SUSE-SU-2018:0349-1: moderate: Security update for ImageMagick

sle-updates at lists.suse.com sle-updates at lists.suse.com
Fri Feb 2 07:08:14 MST 2018


   SUSE Security Update: Security update for ImageMagick
______________________________________________________________________________

Announcement ID:    SUSE-SU-2018:0349-1
Rating:             moderate
References:         #1043353 #1043354 #1047908 #1050037 #1050072 
                    #1050098 #1050100 #1050635 #1051442 #1052470 
                    #1052708 #1052717 #1052721 #1052768 #1052777 
                    #1052781 #1054600 #1055068 #1055374 #1055455 
                    #1055456 #1057000 #1060162 #1062752 #1072362 
                    #1072901 #1074120 #1074125 #1074185 #1074309 
                    #1075939 #1076021 #1076051 
Cross-References:   CVE-2017-10995 CVE-2017-11505 CVE-2017-11525
                    CVE-2017-11526 CVE-2017-11539 CVE-2017-11639
                    CVE-2017-11750 CVE-2017-12565 CVE-2017-12640
                    CVE-2017-12641 CVE-2017-12643 CVE-2017-12671
                    CVE-2017-12673 CVE-2017-12676 CVE-2017-12935
                    CVE-2017-13059 CVE-2017-13141 CVE-2017-13142
                    CVE-2017-13147 CVE-2017-14103 CVE-2017-14649
                    CVE-2017-15218 CVE-2017-17504 CVE-2017-17681
                    CVE-2017-17879 CVE-2017-17884 CVE-2017-17914
                    CVE-2017-18008 CVE-2017-18027 CVE-2017-18029
                    CVE-2017-9261 CVE-2017-9262 CVE-2018-5246
                    CVE-2018-5685
Affected Products:
                    SUSE Linux Enterprise Workstation Extension 12-SP3
                    SUSE Linux Enterprise Workstation Extension 12-SP2
                    SUSE Linux Enterprise Software Development Kit 12-SP3
                    SUSE Linux Enterprise Software Development Kit 12-SP2
                    SUSE Linux Enterprise Server for Raspberry Pi 12-SP2
                    SUSE Linux Enterprise Server 12-SP3
                    SUSE Linux Enterprise Server 12-SP2
                    SUSE Linux Enterprise Desktop 12-SP3
                    SUSE Linux Enterprise Desktop 12-SP2
______________________________________________________________________________

   An update that fixes 34 vulnerabilities is now available.

Description:

   This update for ImageMagick fixes several issues.

   These security issues were fixed:

