openSUSE-SU-2019:1983-1
See a problem?- Import Source
- https://ftp.suse.com/pub/projects/security/osv/openSUSE-SU-2019:1983-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/openSUSE-SU-2019:1983-1
- Upstream
- Related
- Published
- 2019-08-21T08:22:04Z
- Modified
- 2025-05-07T18:10:33.620909Z
- Summary
- Security update for ImageMagick
- Details
-
This update for ImageMagick fixes the following issues:
- CVE-2019-13301: Fixed a memory leak in AcquireMagickMemory() (bsc#1140554).
- CVE-2019-13309: Fixed a memory leak at AcquireMagickMemory due to mishandling the NoSuchImage error in CLIListOperatorImages (bsc#1140520).
- CVE-2019-13310: Fixed a memory leak at AcquireMagickMemory because of an error in MagickWand/mogrify.c (bsc#1140501).
- CVE-2019-13311: Fixed a memory leak at AcquireMagickMemory because of a wand/mogrify.c error (bsc#1140513).
- CVE-2019-13303: Fixed a heap-based buffer over-read in MagickCore/composite.c in CompositeImage (bsc#1140549).
- CVE-2019-13296: Fixed a memory leak in AcquireMagickMemory because of an error in CLIListOperatorImages in MagickWand/operation.c (bsc#1140665).
- CVE-2019-13299: Fixed a heap-based buffer over-read at MagickCore/pixel-accessor.h in GetPixelChannel (bsc#1140668).
- CVE-2019-13454: Fixed a division by zero in RemoveDuplicateLayers in MagickCore/layer.c (bsc#1141171).
- CVE-2019-13295: Fixed a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage (bsc#1140664).
- CVE-2019-13297: Fixed a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage (bsc#1140666).
- CVE-2019-12979: Fixed the use of uninitialized values in SyncImageSettings() (bsc#1139886).
- CVE-2019-13391: Fixed a heap-based buffer over-read in MagickCore/fourier.c (bsc#1140673).
- CVE-2019-13308: Fixed a heap-based buffer overflow in MagickCore/fourier.c (bsc#1140534).
- CVE-2019-13302: Fixed a heap-based buffer over-read in MagickCore/fourier.c in ComplexImages (bsc#1140552).
- CVE-2019-13298: Fixed a heap-based buffer overflow at MagickCore/pixel-accessor.h in SetPixelViaPixelInfo (bsc#1140667).
- CVE-2019-13300: Fixed a heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages (bsc#1140669).
- CVE-2019-13307: Fixed a heap-based buffer overflow at MagickCore/statistic.c (bsc#1140538).
- CVE-2019-12977: Fixed the use of uninitialized values in WriteJP2Imag() (bsc#1139884).
- CVE-2019-12975: Fixed a memory leak in the WriteDPXImage() in coders/dpx.c (bsc#1140106).
- CVE-2019-13135: Fixed the use of uninitialized values in ReadCUTImage() (bsc#1140103).
- CVE-2019-12978: Fixed the use of uninitialized values in ReadPANGOImage() (bsc#1139885).
- CVE-2019-12974: Fixed a NULL pointer dereference in the ReadPANGOImage() (bsc#1140111).
- CVE-2019-13304: Fixed a stack-based buffer overflow at coders/pnm.c in WritePNMImage (bsc#1140547).
- CVE-2019-13305: Fixed one more stack-based buffer overflow at coders/pnm.c in WritePNMImage (bsc#1140545).
- CVE-2019-13306: Fixed an additional stack-based buffer overflow at coders/pnm.c in WritePNMImage (bsc#1140543).
- CVE-2019-13133: Fixed a memory leak in the ReadBMPImage() (bsc#1140100).
- CVE-2019-13134: Fixed a memory leak in the ReadVIFFImage() (bsc#1140102).
- CVE-2019-13137: Fixed a memory leak in the ReadPSImage() (bsc#1140105).
- CVE-2019-13136: Fixed a integer overflow vulnerability in the TIFFSeekCustomStream() (bsc#1140104).
- CVE-2019-12976: Fixed a memory leak in the ReadPCLImage() in coders/pcl.c(bsc#1140110).
This update was imported from the SUSE:SLE-15:Update update project.
