6-7.37.1",
            "libMagickWand1-32bit": "6.4.3.6-7.37.1",
            "libMagick++-devel": "6.4.3.6-7.37.1"
        }
    ]
}

SUSE:OpenStack Cloud 5 / ImageMagick

Package

Name: ImageMagick
Purl: purl:rpm/suse/ImageMagick&distro=SUSE%20OpenStack%20Cloud%205

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.4.3.6-7.37.1

Ecosystem specific

{
    "binaries": [
        {
            "libMagickCore1": "6.4.3.6-7.37.1",
            "libMagickCore1-32bit": "6.4.3.6-7.37.1"
        }
    ]
}

SUSE:Manager 2.1 / ImageMagick

Package

Name: ImageMagick
Purl: purl:rpm/suse/ImageMagick&distro=SUSE%20Manager%202.1

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.4.3.6-7.37.1

Ecosystem specific

{
    "binaries": [
        {
            "libMagickCore1": "6.4.3.6-7.37.1",
            "libMagickCore1-32bit": "6.4.3.6-7.37.1"
        }
    ]
}

SUSE:Manager Proxy 2.1 / ImageMagick

Package

Name: ImageMagick
Purl: purl:rpm/suse/ImageMagick&distro=SUSE%20Manager%20Proxy%202.1

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.4.3.6-7.37.1

Ecosystem specific

{
    "binaries": [
        {
            "libMagickCore1": "6.4.3.6-7.37.1",
            "libMagickCore1-32bit": "6.4.3.6-7.37.1"
        }
    ]
}

SUSE:Linux Enterprise Server 11 SP2-LTSS / ImageMagick

Package

Name: ImageMagick
Purl: purl:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP2-LTSS

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.4.3.6-7.37.1

Ecosystem specific

{
    "binaries": [
        {
            "libMagickCore1": "6.4.3.6-7.37.1",
            "libMagickCore1-32bit": "6.4.3.6-7.37.1"
        }
    ]
}

SUSE:Linux Enterprise Server 11 SP3-LTSS / ImageMagick

Package

Name: ImageMagick
Purl: purl:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-LTSS

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.4.3.6-7.37.1

Ecosystem specific

{
    "binaries": [
        {
            "libMagickCore1": "6.4.3.6-7.37.1",
            "libMagickCore1-32bit": "6.4.3.6-7.37.1"
        }
    ]
}

SUSE:Linux Enterprise Server 11 SP3-TERADATA / ImageMagick

Package

Name: ImageMagick
Purl: purl:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-TERADATA

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.4.3.6-7.37.1

Ecosystem specific

{
    "binaries": [
        {
            "libMagickCore1": "6.4.3.6-7.37.1",
            "libMagickCore1-32bit": "6.4.3.6-7.37.1"
        }
    ]
}

SUSE:Linux Enterprise Server 11 SP4 / ImageMagick

Package

Name: ImageMagick
Purl: purl:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.4.3.6-7.37.1

Ecosystem specific

{
    "binaries": [
        {
            "libMagickCore1": "6.4.3.6-7.37.1",
            "libMagickCore1-32bit": "6.4.3.6-7.37.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 11 SP4 / ImageMagick

Package

Name: ImageMagick
Purl: purl:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.4.3.6-7.37.1

Ecosystem specific

{
    "binaries": [
        {
            "libMagickCore1": "6.4.3.6-7.37.1",
            "libMagickCore1-32bit": "6.4.3.6-7.37.1"
        }
    ]
}