Security update for ImageMagick SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2019:2519-1 Final 1 1 2019-11-16T09:23:00Z current 2019-11-16T09:23:00Z 2019-11-16T09:23:00Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for ImageMagick This update for ImageMagick fixes the following issues: Security issues fixed: - CVE-2019-15139: Fixed a denial-of-service vulnerability in ReadXWDImage (bsc#1146213). - CVE-2019-15140: Fixed a use-after-free bug in the Matlab image parser (bsc#1146212). - CVE-2019-15141: Fixed a divide-by-zero vulnerability in the MeanShiftImage function (bsc#1146211). - CVE-2019-14980: Fixed an application crash resulting from a heap-based buffer over-read in WriteTIFFImage (bsc#1146068). - CVE-2019-14981: Fixed a use after free in the UnmapBlob function (bsc#1146065). - CVE-2019-16708: Fixed a memory leak in magick/xwindow.c (bsc#1151781). - CVE-2019-16709: Fixed a memory leak in coders/dps.c (bsc#1151782). - CVE-2019-16710: Fixed a memory leak in coders/dot.c (bsc#1151783). - CVE-2019-16711: Fixed a memory leak in Huffman2DEncodeImage in coders/ps2.c (bsc#1151784). - CVE-2019-16712: Fixed a memory leak in Huffman2DEncodeImage in coders/ps3.c (bsc#1151785). - CVE-2019-16713: Fixed a memory leak in coders/dot.c (bsc#1151786). This update was imported from the SUSE:SLE-15:Update update project. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-2019-2519 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html E-Mail link for openSUSE-SU-2019:2519-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1146065 SUSE Bug 1146065 https://bugzilla.suse.com/1146068 SUSE Bug 1146068 https://bugzilla.suse.com/1146211 SUSE Bug 1146211 https://bugzilla.suse.com/1146212 SUSE Bug 1146212 https://bugzilla.suse.com/1146213 SUSE Bug 1146213 https://bugzilla.suse.com/1151781 SUSE Bug 1151781 https://bugzilla.suse.com/1151782 SUSE Bug 1151782 https://bugzilla.suse.com/1151783 SUSE Bug 1151783 https://bugzilla.suse.com/1151784 SUSE Bug 1151784 https://bugzilla.suse.com/1151785 SUSE Bug 1151785 https://bugzilla.suse.com/1151786 SUSE Bug 1151786 https://www.suse.com/security/cve/CVE-2019-14980/ SUSE CVE CVE-2019-14980 page https://www.suse.com/security/cve/CVE-2019-14981/ SUSE CVE CVE-2019-14981 page https://www.suse.com/security/cve/CVE-2019-15139/ SUSE CVE CVE-2019-15139 page https://www.suse.com/security/cve/CVE-2019-15140/ SUSE CVE CVE-2019-15140 page https://www.suse.com/security/cve/CVE-2019-15141/ SUSE CVE CVE-2019-15141 page https://www.suse.com/security/cve/CVE-2019-16708/ SUSE CVE CVE-2019-16708 page https://www.suse.com/security/cve/CVE-2019-16709/ SUSE CVE CVE-2019-16709 page https://www.suse.com/security/cve/CVE-2019-16710/ SUSE CVE CVE-2019-16710 page https://www.suse.com/security/cve/CVE-2019-16711/ SUSE CVE CVE-2019-16711 page https://www.suse.com/security/cve/CVE-2019-16712/ SUSE CVE CVE-2019-16712 page https://www.suse.com/security/cve/CVE-2019-16713/ SUSE CVE CVE-2019-16713 page openSUSE Leap 15.0 ImageMagick-7.0.7.34-lp150.2.41.1 ImageMagick-config-7-SUSE-7.0.7.34-lp150.2.41.1 ImageMagick-config-7-upstream-7.0.7.34-lp150.2.41.1 ImageMagick-devel-7.0.7.34-lp150.2.41.1 ImageMagick-devel-32bit-7.0.7.34-lp150.2.41.1 ImageMagick-doc-7.0.7.34-lp150.2.41.1 ImageMagick-extra-7.0.7.34-lp150.2.41.1 libMagick++-7_Q16HDRI4-7.0.7.34-lp150.2.41.1 libMagick++-7_Q16HDRI4-32bit-7.0.7.34-lp150.2.41.1 libMagick++-devel-7.0.7.34-lp150.2.41.1 libMagick++-devel-32bit-7.0.7.34-lp150.2.41.1 libMagickCore-7_Q16HDRI6-7.0.7.34-lp150.2.41.1 libMagickCore-7_Q16HDRI6-32bit-7.0.7.34-lp150.2.41.1 libMagickWand-7_Q16HDRI6-7.0.7.34-lp150.2.41.1 libMagickWand-7_Q16HDRI6-32bit-7.0.7.34-lp150.2.41.1 perl-PerlMagick-7.0.7.34-lp150.2.41.1 ImageMagick-7.0.7.34-lp150.2.41.1 as a component of openSUSE Leap 15.0 ImageMagick-config-7-SUSE-7.0.7.34-lp150.2.41.1 as a component of openSUSE Leap 15.0 ImageMagick-config-7-upstream-7.0.7.34-lp150.2.41.1 as a component of openSUSE Leap 15.0 ImageMagick-devel-7.0.7.34-lp150.2.41.1 as a component of openSUSE Leap 15.0 ImageMagick-devel-32bit-7.0.7.34-lp150.2.41.1 as a component of openSUSE Leap 15.0 ImageMagick-doc-7.0.7.34-lp150.2.41.1 as a component of openSUSE Leap 15.0 ImageMagick-extra-7.0.7.34-lp150.2.41.1 as a component of openSUSE Leap 15.0 libMagick++-7_Q16HDRI4-7.0.7.34-lp150.2.41.1 as a component of openSUSE Leap 15.0 libMagick++-7_Q16HDRI4-32bit-7.0.7.34-lp150.2.41.1 as a component of openSUSE Leap 15.0 libMagick++-devel-7.0.7.34-lp150.2.41.1 as a component of openSUSE Leap 15.0 libMagick++-devel-32bit-7.0.7.34-lp150.2.41.1 as a component of openSUSE Leap 15.0 libMagickCore-7_Q16HDRI6-7.0.7.34-lp150.2.41.1 as a component of openSUSE Leap 15.0 libMagickCore-7_Q16HDRI6-32bit-7.0.7.34-lp150.2.41.1 as a component of openSUSE Leap 15.0 libMagickWand-7_Q16HDRI6-7.0.7.34-lp150.2.41.1 as a component of openSUSE Leap 15.0 libMagickWand-7_Q16HDRI6-32bit-7.0.7.34-lp150.2.41.1 as a component of openSUSE Leap 15.0 perl-PerlMagick-7.0.7.34-lp150.2.41.1 as a component of openSUSE Leap 15.0 In ImageMagick 7.x before 7.0.8-42 and 6.x before 6.9.10-42, there is a use after free vulnerability in the UnmapBlob function that allows an attacker to cause a denial of service by sending a crafted file. CVE-2019-14980 openSUSE Leap 