Security update for ImageMagick SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2017:2199-1 Final 1 1 2017-08-17T06:40:29Z current 2017-08-17T06:40:29Z 2017-08-17T06:40:29Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for ImageMagick This update for ImageMagick fixes the following issues: Security issues fixed: - CVE-2017-9439: A memory leak was found in the function ReadPDBImage incoders/pdb.c (bsc#1042826) - CVE-2017-9440: A memory leak was found in the function ReadPSDChannelin coders/psd.c (bsc#1042812) - CVE-2017-9501: An assertion failure could cause a denial of service via a crafted file (bsc#1043289) - CVE-2017-11403: ReadMNGImage function in coders/png.c has an out-of-order CloseBlob call, resulting in a use-after-free via acrafted file (bsc#1049072) The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-SLE-DESKTOP-12-SP2-2017-1343,SUSE-SLE-DESKTOP-12-SP3-2017-1343,SUSE-SLE-RPI-12-SP2-2017-1343,SUSE-SLE-SDK-12-SP2-2017-1343,SUSE-SLE-SDK-12-SP3-2017-1343,SUSE-SLE-SERVER-12-SP2-2017-1343,SUSE-SLE-SERVER-12-SP3-2017-1343,SUSE-SLE-WE-12-SP2-2017-1343,SUSE-SLE-WE-12-SP3-2017-1343 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2017/suse-su-20172199-1/ Link for SUSE-SU-2017:2199-1 https://lists.opensuse.org/opensuse-security-announce/2017-08/msg00053.html E-Mail link for SUSE-SU-2017:2199-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1042812 SUSE Bug 1042812 https://bugzilla.suse.com/1042826 SUSE Bug 1042826 https://bugzilla.suse.com/1043289 SUSE Bug 1043289 https://bugzilla.suse.com/1049072 SUSE Bug 1049072 https://www.suse.com/security/cve/CVE-2017-11403/ SUSE CVE CVE-2017-11403 page https://www.suse.com/security/cve/CVE-2017-9439/ SUSE CVE CVE-2017-9439 page https://www.suse.com/security/cve/CVE-2017-9440/ SUSE CVE CVE-2017-9440 page https://www.suse.com/security/cve/CVE-2017-9501/ SUSE CVE CVE-2017-9501 page SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 SUSE Linux Enterprise Server for SAP Applications 12 SP2 SUSE Linux Enterprise Server for SAP Applications 12 SP3 SUSE Linux Enterprise Software Development Kit 12 SP2 SUSE Linux Enterprise Software Development Kit 12 SP3 SUSE Linux Enterprise Workstation Extension 12 SP2 SUSE Linux Enterprise Workstation Extension 12 SP3 ImageMagick-6.8.8.1-71.5.3 libMagick++-6_Q16-3-6.8.8.1-71.5.3 libMagickCore-6_Q16-1-6.8.8.1-71.5.3 libMagickCore-6_Q16-1-32bit-6.8.8.1-71.5.3 libMagickWand-6_Q16-1-6.8.8.1-71.5.3 ImageMagick-devel-6.8.8.1-71.5.3 libMagick++-devel-6.8.8.1-71.5.3 perl-PerlMagick-6.8.8.1-71.5.3 ImageMagick-6.8.8.1-71.5.3 as a component of SUSE Linux Enterprise Desktop 12 SP2 libMagick++-6_Q16-3-6.8.8.1-71.5.3 as a component of SUSE Linux Enterprise Desktop 12 SP2 libMagickCore-6_Q16-1-6.8.8.1-71.5.3 as a component of SUSE Linux Enterprise Desktop 12 SP2 libMagickCore-6_Q16-1-32bit-6.8.8.1-71.5.3 as a component of SUSE Linux Enterprise Desktop 12 SP2 libMagickWand-6_Q16-1-6.8.8.1-71.5.3 as a component of SUSE Linux Enterprise Desktop 12 SP2 ImageMagick-6.8.8.1-71.5.3 as a component of SUSE Linux Enterprise Desktop 12 SP3 libMagick++-6_Q16-3-6.8.8.1-71.5.3 as a component of SUSE Linux Enterprise Desktop 12 SP3 libMagickCore-6_Q16-1-6.8.8.1-71.5.3 as a component of SUSE Linux Enterprise Desktop 12 SP3 libMagickCore-6_Q16-1-32bit-6.8.8.1-71.5.3 as a component of SUSE Linux Enterprise Desktop 12 SP3 libMagickWand-6_Q16-1-6.8.8.1-71.5.3 as a component of SUSE Linux Enterprise Desktop 12 SP3 libMagickCore-6_Q16-1-6.8.8.1-71.5.3 as a component of SUSE Linux Enterprise Server 12 SP2 libMagickWand-6_Q16-1-6.8.8.1-71.5.3 as a component of SUSE Linux Enterprise Server 12 SP2 libMagickCore-6_Q16-1-6.8.8.1-71.5.3 as a component of SUSE Linux Enterprise Server 12 SP3 libMagickWand-6_Q16-1-6.8.8.1-71.5.3 as a component of SUSE Linux Enterprise Server 12 SP3 libMagickCore-6_Q16-1-6.8.8.1-71.5.3 as a