Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2016.1705 SUSE Security Updates: Security updates for ImageMagick and GraphicsMagick 12 July 2016 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: ImageMagick GraphicsMagick Publisher: SUSE Operating System: SUSE UNIX variants (UNIX, Linux, OSX) Windows Impact/Access: Execute Arbitrary Code/Commands -- Remote with User Interaction Denial of Service -- Remote with User Interaction Reduced Security -- Remote with User Interaction Resolution: Patch/Upgrade CVE Names: CVE-2016-5842 CVE-2016-5841 CVE-2016-5691 CVE-2016-5690 CVE-2016-5689 CVE-2016-5688 CVE-2016-5687 CVE-2016-5241 CVE-2016-5240 CVE-2016-4564 CVE-2016-4563 CVE-2016-4562 CVE-2016-2318 CVE-2016-2317 CVE-2015-8903 CVE-2015-8902 CVE-2015-8901 CVE-2015-8900 CVE-2015-8898 CVE-2015-8897 CVE-2015-8896 CVE-2015-8895 CVE-2015-8894 CVE-2014-9854 CVE-2014-9853 CVE-2014-9852 CVE-2014-9851 CVE-2014-9850 CVE-2014-9849 CVE-2014-9848 CVE-2014-9847 CVE-2014-9846 CVE-2014-9845 CVE-2014-9844 CVE-2014-9843 CVE-2014-9842 CVE-2014-9841 CVE-2014-9840 CVE-2014-9839 CVE-2014-9838 CVE-2014-9837 CVE-2014-9836 CVE-2014-9835 CVE-2014-9834 CVE-2014-9833 CVE-2014-9832 CVE-2014-9831 CVE-2014-9830 CVE-2014-9829 CVE-2014-9828 CVE-2014-9826 CVE-2014-9825 CVE-2014-9824 CVE-2014-9823 CVE-2014-9822 CVE-2014-9821 CVE-2014-9820 CVE-2014-9819 CVE-2014-9818 CVE-2014-9817 CVE-2014-9816 CVE-2014-9815 CVE-2014-9814 CVE-2014-9813 CVE-2014-9812 CVE-2014-9811 CVE-2014-9810 CVE-2014-9809 CVE-2014-9808 CVE-2014-9807 CVE-2014-9806 CVE-2014-9805 Reference: ESB-2016.1535 Comment: This advisory references vulnerabilities in products which run on platforms other than SUSE. It is recommended that administrators running ImageMagick or GraphicsMagick check for an updated version of the software for their operating system. This bulletin contains three (3) SUSE security advisories. - --------------------------BEGIN INCLUDED TEXT-------------------- SUSE Security Update: Security update for ImageMagick ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:1782-1 Rating: important References: #983234 #983253 #983259 #983292 #983305 #983308 #983521 #983523 #983533 #983739 #983746 #983752 #983774 #983794 #983796 #983799 #983803 #984018 #984023 #984028 #984032 #984035 #984135 #984137 #984142 #984144 #984145 #984150 #984160 #984166 #984181 #984184 #984185 #984186 #984187 #984193 #984370 #984372 #984373 #984374 #984375 #984379 #984394 #984398 #984400 #984401 #984408 #984409 #984433 #984436 #985442 #985448 #985451 #985456 #985460 #986608 #986609 Cross-References: CVE-2014-9805 CVE-2014-9806 CVE-2014-9807 CVE-2014-9808 CVE-2014-9809 CVE-2014-9810 CVE-2014-9811 CVE-2014-9812 CVE-2014-9813 CVE-2014-9814 CVE-2014-9815 CVE-2014-9816 CVE-2014-9817 CVE-2014-9818 CVE-2014-9819 CVE-2014-9820 CVE-2014-9822 CVE-2014-9823 CVE-2014-9824 CVE-2014-9826 CVE-2014-9828 CVE-2014-9829 CVE-2014-9830 CVE-2014-9831 CVE-2014-9834 CVE-2014-9835 CVE-2014-9836 CVE-2014-9837 CVE-2014-9838 CVE-2014-9839 CVE-2014-9840 CVE-2014-9842 CVE-2014-9844 CVE-2014-9845 CVE-2014-9846 CVE-2014-9847 CVE-2014-9849 CVE-2014-9851 CVE-2014-9853 CVE-2014-9854 CVE-2015-8894 CVE-2015-8896 CVE-2015-8897 CVE-2015-8898 CVE-2015-8901 CVE-2015-8902 CVE-2015-8903 CVE-2016-4562 CVE-2016-4563 CVE-2016-4564 CVE-2016-5687 CVE-2016-5688 CVE-2016-5689 CVE-2016-5690 CVE-2016-5691 CVE-2016-5841 CVE-2016-5842 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that fixes 57 vulnerabilities is now available. Description: ImageMagick was updated to fix 55 security issues. These security issues were fixed: - CVE-2014-9810: SEGV in dpx file handler (bsc#983803). - CVE-2014-9811: Crash in xwd file handler (bsc#984032). - CVE-2014-9812: NULL pointer dereference in ps file handling (bsc#984137). - CVE-2014-9813: Crash on corrupted viff file (bsc#984035). - CVE-2014-9814: NULL pointer dereference in wpg file handling (bsc#984193). - CVE-2014-9815: Crash on corrupted wpg file (bsc#984372). - CVE-2014-9816: Out of bound access in viff image (bsc#984398). - CVE-2014-9817: Heap buffer overflow in pdb file handling (bsc#984400). - CVE-2014-9818: Out of bound access on malformed sun file (bsc#984181). - CVE-2014-9819: Heap overflow in palm files (bsc#984142). - CVE-2014-9830: Handling of corrupted sun file (bsc#984135). - CVE-2014-9831: Handling of corrupted wpg file (bsc#984375). - CVE-2014-9836: Crash in xpm file handling (bsc#984023). - CVE-2014-9851: Crash when parsing resource block (bsc#984160). - CVE-2016-5689: NULL ptr dereference in dcm coder (bsc#985460). - CVE-2014-9853: Memory leak in rle file handling (bsc#984408). - CVE-2015-8902: PDB file DoS (CPU consumption) (bsc#983253). - CVE-2015-8903: Denial of service (cpu) in vicar (bsc#983259). - CVE-2015-8901: MIFF file DoS (endless loop) (bsc#983234). - CVE-2014-9834: Heap overflow in pict file (bsc#984436). - CVE-2014-9806: Prevent file descriptr leak due to corrupted file (bsc#983774). - CVE-2014-9838: Out of memory crash in magick/cache.c (bsc#984370). - CVE-2014-9854: Filling memory during identification of TIFF image (bsc#984184). - CVE-2015-8898: Prevent null pointer access in magick/constitute.c (bsc#983746). - CVE-2015-8894: Double free in coders/tga.c:221 (bsc#983523). - CVE-2015-8896: Double free / integer truncation issue in coders/pict.c:2000 (bsc#983533). - CVE-2015-8897: Out of bounds error in SpliceImage (bsc#983739). - CVE-2016-5690: Bad foor loop in DCM coder (bsc#985451). - CVE-2016-5691: Checks for pixel.red/green/blue in dcm coder (bsc#985456). - CVE-2014-9805: SEGV due to a corrupted pnm file. (bsc#983752). - CVE-2014-9808: SEGV due to corrupted dpc images. (bsc#983796). - CVE-2014-9820: heap overflow in xpm files (bsc#984150). - CVE-2014-9823: heap overflow in palm file (bsc#984401). - CVE-2014-9822: heap overflow in quantum file (bsc#984187). - CVE-2014-9839: Theoretical out of bound access in magick/colormap-private.h (bsc#984379). - CVE-2014-9824: Heap overflow in psd file (bsc#984185). - CVE-2014-9809: Fix a SEGV due to corrupted xwd images. (bsc#983799). - CVE-2014-9826: Incorrect error handling in sun files (bsc#984186). - CVE-2014-9842: Memory leak in psd handling (bsc#984374). - CVE-2016-5687: Out of bounds read in DDS coder (bsc#985448). - CVE-2014-9840: Out of bound access in palm file (bsc#984433). - CVE-2014-9847: Incorrect handling of "previous" image in the JNG decoder (bsc#984144). - CVE-2014-9846: Added checks to prevent overflow in rle file. (bsc#983521). - CVE-2014-9845: Crash due to corrupted dib file (bsc#984394). - CVE-2014-9844: Out of bound issue in rle file (bsc#984373). - CVE-2014-9849: Crash in png coder (bsc#984018). - CVE-2016-5688: Various invalid memory reads in ImageMagick WPG (bsc#985442). - CVE-2014-9807: Fix a double free in pdb coder. (bsc#983794). - CVE-2014-9829: Out of bound access in sun file (bsc#984409). - CVE-2016-4564: The DrawImage function in MagickCore/draw.c in ImageMagick made an incorrect function call in attempting to locate the next token, which allowed remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted file (bsc#983308). - CVE-2016-4563: The TraceStrokePolygon function in MagickCore/draw.c in ImageMagick mishandled the relationship between the BezierQuantum value and certain strokes data, which allowed remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted file (bsc#983305). - CVE-2016-4562: The DrawDashPolygon function in MagickCore/draw.c in ImageMagick mishandled calculations of certain vertices integer data, which allowed remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted file (bsc#983292). - CVE-2014-9837: Additional PNM sanity checks (bsc#984166). - CVE-2014-9835: Heap overflow in wpf file (bsc#984145). - CVE-2014-9828: Corrupted (too many colors) psd file (bsc#984028). - CVE-2016-5841: Integer overflow could have read to RCE (bnc#986609). - CVE-2016-5842: Out-of-bounds read in MagickCore/property.c:1396 could have lead to memory leak (bnc#986608). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-ImageMagick-12643=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-ImageMagick-12643=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-ImageMagick-12643=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): ImageMagick-6.4.3.6-7.45.1 ImageMagick-devel-6.4.3.6-7.45.1 libMagick++-devel-6.4.3.6-7.45.1 libMagick++1-6.4.3.6-7.45.1 libMagickWand1-6.4.3.6-7.45.1 perl-PerlMagick-6.4.3.6-7.45.1 - SUSE Linux Enterprise Software Development Kit 11-SP4 (ppc64 s390x x86_64): libMagickWand1-32bit-6.4.3.6-7.45.1 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): libMagickCore1-6.4.3.6-7.45.1 - SUSE Linux Enterprise Server 11-SP4 (ppc64 s390x x86_64): libMagickCore1-32bit-6.4.3.6-7.45.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): ImageMagick-debuginfo-6.4.3.6-7.45.1 ImageMagick-debugsource-6.4.3.6-7.45.1 References: https://www.suse.com/security/cve/CVE-2014-9805.html https://www.suse.com/security/cve/CVE-2014-9806.html https://www.suse.com/security/cve/CVE-2014-9807.html https://www.suse.com/security/cve/CVE-2014-9808.html https://www.suse.com/security/cve/CVE-2014-9809.html https://www.suse.com/security/cve/CVE-2014-9810.html https://www.suse.com/security/cve/CVE-2014-9811.html https://www.suse.com/security/cve/CVE-2014-9812.html https://www.suse.com/security/cve/CVE-2014-9813.html https://www.suse.com/security/cve/CVE-2014-9814.html https://www.suse.com/security/cve/CVE-2014-9815.html https://www.suse.com/security/cve/CVE-2014-9816.html https://www.suse.com/security/cve/CVE-2014-9817.html https://www.suse.com/security/cve/CVE-2014-9818.html https://www.suse.com/security/cve/CVE-2014-9819.html https://www.suse.com/security/cve/CVE-2014-9820.html https://www.suse.com/security/cve/CVE-2014-9822.html https://www.suse.com/security/cve/CVE-2014-9823.html https://www.suse.com/security/cve/CVE-2014-9824.html https://www.suse.com/security/cve/CVE-2014-9826.html https://www.suse.com/security/cve/CVE-2014-9828.html https://www.suse.com/security/cve/CVE-2014-9829.html https://www.suse.com/security/cve/CVE-2014-9830.html https://www.suse.com/security/cve/CVE-2014-9831.html https://www.suse.com/security/cve/CVE-2014-9834.html https://www.suse.com/security/cve/CVE-2014-9835.html https://www.suse.com/security/cve/CVE-2014-9836.html https://www.suse.com/security/cve/CVE-2014-9837.html https://www.suse.com/security/cve/CVE-2014-9838.html https://www.suse.com/security/cve/CVE-2014-9839.html https://www.suse.com/security/cve/CVE-2014-9840.html https://www.suse.com/security/cve/CVE-2014-9842.html https://www.suse.com/security/cve/CVE-2014-9844.html https://www.suse.com/security/cve/CVE-2014-9845.html https://www.suse.com/security/cve/CVE-2014-9846.html https://www.suse.com/security/cve/CVE-2014-9847.html https://www.suse.com/security/cve/CVE-2014-9849.html https://www.suse.com/security/cve/CVE-2014-9851.html https://www.suse.com/security/cve/CVE-2014-9853.html https://www.suse.com/security/cve/CVE-2014-9854.html https://www.suse.com/security/cve/CVE-2015-8894.html https://www.suse.com/security/cve/CVE-2015-8896.html https://www.suse.com/security/cve/CVE-2015-8897.html https://www.suse.com/security/cve/CVE-2015-8898.html https://www.suse.com/security/cve/CVE-2015-8901.html https://www.suse.com/security/cve/CVE-2015-8902.html