15.0:ImageMagick-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:ImageMagick-config-7-SUSE-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:ImageMagick-config-7-upstream-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:ImageMagick-devel-32bit-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:ImageMagick-devel-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:ImageMagick-doc-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:ImageMagick-extra-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:libMagick++-7_Q16HDRI4-32bit-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:libMagick++-7_Q16HDRI4-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:libMagick++-devel-32bit-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:libMagick++-devel-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:libMagickCore-7_Q16HDRI6-32bit-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:libMagickCore-7_Q16HDRI6-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:libMagickWand-7_Q16HDRI6-32bit-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:libMagickWand-7_Q16HDRI6-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:perl-PerlMagick-7.0.7.34-lp150.2.41.1 low To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html https://www.suse.com/security/cve/CVE-2019-14980.html CVE-2019-14980 https://bugzilla.suse.com/1146068 SUSE Bug 1146068 In ImageMagick 7.x before 7.0.8-41 and 6.x before 6.9.10-41, there is a divide-by-zero vulnerability in the MeanShiftImage function. It allows an attacker to cause a denial of service by sending a crafted file. CVE-2019-14981 openSUSE Leap 15.0:ImageMagick-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:ImageMagick-config-7-SUSE-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:ImageMagick-config-7-upstream-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:ImageMagick-devel-32bit-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:ImageMagick-devel-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:ImageMagick-doc-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:ImageMagick-extra-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:libMagick++-7_Q16HDRI4-32bit-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:libMagick++-7_Q16HDRI4-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:libMagick++-devel-32bit-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:libMagick++-devel-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:libMagickCore-7_Q16HDRI6-32bit-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:libMagickCore-7_Q16HDRI6-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:libMagickWand-7_Q16HDRI6-32bit-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:libMagickWand-7_Q16HDRI6-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:perl-PerlMagick-7.0.7.34-lp150.2.41.1 low To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html https://www.suse.com/security/cve/CVE-2019-14981.html CVE-2019-14981 https://bugzilla.suse.com/1146065 SUSE Bug 1146065 The XWD image (X Window System window dumping file) parsing component in ImageMagick 7.0.8-41 Q16 allows attackers to cause a denial-of-service (application crash resulting from an out-of-bounds Read) in ReadXWDImage in coders/xwd.c by crafting a corrupted XWD image file, a different vulnerability than CVE-2019-11472. CVE-2019-15139 openSUSE Leap 15.0:ImageMagick-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:ImageMagick-config-7-SUSE-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:ImageMagick-config-7-upstream-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:ImageMagick-devel-32bit-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:ImageMagick-devel-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:ImageMagick-doc-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:ImageMagick-extra-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:libMagick++-7_Q16HDRI4-32bit-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:libMagick++-7_Q16HDRI4-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:libMagick++-devel-32bit-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:libMagick++-devel-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:libMagickCore-7_Q16HDRI6-32bit-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:libMagickCore-7_Q16HDRI6-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:libMagickWand-7_Q16HDRI6-32bit-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:libMagickWand-7_Q16HDRI6-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:perl-PerlMagick-7.0.7.34-lp150.2.41.1 low To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html https://www.suse.com/security/cve/CVE-2019-15139.html CVE-2019-15139 https://bugzilla.suse.com/1146213 SUSE Bug 1146213 coders/mat.c in ImageMagick 7.0.8-43 Q16 allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact by crafting a Matlab image file that is mishandled in ReadImage in MagickCore/constitute.c. CVE-2019-15140 openSUSE Leap 15.0:ImageMagick-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:ImageMagick-config-7-SUSE-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:ImageMagick-config-7-upstream-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:ImageMagick-devel-32bit-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:ImageMagick-devel-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:ImageMagick-doc-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:ImageMagick-extra-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:libMagick++-7_Q16HDRI4-32bit-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:libMagick++-7_Q16HDRI4-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:libMagick++-devel-32bit-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:libMagick++-devel-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:libMagickCore-7_Q16HDRI6-32bit-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:libMagickCore-7_Q16HDRI6-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:libMagickWand-7_Q16HDRI6-32bit-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:libMagickWand-7_Q16HDRI6-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:perl-PerlMagick-7.0.7.34-lp150.2.41.1 