component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 libMagickWand-6_Q16-1-6.8.8.1-71.5.3 as a component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 libMagickCore-6_Q16-1-6.8.8.1-71.5.3 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP2 libMagickWand-6_Q16-1-6.8.8.1-71.5.3 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP2 libMagickCore-6_Q16-1-6.8.8.1-71.5.3 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP3 libMagickWand-6_Q16-1-6.8.8.1-71.5.3 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP3 ImageMagick-6.8.8.1-71.5.3 as a component of SUSE Linux Enterprise Software Development Kit 12 SP2 ImageMagick-devel-6.8.8.1-71.5.3 as a component of SUSE Linux Enterprise Software Development Kit 12 SP2 libMagick++-6_Q16-3-6.8.8.1-71.5.3 as a component of SUSE Linux Enterprise Software Development Kit 12 SP2 libMagick++-devel-6.8.8.1-71.5.3 as a component of SUSE Linux Enterprise Software Development Kit 12 SP2 perl-PerlMagick-6.8.8.1-71.5.3 as a component of SUSE Linux Enterprise Software Development Kit 12 SP2 ImageMagick-6.8.8.1-71.5.3 as a component of SUSE Linux Enterprise Software Development Kit 12 SP3 ImageMagick-devel-6.8.8.1-71.5.3 as a component of SUSE Linux Enterprise Software Development Kit 12 SP3 libMagick++-6_Q16-3-6.8.8.1-71.5.3 as a component of SUSE Linux Enterprise Software Development Kit 12 SP3 libMagick++-devel-6.8.8.1-71.5.3 as a component of SUSE Linux Enterprise Software Development Kit 12 SP3 perl-PerlMagick-6.8.8.1-71.5.3 as a component of SUSE Linux Enterprise Software Development Kit 12 SP3 ImageMagick-6.8.8.1-71.5.3 as a component of SUSE Linux Enterprise Workstation Extension 12 SP2 libMagick++-6_Q16-3-6.8.8.1-71.5.3 as a component of SUSE Linux Enterprise Workstation Extension 12 SP2 libMagickCore-6_Q16-1-32bit-6.8.8.1-71.5.3 as a component of SUSE Linux Enterprise Workstation Extension 12 SP2 ImageMagick-6.8.8.1-71.5.3 as a component of SUSE Linux Enterprise Workstation Extension 12 SP3 libMagick++-6_Q16-3-6.8.8.1-71.5.3 as a component of SUSE Linux Enterprise Workstation Extension 12 SP3 libMagickCore-6_Q16-1-32bit-6.8.8.1-71.5.3 as a component of SUSE Linux Enterprise Workstation Extension 12 SP3 The ReadMNGImage function in coders/png.c in GraphicsMagick 1.3.26 has an out-of-order CloseBlob call, resulting in a use-after-free via a crafted file. CVE-2017-11403 SUSE Linux Enterprise Desktop 12 SP2:ImageMagick-6.8.8.1-71.5.3 SUSE Linux Enterprise Desktop 12 SP2:libMagick++-6_Q16-3-6.8.8.1-71.5.3 SUSE Linux Enterprise Desktop 12 SP2:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.5.3 SUSE Linux Enterprise Desktop 12 SP2:libMagickCore-6_Q16-1-6.8.8.1-71.5.3 SUSE Linux Enterprise Desktop 12 SP2:libMagickWand-6_Q16-1-6.8.8.1-71.5.3 SUSE Linux Enterprise Desktop 12 SP3:ImageMagick-6.8.8.1-71.5.3 SUSE Linux Enterprise Desktop 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.5.3 SUSE Linux Enterprise Desktop 12 SP3:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.5.3 SUSE Linux Enterprise Desktop 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.5.3 SUSE Linux Enterprise Desktop 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.5.3 SUSE Linux Enterprise Server 12 SP2:libMagickCore-6_Q16-1-6.8.8.1-71.5.3 SUSE Linux Enterprise Server 12 SP2:libMagickWand-6_Q16-1-6.8.8.1-71.5.3 SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.5.3 SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.5.3 SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:libMagickCore-6_Q16-1-6.8.8.1-71.5.3 SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:libMagickWand-6_Q16-1-6.8.8.1-71.5.3 SUSE Linux Enterprise Server for SAP Applications 12 SP2:libMagickCore-6_Q16-1-6.8.8.1-71.5.3 SUSE Linux Enterprise Server for SAP Applications 12 SP2:libMagickWand-6_Q16-1-6.8.8.1-71.5.3 SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.5.3 SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.5.3 SUSE Linux Enterprise Software Development Kit 12 SP2:ImageMagick-6.8.8.1-71.5.3 SUSE Linux Enterprise Software Development Kit 12 SP2:ImageMagick-devel-6.8.8.1-71.5.3 SUSE Linux Enterprise Software Development Kit 12 SP2:libMagick++-6_Q16-3-6.8.8.1-71.5.3 SUSE Linux Enterprise Software Development Kit 12 SP2:libMagick++-devel-6.8.8.1-71.5.3 SUSE Linux Enterprise Software Development Kit 12 SP2:perl-PerlMagick-6.8.8.1-71.5.3 SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.5.3 SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.5.3 SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.5.3 SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.5.3 SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.5.3 SUSE Linux Enterprise Workstation Extension 12 SP2:ImageMagick-6.8.8.1-71.5.3 SUSE Linux Enterprise Workstation Extension 12 SP2:libMagick++-6_Q16-3-6.8.8.1-71.5.3 SUSE Linux Enterprise Workstation Extension 12 SP2:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.5.3 SUSE Linux Enterprise Workstation Extension 12 SP3:ImageMagick-6.8.8.1-71.5.3 SUSE Linux Enterprise Workstation Extension 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.5.3 SUSE Linux Enterprise Workstation Extension 12 SP3:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.5.3 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2017/suse-su-20172199-1/ https://www.suse.com/security/cve/CVE-2017-11403.html CVE-2017-11403 https://bugzilla.suse.com/1049072 SUSE Bug 1049072 https://bugzilla.suse.com/1053809 SUSE Bug 1053809 https://bugzilla.suse.com/1053919 SUSE Bug 1053919 https://bugzilla.suse.com/1054600 SUSE Bug 1054600 https://bugzilla.suse.com/1057000 SUSE Bug 1057000 https://bugzilla.suse.com/1084062 SUSE Bug 1084062 In ImageMagick 7.0.5-5, a memory leak was found in the function ReadPDBImage in coders/pdb.c, which allows attackers to cause a denial of service via a crafted file. CVE-2017-9439 SUSE Linux Enterprise Desktop 12 SP2:ImageMagick-6.8.8.1-71.5.3 SUSE Linux Enterprise Desktop 12 SP2:libMagick++-6_Q16-3-6.8.8.1-71.5.3 SUSE Linux Enterprise Desktop 12 SP2:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.5.3 SUSE Linux Enterprise Desktop 12 SP2:libMagickCore-6_Q16-1-6.8.8.1-71.5.3 SUSE Linux Enterprise Desktop 12 SP2:libMagickWand-6_Q16-1-6.8.8.1-71.5.3 SUSE Linux Enterprise Desktop 12 SP3:ImageMagick-6.8.8.1-71.5.3 SUSE Linux Enterprise Desktop 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.5.3 SUSE Linux Enterprise Desktop 12 SP3:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.5.3 SUSE Linux Enterprise Desktop 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.5.3 SUSE Linux Enterprise Desktop 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.5.3 SUSE Linux Enterprise Server 12 SP2:libMagickCore-6_Q16-1-6.8.8.1-71.5.3 SUSE Linux Enterprise Server 12 SP2:libMagickWand-6_Q16-1-6.8.8.1-71.5.3 SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.5.3 SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.5.3 SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:libMagickCore-6_Q16-1-6.8.8.1-71.5.3 SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:libMagickWand-6_Q16-1-6.8.8.1-71.5.3 SUSE Linux Enterprise Server for SAP Applications 12 SP2:libMagickCore-6_Q16-1-6.8.8.1-71.5.3 SUSE Linux Enterprise Server for SAP Applications 12 SP2:libMagickWand-6_Q16-1-6.8.8.1-71.5.3 SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.5.3 SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.5.3 SUSE Linux Enterprise Software Development Kit 12 SP2:ImageMagick-6.8.8.1-71.5.3 SUSE Linux Enterprise Software Development Kit 12 SP2:ImageMagick-devel-6.8.8.1-71.5.3 SUSE Linux Enterprise Software Development Kit 12 SP2:libMagick++-6_Q16-3-6.8.8.1-71.5.3 SUSE Linux Enterprise Software Development Kit 12 SP2:libMagick++-devel-6.8.8.1-71.5.3 SUSE