openSUSE-SU-2019:2519-1
See a problem?- Import Source
- https://ftp.suse.com/pub/projects/security/osv/openSUSE-SU-2019:2519-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/openSUSE-SU-2019:2519-1
- Related
- Published
- 2019-11-16T09:23:00Z
- Modified
- 2019-11-16T09:23:00Z
- Summary
- Security update for ImageMagick
- Details
-
This update for ImageMagick fixes the following issues:
Security issues fixed:
- CVE-2019-15139: Fixed a denial-of-service vulnerability in ReadXWDImage (bsc#1146213).
- CVE-2019-15140: Fixed a use-after-free bug in the Matlab image parser (bsc#1146212).
- CVE-2019-15141: Fixed a divide-by-zero vulnerability in the MeanShiftImage function (bsc#1146211).
- CVE-2019-14980: Fixed an application crash resulting from a heap-based buffer over-read in WriteTIFFImage (bsc#1146068).
- CVE-2019-14981: Fixed a use after free in the UnmapBlob function (bsc#1146065).
- CVE-2019-16708: Fixed a memory leak in magick/xwindow.c (bsc#1151781).
- CVE-2019-16709: Fixed a memory leak in coders/dps.c (bsc#1151782).
- CVE-2019-16710: Fixed a memory leak in coders/dot.c (bsc#1151783).
- CVE-2019-16711: Fixed a memory leak in Huffman2DEncodeImage in coders/ps2.c (bsc#1151784).
- CVE-2019-16712: Fixed a memory leak in Huffman2DEncodeImage in coders/ps3.c (bsc#1151785).
- CVE-2019-16713: Fixed a memory leak in coders/dot.c (bsc#1151786).
This update was imported from the SUSE:SLE-15:Update update project.
- References
-
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/GGD5GT3XH47ZWIXPD27DWBTDQARZCQQU/#GGD5GT3XH47ZWIXPD27DWBTDQARZCQQU
- https://bugzilla.suse.com/1146065
- https://bugzilla.suse.com/1146068
- https://bugzilla.suse.com/1146211
- https://bugzilla.suse.com/1146212
- https://bugzilla.suse.com/1146213
- https://bugzilla.suse.com/1151781
- https://bugzilla.suse.com/1151782
- https://bugzilla.suse.com/1151783
- https://bugzilla.suse.com/1151784
- https://bugzilla.suse.com/1151785
- https://bugzilla.suse.com/1151786
- https://www.suse.com/security/cve/CVE-2019-14980
- https://www.suse.com/security/cve/CVE-2019-14981
- https://www.suse.com/security/cve/CVE-2019-15139
- https://www.suse.com/security/cve/CVE-2019-15140
- https://www.suse.com/security/cve/CVE-2019-15141
- https://www.suse.com/security/cve/CVE-2019-16708
- https://www.suse.com/security/cve/CVE-2019-16709
- https://www.suse.com/security/cve/CVE-2019-16710
- https://www.suse.com/security/cve/CVE-2019-16711
- https://www.suse.com/security/cve/CVE-2019-16712
- https://www.suse.com/security/cve/CVE-2019-16713
Affected packages
openSUSE:Leap 15.0 / ImageMagick
Package
- Name
- ImageMagick
- Purl
- purl:rpm/suse/ImageMagick&distro=openSUSE%20Leap%2015.0
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed7.0.7.34-lp150.2.41.1
Ecosystem specific
{
"binaries": [
{
"ImageMagick-config-7-upstream": "7.0.7.34-lp150.2.41.1",
"libMagickCore-7_Q16HDRI6": "7.0.7.34-lp150.2.41.1",
"libMagick++-devel-32bit": "7.0.7.34-lp150.2.41.1",
"libMagickWand-7_Q16HDRI6-32bit": "7.0.7.34-lp150.2.41.1",
"libMagickCore-7_Q16HDRI6-32bit": "7.0.7.34-lp150.2.41.1",
"libMagick++-7_Q16HDRI4": "7.0.7.34-lp150.2.41.1",
"libMagick++-devel": "7.0.7.34-lp150.2.41.1",
"libMagickWand-7_Q16HDRI6": "7.0.7.34-lp150.2.41.1",
"ImageMagick-config-7-SUSE": "7.0.7.34-lp150.2.41.1",
"perl-PerlMagick": "7.0.7.34-lp150.2.41.1",
"ImageMagick-devel-32bit": "7.0.7.34-lp150.2.41.1",
"ImageMagick-devel": "7.0.7.34-lp150.2.41.1",
"ImageMagick": "7.0.7.34-lp150.2.41.1",
"libMagick++-7_Q16HDRI4-32bit": "7.0.7.34-lp150.2.41.1",
"ImageMagick-doc": "7.0.7.34-lp150.2.41.1",
"ImageMagick-extra": "7.0.7.34-lp150.2.41.1"
}
]
}