low To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html https://www.suse.com/security/cve/CVE-2019-15140.html CVE-2019-15140 https://bugzilla.suse.com/1146212 SUSE Bug 1146212 WriteTIFFImage in coders/tiff.c in ImageMagick 7.0.8-43 Q16 allows attackers to cause a denial-of-service (application crash resulting from a heap-based buffer over-read) via a crafted TIFF image file, related to TIFFRewriteDirectory, TIFFWriteDirectory, TIFFWriteDirectorySec, and TIFFWriteDirectoryTagColormap in tif_dirwrite.c of LibTIFF. NOTE: this occurs because of an incomplete fix for CVE-2019-11597. CVE-2019-15141 openSUSE Leap 15.0:ImageMagick-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:ImageMagick-config-7-SUSE-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:ImageMagick-config-7-upstream-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:ImageMagick-devel-32bit-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:ImageMagick-devel-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:ImageMagick-doc-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:ImageMagick-extra-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:libMagick++-7_Q16HDRI4-32bit-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:libMagick++-7_Q16HDRI4-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:libMagick++-devel-32bit-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:libMagick++-devel-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:libMagickCore-7_Q16HDRI6-32bit-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:libMagickCore-7_Q16HDRI6-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:libMagickWand-7_Q16HDRI6-32bit-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:libMagickWand-7_Q16HDRI6-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:perl-PerlMagick-7.0.7.34-lp150.2.41.1 low To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html https://www.suse.com/security/cve/CVE-2019-15141.html CVE-2019-15141 https://bugzilla.suse.com/1146211 SUSE Bug 1146211 ImageMagick 7.0.8-35 has a memory leak in magick/xwindow.c, related to XCreateImage. CVE-2019-16708 openSUSE Leap 15.0:ImageMagick-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:ImageMagick-config-7-SUSE-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:ImageMagick-config-7-upstream-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:ImageMagick-devel-32bit-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:ImageMagick-devel-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:ImageMagick-doc-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:ImageMagick-extra-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:libMagick++-7_Q16HDRI4-32bit-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:libMagick++-7_Q16HDRI4-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:libMagick++-devel-32bit-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:libMagick++-devel-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:libMagickCore-7_Q16HDRI6-32bit-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:libMagickCore-7_Q16HDRI6-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:libMagickWand-7_Q16HDRI6-32bit-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:libMagickWand-7_Q16HDRI6-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:perl-PerlMagick-7.0.7.34-lp150.2.41.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html https://www.suse.com/security/cve/CVE-2019-16708.html CVE-2019-16708 https://bugzilla.suse.com/1151781 SUSE Bug 1151781 ImageMagick 7.0.8-35 has a memory leak in coders/dps.c, as demonstrated by XCreateImage. CVE-2019-16709 openSUSE Leap 15.0:ImageMagick-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:ImageMagick-config-7-SUSE-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:ImageMagick-config-7-upstream-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:ImageMagick-devel-32bit-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:ImageMagick-devel-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:ImageMagick-doc-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:ImageMagick-extra-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:libMagick++-7_Q16HDRI4-32bit-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:libMagick++-7_Q16HDRI4-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:libMagick++-devel-32bit-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:libMagick++-devel-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:libMagickCore-7_Q16HDRI6-32bit-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:libMagickCore-7_Q16HDRI6-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:libMagickWand-7_Q16HDRI6-32bit-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:libMagickWand-7_Q16HDRI6-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:perl-PerlMagick-7.0.7.34-lp150.2.41.