- References
-
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/YNM2LVHZUR2GCLOOK3NWALHSAJQKCA67/#YNM2LVHZUR2GCLOOK3NWALHSAJQKCA67
- https://bugzilla.suse.com/1139884
- https://bugzilla.suse.com/1139885
- https://bugzilla.suse.com/1139886
- https://bugzilla.suse.com/1140100
- https://bugzilla.suse.com/1140102
- https://bugzilla.suse.com/1140103
- https://bugzilla.suse.com/1140104
- https://bugzilla.suse.com/1140105
- https://bugzilla.suse.com/1140106
- https://bugzilla.suse.com/1140110
- https://bugzilla.suse.com/1140111
- https://bugzilla.suse.com/1140501
- https://bugzilla.suse.com/1140513
- https://bugzilla.suse.com/1140520
- https://bugzilla.suse.com/1140534
- https://bugzilla.suse.com/1140538
- https://bugzilla.suse.com/1140543
- https://bugzilla.suse.com/1140545
- https://bugzilla.suse.com/1140547
- https://bugzilla.suse.com/1140549
- https://bugzilla.suse.com/1140552
- https://bugzilla.suse.com/1140554
- https://bugzilla.suse.com/1140664
- https://bugzilla.suse.com/1140665
- https://bugzilla.suse.com/1140666
- https://bugzilla.suse.com/1140667
- https://bugzilla.suse.com/1140668
- https://bugzilla.suse.com/1140669
- https://bugzilla.suse.com/1140673
- https://bugzilla.suse.com/1141171
- https://www.suse.com/security/cve/CVE-2019-12974
- https://www.suse.com/security/cve/CVE-2019-12975
- https://www.suse.com/security/cve/CVE-2019-12976
- https://www.suse.com/security/cve/CVE-2019-12977
- https://www.suse.com/security/cve/CVE-2019-12978
- https://www.suse.com/security/cve/CVE-2019-12979
- https://www.suse.com/security/cve/CVE-2019-13133
- https://www.suse.com/security/cve/CVE-2019-13134
- https://www.suse.com/security/cve/CVE-2019-13135
- https://www.suse.com/security/cve/CVE-2019-13136
- https://www.suse.com/security/cve/CVE-2019-13137
- https://www.suse.com/security/cve/CVE-2019-13295
- https://www.suse.com/security/cve/CVE-2019-13296
- https://www.suse.com/security/cve/CVE-2019-13297
- https://www.suse.com/security/cve/CVE-2019-13298
- https://www.suse.com/security/cve/CVE-2019-13299
- https://www.suse.com/security/cve/CVE-2019-13300
- https://www.suse.com/security/cve/CVE-2019-13301
- https://www.suse.com/security/cve/CVE-2019-13302
- https://www.suse.com/security/cve/CVE-2019-13303
- https://www.suse.com/security/cve/CVE-2019-13304
- https://www.suse.com/security/cve/CVE-2019-13305
- https://www.suse.com/security/cve/CVE-2019-13306
- https://www.suse.com/security/cve/CVE-2019-13307
- https://www.suse.com/security/cve/CVE-2019-13308
- https://www.suse.com/security/cve/CVE-2019-13309
- https://www.suse.com/security/cve/CVE-2019-13310
- https://www.suse.com/security/cve/CVE-2019-13311
- https://www.suse.com/security/cve/CVE-2019-13391
- https://www.suse.com/security/cve/CVE-2019-13454
Affected packages
openSUSE:Leap 15.0 / ImageMagick
Package
- Name
- ImageMagick
- Purl
- pkg:rpm/opensuse/ImageMagick&distro=openSUSE%20Leap%2015.0
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed7.0.7.34-lp151.7.9.1
Ecosystem specific
{
"binaries": [
{
"ImageMagick": "7.0.7.34-lp151.7.9.1",
"libMagickWand-7_Q16HDRI6-32bit": "7.0.7.34-lp151.7.9.1",
"libMagick++-devel": "7.0.7.34-lp151.7.9.1",
"libMagickCore-7_Q16HDRI6": "7.0.7.34-lp151.7.9.1",
"ImageMagick-devel-32bit": "7.0.7.34-lp151.7.9.1",
"perl-PerlMagick": "7.0.7.34-lp151.7.9.1",
"libMagick++-7_Q16HDRI4": "7.0.7.34-lp151.7.9.1",
"libMagick++-7_Q16HDRI4-32bit": "7.0.7.34-lp151.7.9.1",
"ImageMagick-config-7-upstream": "7.0.7.34-lp151.7.9.1",
"libMagickWand-7_Q16HDRI6": "7.0.7.34-lp151.7.9.1",
"libMagickCore-7_Q16HDRI6-32bit": "7.0.7.34-lp151.7.9.1",
"libMagick++-devel-32bit": "7.0.7.34-lp151.7.9.1",
"ImageMagick-devel": "7.0.7.34-lp151.7.9.1",
"ImageMagick-extra": "7.0.7.34-lp151.7.9.1",
"ImageMagick-config-7-SUSE": "7.0.7.34-lp151.7.9.1",
"ImageMagick-doc": "7.0.7.34-lp151.7.9.1"
}
]
}
openSUSE:Leap 15.1 / ImageMagick
Package
- Name
- ImageMagick
- Purl
- pkg:rpm/opensuse/ImageMagick&distro=openSUSE%20Leap%2015.1
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed7.0.7.34-lp151.7.9.1
Ecosystem specific
{
"binaries": [
{
"ImageMagick": "7.0.7.34-lp151.7.9.1",
"libMagickWand-7_Q16HDRI6-32bit": "7.0.7.34-lp151.7.9.1",
"libMagick++-devel": "7.0.7.34-lp151.7.9.1",
"libMagickCore-7_Q16HDRI6": "7.0.7.34-lp151.7.9.1",
"ImageMagick-devel-32bit": "7.0.7.34-lp151.7.9.1",
"perl-PerlMagick": "7.0.7.34-lp151.7.9.1",
"libMagick++-7_Q16HDRI4": "7.0.7.34-lp151.7.9.1",
"libMagick++-7_Q16HDRI4-32bit": "7.0.7.34-lp151.7.9.1",
"ImageMagick-config-7-upstream": "7.0.7.34-lp151.7.9.1",
"libMagickWand-7_Q16HDRI6": "7.0.7.34-lp151.7.9.1",
"libMagickCore-7_Q16HDRI6-32bit": "7.0.7.34-lp151.7.9.1",
"libMagick++-devel-32bit": "7.0.7.34-lp151.7.9.1",
"ImageMagick-devel": "7.0.7.34-lp151.7.9.1",
"ImageMagick-extra": "7.0.7.34-lp151.7.9.1",
"ImageMagick-config-7-SUSE": "7.0.7.34-lp151.7.9.1",
"ImageMagick-doc": "7.0.7.34-lp151.7.9.1"
}
]
}