   - CVE-2017-18027: Prevent memory leak vulnerability in the function
     ReadMATImage which allowed remote attackers to cause a denial of service
     via a crafted file (bsc#1076051)
   - CVE-2017-18029: Prevent memory leak in the function ReadMATImage which
     allowed remote attackers to cause a denial of service via a crafted file
     (bsc#1076021)
   - CVE-2017-17681: Prevent infinite loop in the function ReadPSDChannelZip
     in coders/psd.c, which allowed attackers to cause a denial of service
     (CPU exhaustion) via a crafted psd image file (bsc#1072901).
   - CVE-2017-18008: Prevent memory Leak in ReadPWPImage which allowed
     attackers to cause a denial of service via a PWP file (bsc#1074309).
   - CVE-2018-5685: Prevent infinite loop and application hang in the
     ReadBMPImage function. Remote attackers could leverage this
     vulnerability to cause a denial
     of service via an image file with a crafted bit-field mask value
      (bsc#1075939)
   - CVE-2017-11639: Prevent heap-based buffer over-read in the
     WriteCIPImage() function, related to the GetPixelLuma function in
     MagickCore/pixel-accessor.h (bsc#1050635)
   - CVE-2017-11525: Prevent memory consumption in the ReadCINImage function
     that allowed remote attackers to cause a denial of service (bsc#1050098)
   - CVE-2017-9262: The ReadJNGImage function in coders/png.c allowed
     attackers to cause a denial of service (memory leak) via a crafted file
     (bsc#1043353).
   - CVE-2017-9261: The ReadMNGImage function in coders/png.c allowed
     attackers to cause a denial of service (memory leak) via a crafted file
     (bsc#1043354).
   - CVE-2017-10995: The mng_get_long function in coders/png.c allowed remote
     attackers to cause a denial of service (heap-based buffer over-read and
     application crash) via a crafted MNG image (bsc#1047908).
   - CVE-2017-11539: Prevent memory leak in the ReadOnePNGImage() function in
     coders/png.c (bsc#1050037).
   - CVE-2017-11505: The ReadOneJNGImage function in coders/png.c allowed
     remote attackers to cause a denial of service (large loop and CPU
     consumption) via a crafted file (bsc#1050072).
   - CVE-2017-11526: The ReadOneMNGImage function in coders/png.c allowed
     remote attackers to cause a denial of service (large loop and CPU
     consumption) via a crafted file (bsc#1050100).
   - CVE-2017-11750: The ReadOneJNGImage function in coders/png.c allowed
     remote attackers to cause a denial of service (NULL pointer dereference)
     via a crafted file (bsc#1051442).
   - CVE-2017-12565: Prevent memory leak in the function ReadOneJNGImage in
     coders/png.c, which allowed attackers to cause a denial of service
     (bsc#1052470).
   - CVE-2017-12676: Prevent memory leak in the function ReadOneJNGImage in
     coders/png.c, which allowed attackers to cause a denial of service
     (bsc#1052708).
   - CVE-2017-12673: Prevent memory leak in the function ReadOneMNGImage in
     coders/png.c, which allowed attackers to cause a denial of service
     (bsc#1052717).
   - CVE-2017-12671: Added NULL assignment in coders/png.c to prevent an
     invalid free in the function RelinquishMagickMemory in
     MagickCore/memory.c, which allowed attackers to cause a denial of
     service (bsc#1052721).
   - CVE-2017-12643: Prevent a memory exhaustion vulnerability in
     ReadOneJNGImage in coders\png.c (bsc#1052768).
   - CVE-2017-12641: Prevent a memory leak vulnerability in ReadOneJNGImage
     in coders\png.c (bsc#1052777).
   - CVE-2017-12640: Prevent an out-of-bounds read vulnerability in
     ReadOneMNGImage in coders/png.c (bsc#1052781).
   - CVE-2017-12935: The ReadMNGImage function in coders/png.c mishandled
     large MNG images, leading to an invalid memory read in the
     SetImageColorCallBack function in magick/image.c (bsc#1054600).
   - CVE-2017-13059: Prevent memory leak in the function WriteOneJNGImage in
     coders/png.c, which allowed attackers to cause a denial of service
     (WriteJNGImage memory consumption) via a crafted file (bsc#1055068).
   - CVE-2017-13147: Prevent allocation failure in the function ReadMNGImage
     in coders/png.c when a small MNG file has a MEND chunk with a large
     length value (bsc#1055374).
   - CVE-2017-13142: Added additional checks for short files to prevent a
     crafted PNG file from triggering a crash (bsc#1055455).
   - CVE-2017-13141: Prevent memory leak in ReadOnePNGImage in coders/png.c
     (bsc#1055456).
   - CVE-2017-14103: The ReadJNGImage and ReadOneJNGImage functions in
     coders/png.c did not properly manage image pointers after certain error
     conditions, which allowed remote attackers to conduct use-after-free
     attacks via a crafted file, related to a ReadMNGImage out-of-order
     CloseBlob call (bsc#1057000).
   - CVE-2017-14649: ReadOneJNGImage in coders/png.c did not properly
     validate JNG data, leading to a denial of service (assertion failure in
     magick/pixel_cache.c, and application crash) (bsc#1060162).
   - CVE-2017-15218: Prevent memory leak in ReadOneJNGImage in coders/png.c
     (bsc#1062752).
   - CVE-2017-17504: Prevent heap-based buffer over-read via a crafted file
     in Magick_png_read_raw_profile, related to ReadOneMNGImage (bsc#1072362).
   - CVE-2017-17884: Prevent memory leak in the function WriteOnePNGImage in
     coders/png.c, which allowed attackers to cause a denial of service via a
     crafted PNG image file (bsc#1074120).
   - CVE-2017-17879: Prevent heap-based buffer over-read in ReadOneMNGImage
     in coders/png.c, related to length calculation and caused by an
     off-by-one error (bsc#1074125).
   - CVE-2017-17914: Prevent crafted files to cause a large loop in
     ReadOneMNGImage (bsc#1074185).