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html https://www.suse.com/security/cve/CVE-2019-16709.html CVE-2019-16709 https://bugzilla.suse.com/1151782 SUSE Bug 1151782 ImageMagick 7.0.8-35 has a memory leak in coders/dot.c, as demonstrated by AcquireMagickMemory in MagickCore/memory.c. CVE-2019-16710 openSUSE Leap 15.0:ImageMagick-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:ImageMagick-config-7-SUSE-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:ImageMagick-config-7-upstream-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:ImageMagick-devel-32bit-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:ImageMagick-devel-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:ImageMagick-doc-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:ImageMagick-extra-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:libMagick++-7_Q16HDRI4-32bit-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:libMagick++-7_Q16HDRI4-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:libMagick++-devel-32bit-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:libMagick++-devel-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:libMagickCore-7_Q16HDRI6-32bit-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:libMagickCore-7_Q16HDRI6-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:libMagickWand-7_Q16HDRI6-32bit-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:libMagickWand-7_Q16HDRI6-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:perl-PerlMagick-7.0.7.34-lp150.2.41.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html https://www.suse.com/security/cve/CVE-2019-16710.html CVE-2019-16710 https://bugzilla.suse.com/1151783 SUSE Bug 1151783 ImageMagick 7.0.8-40 has a memory leak in Huffman2DEncodeImage in coders/ps2.c. CVE-2019-16711 openSUSE Leap 15.0:ImageMagick-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:ImageMagick-config-7-SUSE-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:ImageMagick-config-7-upstream-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:ImageMagick-devel-32bit-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:ImageMagick-devel-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:ImageMagick-doc-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:ImageMagick-extra-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:libMagick++-7_Q16HDRI4-32bit-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:libMagick++-7_Q16HDRI4-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:libMagick++-devel-32bit-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:libMagick++-devel-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:libMagickCore-7_Q16HDRI6-32bit-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:libMagickCore-7_Q16HDRI6-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:libMagickWand-7_Q16HDRI6-32bit-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:libMagickWand-7_Q16HDRI6-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:perl-PerlMagick-7.0.7.34-lp150.2.41.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html https://www.suse.com/security/cve/CVE-2019-16711.html CVE-2019-16711 https://bugzilla.suse.com/1151784 SUSE Bug 1151784 ImageMagick 7.0.8-43 has a memory leak in Huffman2DEncodeImage in coders/ps3.c, as demonstrated by WritePS3Image. CVE-2019-16712 openSUSE Leap 15.0:ImageMagick-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:ImageMagick-config-7-SUSE-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:ImageMagick-config-7-upstream-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:ImageMagick-devel-32bit-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:ImageMagick-devel-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:ImageMagick-doc-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:ImageMagick-extra-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:libMagick++-7_Q16HDRI4-32bit-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:libMagick++-7_Q16HDRI4-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:libMagick++-devel-32bit-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:libMagick++-devel-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:libMagickCore-7_Q16HDRI6-32bit-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:libMagickCore-7_Q16HDRI6-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:libMagickWand-7_Q16HDRI6-32bit-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:libMagickWand-7_Q16HDRI6-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:perl-PerlMagick-7.0.7.34-lp150.2.41.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html https://www.suse.com/security/cve/CVE-2019-16712.html CVE-2019-16712 https://bugzilla.suse.com/1151785 SUSE Bug 1151785 ImageMagick 7.0.8-43 has a memory leak in coders/dot.c, as demonstrated by PingImage in MagickCore/constitute.c. CVE-2019-16713 openSUSE Leap 15.0:ImageMagick-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:ImageMagick-config-7-SUSE-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:ImageMagick-config-7-upstream-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:ImageMagick-devel-32bit-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:ImageMagick-devel-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:ImageMagick-doc-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:ImageMagick-extra-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:libMagick++-7_Q16HDRI4-32bit-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:libMagick++-7_Q16HDRI4-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:libMagick++-devel-32bit-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:libMagick++-devel-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:libMagickCore-7_Q16HDRI6-32bit-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:libMagickCore-7_Q16HDRI6-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:libMagickWand-7_Q16HDRI6-32bit-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:libMagickWand-7_Q16HDRI6-7.0.7.34-lp150.2.41.1 openSUSE Leap 15.0:perl-PerlMagick-7.0.7.34-lp150.2.41.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html https://www.suse.com/security/cve/CVE-2019-16713.html CVE-2019-16713 https://bugzilla.suse.com/1151786 SUSE Bug 1151786