Security update for lcms2 SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2018:3545-1 Final 1 1 2018-10-29T09:59:03Z current 2018-10-29T09:59:03Z 2018-10-29T09:59:03Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for lcms2 This update for lcms2 fixes the following security issues: - CVE-2016-10165: The Type_MLU_Read function allowed remote attackers to obtain sensitive information or cause a denial of service via an image with a crafted ICC profile, which triggered an out-of-bounds heap read (bsc#1021364). - CVE-2018-16435: A integer overflow was fixed in the AllocateDataSet function in cmscgats.c, that could lead to a heap-based buffer overflow in the SetData function via a crafted file in the second argument to cmsIT8LoadFromFile. (bsc#1108813) - Ensure that LUT stages match channel count (bsc#1026649). - sanitize input and output channels on MPE profiles (bsc#1026650). The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-SLE-DESKTOP-12-SP3-2018-2512,SUSE-SLE-SDK-12-SP3-2018-2512,SUSE-SLE-SERVER-12-SP3-2018-2512 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2018/suse-su-20183545-1/ Link for SUSE-SU-2018:3545-1 https://lists.suse.com/pipermail/sle-security-updates/2018-October/004806.html E-Mail link for SUSE-SU-2018:3545-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1021364 SUSE Bug 1021364 https://bugzilla.suse.com/1026649 SUSE Bug 1026649 https://bugzilla.suse.com/1026650 SUSE Bug 1026650 https://bugzilla.suse.com/1108813 SUSE Bug 1108813 https://www.suse.com/security/cve/CVE-2016-10165/ SUSE CVE CVE-2016-10165 page https://www.suse.com/security/cve/CVE-2018-16435/ SUSE CVE CVE-2018-16435 page SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server for SAP Applications 12 SP3 SUSE Linux Enterprise Software Development Kit 12 SP3 lcms2-2.7-9.7.1 liblcms2-2-2.7-9.7.1 liblcms2-2-32bit-2.7-9.7.1 liblcms2-devel-2.7-9.7.1 lcms2-2.7-9.7.1 as a component of SUSE Linux Enterprise Desktop 12 SP3 liblcms2-2-2.7-9.7.1 as a component of SUSE Linux Enterprise Desktop 12 SP3 liblcms2-2-32bit-2.7-9.7.1 as a component of SUSE Linux Enterprise Desktop 12 SP3 lcms2-2.7-9.7.1 as a component of SUSE Linux Enterprise Server 12 SP3 liblcms2-2-2.7-9.7.1 as a component of SUSE Linux Enterprise Server 12 SP3 liblcms2-2-32bit-2.7-9.7.1 as a component of SUSE Linux Enterprise Server 12 SP3 lcms2-2.7-9.7.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP3 liblcms2-2-2.7-9.7.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP3 liblcms2-2-32bit-2.7-9.7.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP3 liblcms2-devel-2.7-9.7.1 as a component of SUSE Linux Enterprise Software Development Kit 12 SP3 The Type_MLU_Read function in cmstypes.c in Little CMS (aka lcms2) allows remote attackers to obtain sensitive information or cause a denial of service via an image with a crafted ICC profile, which triggers an out-of-bounds heap read. CVE-2016-10165 SUSE Linux Enterprise Desktop 12 SP3:lcms2-2.7-9.7.1 SUSE Linux Enterprise Desktop 12 SP3:liblcms2-2-2.7-9.7.1 SUSE Linux Enterprise Desktop 12 SP3:liblcms2-2-32bit-2.7-9.7.1 SUSE Linux Enterprise Server 12 SP3:lcms2-2.7-9.7.1 SUSE Linux Enterprise Server 12 SP3:liblcms2-2-2.7-9.7.1 SUSE Linux Enterprise Server 12 SP3:liblcms2-2-32bit-2.7-9.7.1 SUSE Linux Enterprise Server for SAP Applications 12 SP3:lcms2-2.7-9.7.1 SUSE Linux Enterprise Server for SAP Applications 12 SP3:liblcms2-2-2.7-9.7.1 SUSE Linux Enterprise Server for SAP Applications 12 SP3:liblcms2-2-32bit-2.7-9.7.1 SUSE Linux Enterprise Software Development Kit 12 SP3:liblcms2-devel-2.7-9.7.1 moderate 4 AV:N/AC:H/Au:N/C:N/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2018/suse-su-20183545-1/ https://www.suse.com/security/cve/CVE-2016-10165.html CVE-2016-10165 https://bugzilla.suse.com/1021364 SUSE Bug 1021364 https://bugzilla.suse.com/1064069 SUSE Bug 1064069 https://bugzilla.suse.com/1070162 SUSE Bug 1070162 Little CMS (aka Little Color Management System) 2.9 has an integer overflow in the AllocateDataSet function in cmscgats.c, leading to a heap-based buffer overflow in the SetData function via a crafted file in the second argument to cmsIT8LoadFromFile. CVE-2018-16435 SUSE Linux Enterprise Desktop 12 SP3:lcms2-2.7-9.7.1 SUSE Linux Enterprise Desktop 12 SP3:liblcms2-2-2.7-9.7.1 SUSE Linux Enterprise Desktop 12 SP3:liblcms2-2-32bit-2.7-9.7.1 SUSE Linux Enterprise Server 12 SP3:lcms2-2.7-9.7.1 SUSE Linux Enterprise Server 12 SP3:liblcms2-2-2.7-9.7.1 SUSE Linux Enterprise Server 12 SP3:liblcms2-2-32bit-2.7-9.7.1 SUSE Linux Enterprise Server for SAP Applications 12 SP3:lcms2-2.7-9.7.1 SUSE Linux Enterprise Server for SAP Applications 12 SP3:liblcms2-2-2.7-9.7.1 SUSE Linux Enterprise Server for SAP Applications 12 SP3:liblcms2-2-32bit-2.7-9.7.1 SUSE Linux Enterprise Software Development Kit 12 SP3:liblcms2-devel-2.7-9.7.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2018/suse-su-20183545-1/ https://www.suse.com/security/cve/CVE-2018-16435.html CVE-2018-16435 https://bugzilla.suse.com/1108813 SUSE Bug 1108813