Linux Enterprise Software Development Kit 12 SP2:perl-PerlMagick-6.8.8.1-71.5.3 SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.5.3 SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.5.3 SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.5.3 SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.5.3 SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.5.3 SUSE Linux Enterprise Workstation Extension 12 SP2:ImageMagick-6.8.8.1-71.5.3 SUSE Linux Enterprise Workstation Extension 12 SP2:libMagick++-6_Q16-3-6.8.8.1-71.5.3 SUSE Linux Enterprise Workstation Extension 12 SP2:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.5.3 SUSE Linux Enterprise Workstation Extension 12 SP3:ImageMagick-6.8.8.1-71.5.3 SUSE Linux Enterprise Workstation Extension 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.5.3 SUSE Linux Enterprise Workstation Extension 12 SP3:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.5.3 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2017/suse-su-20172199-1/ https://www.suse.com/security/cve/CVE-2017-9439.html CVE-2017-9439 https://bugzilla.suse.com/1042826 SUSE Bug 1042826 https://bugzilla.suse.com/1053919 SUSE Bug 1053919 In ImageMagick 7.0.5-5, a memory leak was found in the function ReadPSDChannel in coders/psd.c, which allows attackers to cause a denial of service via a crafted file. CVE-2017-9440 SUSE Linux Enterprise Desktop 12 SP2:ImageMagick-6.8.8.1-71.5.3 SUSE Linux Enterprise Desktop 12 SP2:libMagick++-6_Q16-3-6.8.8.1-71.5.3 SUSE Linux Enterprise Desktop 12 SP2:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.5.3 SUSE Linux Enterprise Desktop 12 SP2:libMagickCore-6_Q16-1-6.8.8.1-71.5.3 SUSE Linux Enterprise Desktop 12 SP2:libMagickWand-6_Q16-1-6.8.8.1-71.5.3 SUSE Linux Enterprise Desktop 12 SP3:ImageMagick-6.8.8.1-71.5.3 SUSE Linux Enterprise Desktop 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.5.3 SUSE Linux Enterprise Desktop 12 SP3:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.5.3 SUSE Linux Enterprise Desktop 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.5.3 SUSE Linux Enterprise Desktop 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.5.3 SUSE Linux Enterprise Server 12 SP2:libMagickCore-6_Q16-1-6.8.8.1-71.5.3 SUSE Linux Enterprise Server 12 SP2:libMagickWand-6_Q16-1-6.8.8.1-71.5.3 SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.5.3 SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.5.3 SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:libMagickCore-6_Q16-1-6.8.8.1-71.5.3 SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:libMagickWand-6_Q16-1-6.8.8.1-71.5.3 SUSE Linux Enterprise Server for SAP Applications 12 SP2:libMagickCore-6_Q16-1-6.8.8.1-71.5.3 SUSE Linux Enterprise Server for SAP Applications 12 SP2:libMagickWand-6_Q16-1-6.8.8.1-71.5.3 SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.5.3 SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.5.3 SUSE Linux Enterprise Software Development Kit 12 SP2:ImageMagick-6.8.8.1-71.5.3 SUSE Linux Enterprise Software Development Kit 12 SP2:ImageMagick-devel-6.8.8.1-71.5.3 SUSE Linux Enterprise Software Development Kit 12 SP2:libMagick++-6_Q16-3-6.8.8.1-71.5.3 SUSE Linux Enterprise Software Development Kit 12 SP2:libMagick++-devel-6.8.8.1-71.5.3 SUSE Linux Enterprise Software Development Kit 12 SP2:perl-PerlMagick-6.8.8.1-71.5.3 SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.5.3 SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.5.3 SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.5.3 SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.5.3 SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.5.3 SUSE Linux Enterprise Workstation Extension 12 SP2:ImageMagick-6.8.8.1-71.5.3 SUSE Linux Enterprise Workstation Extension 12 SP2:libMagick++-6_Q16-3-6.8.8.1-71.5.3 SUSE Linux Enterprise Workstation Extension 12 