Patch Instructions:

   To install this SUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Workstation Extension 12-SP3:

      zypper in -t patch SUSE-SLE-WE-12-SP3-2018-244=1

   - SUSE Linux Enterprise Workstation Extension 12-SP2:

      zypper in -t patch SUSE-SLE-WE-12-SP2-2018-244=1

   - SUSE Linux Enterprise Software Development Kit 12-SP3:

      zypper in -t patch SUSE-SLE-SDK-12-SP3-2018-244=1

   - SUSE Linux Enterprise Software Development Kit 12-SP2:

      zypper in -t patch SUSE-SLE-SDK-12-SP2-2018-244=1

   - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2:

      zypper in -t patch SUSE-SLE-RPI-12-SP2-2018-244=1

   - SUSE Linux Enterprise Server 12-SP3:

      zypper in -t patch SUSE-SLE-SERVER-12-SP3-2018-244=1

   - SUSE Linux Enterprise Server 12-SP2:

      zypper in -t patch SUSE-SLE-SERVER-12-SP2-2018-244=1

   - SUSE Linux Enterprise Desktop 12-SP3:

      zypper in -t patch SUSE-SLE-DESKTOP-12-SP3-2018-244=1

   - SUSE Linux Enterprise Desktop 12-SP2:

      zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2018-244=1

   To bring your system up-to-date, use "zypper patch".


Package List:

   - SUSE Linux Enterprise Workstation Extension 12-SP3 (x86_64):

      ImageMagick-6.8.8.1-71.33.1
      ImageMagick-debuginfo-6.8.8.1-71.33.1
      ImageMagick-debugsource-6.8.8.1-71.33.1
      libMagick++-6_Q16-3-6.8.8.1-71.33.1
      libMagick++-6_Q16-3-debuginfo-6.8.8.1-71.33.1
      libMagickCore-6_Q16-1-32bit-6.8.8.1-71.33.1
      libMagickCore-6_Q16-1-debuginfo-32bit-6.8.8.1-71.33.1

   - SUSE Linux Enterprise Workstation Extension 12-SP2 (x86_64):

      ImageMagick-6.8.8.1-71.33.1
      ImageMagick-debuginfo-6.8.8.1-71.33.1
      ImageMagick-debugsource-6.8.8.1-71.33.1
      libMagick++-6_Q16-3-6.8.8.1-71.33.1
      libMagick++-6_Q16-3-debuginfo-6.8.8.1-71.33.1
      libMagickCore-6_Q16-1-32bit-6.8.8.1-71.33.1
      libMagickCore-6_Q16-1-debuginfo-32bit-6.8.8.1-71.33.1

   - SUSE Linux Enterprise Software Development Kit 12-SP3 (aarch64 ppc64le s390x x86_64):

      ImageMagick-6.8.8.1-71.33.1
      ImageMagick-debuginfo-6.8.8.1-71.33.1
      ImageMagick-debugsource-6.8.8.1-71.33.1
      ImageMagick-devel-6.8.8.1-71.33.1
      libMagick++-6_Q16-3-6.8.8.1-71.33.1
      libMagick++-6_Q16-3-debuginfo-6.8.8.1-71.33.1
      libMagick++-devel-6.8.8.1-71.33.1
      perl-PerlMagick-6.8.8.1-71.33.1
      perl-PerlMagick-debuginfo-6.8.8.1-71.33.1

   - SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 ppc64le s390x x86_64):

      ImageMagick-6.8.8.1-71.33.1
      ImageMagick-debuginfo-6.8.8.1-71.33.1
      ImageMagick-debugsource-6.8.8.1-71.33.1
      ImageMagick-devel-6.8.8.1-71.33.1
      libMagick++-6_Q16-3-6.8.8.1-71.33.1
      libMagick++-6_Q16-3-debuginfo-6.8.8.1-71.33.1
      libMagick++-devel-6.8.8.1-71.33.1
      perl-PerlMagick-6.8.8.1-71.33.1
      perl-PerlMagick-debuginfo-6.8.8.1-71.33.1

   - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64):

      ImageMagick-debuginfo-6.8.8.1-71.33.1
      ImageMagick-debugsource-6.8.8.1-71.33.1
      libMagickCore-6_Q16-1-6.8.8.1-71.33.1
      libMagickCore-6_Q16-1-debuginfo-6.8.8.1-71.33.1
      libMagickWand-6_Q16-1-6.8.8.1-71.33.1
      libMagickWand-6_Q16-1-debuginfo-6.8.8.1-71.33.1

   - SUSE Linux Enterprise Server 12-SP3 (aarch64 ppc64le s390x x86_64):

      ImageMagick-debuginfo-6.8.8.1-71.33.1
      ImageMagick-debugsource-6.8.8.1-71.33.1
      libMagickCore-6_Q16-1-6.8.8.1-71.33.1
      libMagickCore-6_Q16-1-debuginfo-6.8.8.1-71.33.1
      libMagickWand-6_Q16-1-6.8.8.1-71.33.1
      libMagickWand-6_Q16-1-debuginfo-6.8.8.1-71.33.1

   - SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le s390x x86_64):

      ImageMagick-debuginfo-6.8.8.1-71.33.1
      ImageMagick-debugsource-6.8.8.1-71.33.1
      libMagickCore-6_Q16-1-6.8.8.1-71.33.1
      libMagickCore-6_Q16-1-debuginfo-6.8.8.1-71.33.1
      libMagickWand-6_Q16-1-6.8.8.1-71.33.1
      libMagickWand-6_Q16-1-debuginfo-6.8.8.1-71.33.1

   - SUSE Linux Enterprise Desktop 12-SP3 (x86_64):

      ImageMagick-6.8.8.1-71.33.1
      ImageMagick-debuginfo-6.8.8.1-71.33.1
      ImageMagick-debugsource-6.8.8.1-71.33.1
      libMagick++-6_Q16-3-6.8.8.1-71.33.1
      libMagick++-6_Q16-3-debuginfo-6.8.8.1-71.33.1
      libMagickCore-6_Q16-1-32bit-6.8.8.1-71.33.1
      libMagickCore-6_Q16-1-6.8.8.1-71.33.1
      libMagickCore-6_Q16-1-debuginfo-32bit-6.8.8.1-71.33.1
      libMagickCore-6_Q16-1-debuginfo-6.8.8.1-71.33.1
      libMagickWand-6_Q16-1-6.8.8.1-71.33.1
      libMagickWand-6_Q16-1-debuginfo-6.8.8.1-71.33.1

   - SUSE Linux Enterprise Desktop 12-SP2 (x86_64):

      ImageMagick-6.8.8.1-71.33.1
      ImageMagick-debuginfo-6.8.8.1-71.33.1
      ImageMagick-debugsource-6.8.8.1-71.33.1
      libMagick++-6_Q16-3-6.8.8.1-71.33.1
      libMagick++-6_Q16-3-debuginfo-6.8.8.1-71.33.1
      libMagickCore-6_Q16-1-32bit-6.8.8.1-71.33.1
      libMagickCore-6_Q16-1-6.8.8.1-71.33.1
      libMagickCore-6_Q16-1-debuginfo-32bit-6.8.8.1-71.33.1
      libMagickCore-6_Q16-1-debuginfo-6.8.8.1-71.33.1
      libMagickWand-6_Q16-1-6.8.8.1-71.33.1
      libMagickWand-6_Q16-1-debuginfo-6.8.8.1-71.33.1


References:

   https://www.suse.com/security/cve/CVE-2017-10995.html
   https://www.suse.com/security/cve/CVE-2017-11505.html
   https://www.suse.com/security/cve/CVE-2017-11525.html
   https://www.suse.com/security/cve/CVE-2017-11526.html
   https://www.suse.com/security/cve/CVE-2017-11539.html
   https://www.suse.com/security/cve/CVE-2017-11639.html
   https://www.suse.com/security/cve/CVE-2017-11750.html
   https://www.suse.com/security/cve/CVE-2017-12565.html
   https://www.suse.com/security/cve/CVE-2017-12640.html
   https://www.suse.com/security/cve/CVE-2017-12641.html
   https://www.suse.com/security/cve/CVE-2017-12643.html
   https://www.suse.com/security/cve/CVE-2017-12671.html
   https://www.suse.com/security/cve/CVE-2017-12673.html
   https://www.suse.com/security/cve/CVE-2017-12676.html
   https://www.suse.com/security/cve/CVE-2017-12935.html
   https://www.suse.com/security/cve/CVE-2017-13059.html
   https://www.suse.com/security/cve/CVE-2017-13141.html
   https://www.suse.com/security/cve/CVE-2017-13142.html
   https://www.suse.com/security/cve/CVE-2017-13147.html
   https://www.suse.com/security/cve/CVE-2017-14103.html
   https://www.suse.com/security/cve/CVE-2017-14649.html
   https://www.suse.com/security/cve/CVE-2017-15218.html
   https://www.suse.com/security/cve/CVE-2017-17504.html
   https://www.suse.com/security/cve/CVE-2017-17681.html
   https://www.suse.com/security/cve/CVE-2017-17879.html
   https://www.suse.com/security/cve/CVE-2017-17884.html
   https://www.suse.com/security/cve/CVE-2017-17914.html
   https://www.suse.com/security/cve/CVE-2017-18008.html
   https://www.suse.com/security/cve/CVE-2017-18027.html
   https://www.suse.com/security/cve/CVE-2017-18029.html
   https://www.suse.com/security/cve/CVE-2017-9261.html
   https://www.suse.com/security/cve/CVE-2017-9262.html
   https://www.suse.com/security/cve/CVE-2018-5246.html
   https://www.suse.com/security/cve/CVE-2018-5685.html
   https://bugzilla.suse.com/1043353
   https://bugzilla.suse.com/1043354
   https://bugzilla.suse.com/1047908
   https://bugzilla.suse.com/1050037
   https://bugzilla.suse.com/1050072
   https://bugzilla.suse.com/1050098
   https://bugzilla.suse.com/1050100
   https://bugzilla.suse.com/1050635
   https://bugzilla.suse.com/1051442
   https://bugzilla.suse.com/1052470
   https://bugzilla.suse.com/1052708
   https://bugzilla.suse.com/1052717
   https://bugzilla.suse.com/1052721
   https://bugzilla.suse.com/1052768
   https://bugzilla.suse.com/1052777
   https://bugzilla.suse.com/1052781
   https://bugzilla.suse.com/1054600
   https://bugzilla.suse.com/1055068
   https://bugzilla.suse.com/1055374
   https://bugzilla.suse.com/1055455
   https://bugzilla.suse.com/1055456
   https://bugzilla.suse.com/1057000
   https://bugzilla.suse.com/1060162
   https://bugzilla.suse.com/1062752
   https://bugzilla.suse.com/1072362
   https://bugzilla.suse.com/1072901
   https://bugzilla.suse.com/1074120
   https://bugzilla.suse.com/1074125
   https://bugzilla.suse.com/1074185
   https://bugzilla.suse.com/1074309
   https://bugzilla.suse.com/1075939
   https://bugzilla.suse.com/1076021
   https://bugzilla.suse.com/1076051



More information about the sle-updates mailing list