SP2:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.5.3 SUSE Linux Enterprise Workstation Extension 12 SP3:ImageMagick-6.8.8.1-71.5.3 SUSE Linux Enterprise Workstation Extension 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.5.3 SUSE Linux Enterprise Workstation Extension 12 SP3:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.5.3 important 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2017/suse-su-20172199-1/ https://www.suse.com/security/cve/CVE-2017-9440.html CVE-2017-9440 https://bugzilla.suse.com/1042812 SUSE Bug 1042812 https://bugzilla.suse.com/1053919 SUSE Bug 1053919 In ImageMagick 7.0.5-7 Q16, an assertion failure was found in the function LockSemaphoreInfo, which allows attackers to cause a denial of service via a crafted file. CVE-2017-9501 SUSE Linux Enterprise Desktop 12 SP2:ImageMagick-6.8.8.1-71.5.3 SUSE Linux Enterprise Desktop 12 SP2:libMagick++-6_Q16-3-6.8.8.1-71.5.3 SUSE Linux Enterprise Desktop 12 SP2:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.5.3 SUSE Linux Enterprise Desktop 12 SP2:libMagickCore-6_Q16-1-6.8.8.1-71.5.3 SUSE Linux Enterprise Desktop 12 SP2:libMagickWand-6_Q16-1-6.8.8.1-71.5.3 SUSE Linux Enterprise Desktop 12 SP3:ImageMagick-6.8.8.1-71.5.3 SUSE Linux Enterprise Desktop 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.5.3 SUSE Linux Enterprise Desktop 12 SP3:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.5.3 SUSE Linux Enterprise Desktop 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.5.3 SUSE Linux Enterprise Desktop 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.5.3 SUSE Linux Enterprise Server 12 SP2:libMagickCore-6_Q16-1-6.8.8.1-71.5.3 SUSE Linux Enterprise Server 12 SP2:libMagickWand-6_Q16-1-6.8.8.1-71.5.3 SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.5.3 SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.5.3 SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:libMagickCore-6_Q16-1-6.8.8.1-71.5.3 SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:libMagickWand-6_Q16-1-6.8.8.1-71.5.3 SUSE Linux Enterprise Server for SAP Applications 12 SP2:libMagickCore-6_Q16-1-6.8.8.1-71.5.3 SUSE Linux Enterprise Server for SAP Applications 12 SP2:libMagickWand-6_Q16-1-6.8.8.1-71.5.3 SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.5.3 SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.5.3 SUSE Linux Enterprise Software Development Kit 12 SP2:ImageMagick-6.8.8.1-71.5.3 SUSE Linux Enterprise Software Development Kit 12 SP2:ImageMagick-devel-6.8.8.1-71.5.3 SUSE Linux Enterprise Software Development Kit 12 SP2:libMagick++-6_Q16-3-6.8.8.1-71.5.3 SUSE Linux Enterprise Software Development Kit 12 SP2:libMagick++-devel-6.8.8.1-71.5.3 SUSE Linux Enterprise Software Development Kit 12 SP2:perl-PerlMagick-6.8.8.1-71.5.3 SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.5.3 SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.5.3 SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.5.3 SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.5.3 SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.5.3 SUSE Linux Enterprise Workstation Extension 12 SP2:ImageMagick-6.8.8.1-71.5.3 SUSE Linux Enterprise Workstation Extension 12 SP2:libMagick++-6_Q16-3-6.8.8.1-71.5.3 SUSE Linux Enterprise Workstation Extension 12 SP2:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.5.3 SUSE Linux Enterprise Workstation Extension 12 SP3:ImageMagick-6.8.8.1-71.5.3 SUSE Linux Enterprise Workstation Extension 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.5.3 SUSE Linux Enterprise Workstation Extension 12 SP3:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.5.3 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2017/suse-su-20172199-1/ https://www.suse.com/security/cve/CVE-2017-9501.html CVE-2017-9501 https://bugzilla.suse.com/1043289 SUSE Bug 1043289 https://bugzilla.suse.com/1053919 SUSE Bug 1053919