https://www.suse.com/security/cve/CVE-2015-8903.html https://www.suse.com/security/cve/CVE-2016-4562.html https://www.suse.com/security/cve/CVE-2016-4563.html https://www.suse.com/security/cve/CVE-2016-4564.html https://www.suse.com/security/cve/CVE-2016-5687.html https://www.suse.com/security/cve/CVE-2016-5688.html https://www.suse.com/security/cve/CVE-2016-5689.html https://www.suse.com/security/cve/CVE-2016-5690.html https://www.suse.com/security/cve/CVE-2016-5691.html https://www.suse.com/security/cve/CVE-2016-5841.html https://www.suse.com/security/cve/CVE-2016-5842.html https://bugzilla.suse.com/983234 https://bugzilla.suse.com/983253 https://bugzilla.suse.com/983259 https://bugzilla.suse.com/983292 https://bugzilla.suse.com/983305 https://bugzilla.suse.com/983308 https://bugzilla.suse.com/983521 https://bugzilla.suse.com/983523 https://bugzilla.suse.com/983533 https://bugzilla.suse.com/983739 https://bugzilla.suse.com/983746 https://bugzilla.suse.com/983752 https://bugzilla.suse.com/983774 https://bugzilla.suse.com/983794 https://bugzilla.suse.com/983796 https://bugzilla.suse.com/983799 https://bugzilla.suse.com/983803 https://bugzilla.suse.com/984018 https://bugzilla.suse.com/984023 https://bugzilla.suse.com/984028 https://bugzilla.suse.com/984032 https://bugzilla.suse.com/984035 https://bugzilla.suse.com/984135 https://bugzilla.suse.com/984137 https://bugzilla.suse.com/984142 https://bugzilla.suse.com/984144 https://bugzilla.suse.com/984145 https://bugzilla.suse.com/984150 https://bugzilla.suse.com/984160 https://bugzilla.suse.com/984166 https://bugzilla.suse.com/984181 https://bugzilla.suse.com/984184 https://bugzilla.suse.com/984185 https://bugzilla.suse.com/984186 https://bugzilla.suse.com/984187 https://bugzilla.suse.com/984193 https://bugzilla.suse.com/984370 https://bugzilla.suse.com/984372 https://bugzilla.suse.com/984373 https://bugzilla.suse.com/984374 https://bugzilla.suse.com/984375 https://bugzilla.suse.com/984379 https://bugzilla.suse.com/984394 https://bugzilla.suse.com/984398 https://bugzilla.suse.com/984400 https://bugzilla.suse.com/984401 https://bugzilla.suse.com/984408 https://bugzilla.suse.com/984409 https://bugzilla.suse.com/984433 https://bugzilla.suse.com/984436 https://bugzilla.suse.com/985442 https://bugzilla.suse.com/985448 https://bugzilla.suse.com/985451 https://bugzilla.suse.com/985456 https://bugzilla.suse.com/985460 https://bugzilla.suse.com/986608 https://bugzilla.suse.com/986609 - --- SUSE Security Update: Security update for GraphicsMagick ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:1783-1 Rating: important References: #965853 #983234 #983259 #983309 #983455 #983521 #983523 #983533 #983752 #983794 #983796 #983799 #983803 #984028 #984032 #984035 #984135 #984142 #984144 #984145 #984150 #984166 #984181 #984193 #984372 #984373 #984375 #984379 #984394 #984398 #984400 #984408 #984409 #984433 #984436 #985442 Cross-References: CVE-2014-9805 CVE-2014-9807 CVE-2014-9808 CVE-2014-9809 CVE-2014-9810 CVE-2014-9811 CVE-2014-9813 CVE-2014-9814 CVE-2014-9815 CVE-2014-9816 CVE-2014-9817 CVE-2014-9818 CVE-2014-9819 CVE-2014-9820 CVE-2014-9828 CVE-2014-9829 CVE-2014-9830 CVE-2014-9831 CVE-2014-9834 CVE-2014-9835 CVE-2014-9837 CVE-2014-9839 CVE-2014-9840 CVE-2014-9844 CVE-2014-9845 CVE-2014-9846 CVE-2014-9847 CVE-2014-9853 CVE-2015-8894 CVE-2015-8896 CVE-2015-8901 CVE-2015-8903 CVE-2016-2317 CVE-2016-2318 CVE-2016-5240 CVE-2016-5241 CVE-2016-5688 Affected Products: SUSE Studio Onsite 1.3 SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that fixes 37 vulnerabilities is now available. Description: GraphicsMagick was updated to fix 37 security issues. These security issues were fixed: - CVE-2014-9810: SEGV in dpx file handler (bsc#983803). - CVE-2014-9811: Crash in xwd file handler (bsc#984032). - CVE-2014-9813: Crash on corrupted viff file (bsc#984035). - CVE-2014-9814: NULL pointer dereference in wpg file handling (bsc#984193). - CVE-2014-9815: Crash on corrupted wpg file (bsc#984372). - CVE-2014-9816: Out of bound access in viff image (bsc#984398). - CVE-2014-9817: Heap buffer overflow in pdb file handling (bsc#984400). - CVE-2014-9818: Out of bound access on malformed sun file (bsc#984181). - CVE-2014-9819: Heap overflow in palm files (bsc#984142). - CVE-2014-9830: Handling of corrupted sun file (bsc#984135). - CVE-2014-9831: Handling of corrupted wpg file (bsc#984375). - CVE-2014-9837: Additional PNM sanity checks (bsc#984166). - CVE-2014-9834: Heap overflow in pict file (bsc#984436). - CVE-2014-9853: Memory leak in rle file handling (bsc#984408). - CVE-2015-8903: Denial of service (cpu) in vicar (bsc#983259). - CVE-2015-8901: MIFF file DoS (endless loop) (bsc#983234). - CVE-2016-5688: Various invalid memory reads in ImageMagick WPG (bsc#985442). - CVE-2015-8894: Double free in coders/tga.c:221 (bsc#983523). - CVE-2015-8896: Double free / integer truncation issue in coders/pict.c:2000 (bsc#983533). - CVE-2014-9807: Double free in pdb coder. (bsc#983794). - CVE-2014-9828: Corrupted (too many colors) psd file (bsc#984028). - CVE-2014-9805: SEGV due to a corrupted pnm file (bsc#983752). - CVE-2014-9808: SEGV due to corrupted dpc images (bsc#983796). - CVE-2014-9820: Heap overflow in xpm files (bsc#984150). - CVE-2014-9839: Theoretical out of bound access in magick/colormap-private.h (bsc#984379). - CVE-2014-9809: SEGV due to corrupted xwd images. (bsc#983799). - CVE-2016-5240: SVG converting issue resulting in DoS (endless loop) (bsc#983309). - CVE-2014-9840: Out of bound access in palm file (bsc#984433). - CVE-2014-9847: Incorrect handling of "previous" image in the JNG decoder (bsc#984144). - CVE-2016-5241: Arithmetic exception (div by 0) in SVG conversion (bsc#983455). - CVE-2014-9845: Crash due to corrupted dib file (bsc#984394). - CVE-2014-9844: Out of bound issue in rle file (bsc#984373). - CVE-2014-9835: Heap overflow in wpf file (bsc#984145). - CVE-2014-9829: Out of bound access in sun file (bsc#984409). - CVE-2014-9846: Added checks to prevent overflow in rle file. (bsc#983521). - CVE-2016-2317: Multiple vulnerabilities when parsing and processing SVG files (bsc#965853). - CVE-2016-2318: Multiple vulnerabilities when parsing and processing SVG files (bsc#965853). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Studio Onsite 1.3: zypper in -t patch slestso13-GraphicsMagick-12644=1 - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-GraphicsMagick-12644=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-GraphicsMagick-12644=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Studio Onsite 1.3 (x86_64): GraphicsMagick-1.2.5-4.41.1 libGraphicsMagick2-1.2.5-4.41.1 - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): GraphicsMagick-1.2.5-4.41.1 libGraphicsMagick2-1.2.5-4.41.1 perl-GraphicsMagick-1.2.5-4.41.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): GraphicsMagick-debuginfo-1.2.5-4.41.1 GraphicsMagick-debugsource-1.2.5-4.41.1 References: https://www.suse.com/security/cve/CVE-2014-9805.html https://www.suse.com/security/cve/CVE-2014-9807.html https://www.suse.com/security/cve/CVE-2014-9808.html https://www.suse.com/security/cve/CVE-2014-9809.html https://www.suse.com/security/cve/CVE-2014-9810.html https://www.suse.com/security/cve/CVE-2014-9811.html https://www.suse.com/security/cve/CVE-2014-9813.html https://www.suse.com/security/cve/CVE-2014-9814.html https://www.suse.com/security/cve/CVE-2014-9815.html https://www.suse.com/security/cve/CVE-2014-9816.html https://www.suse.com/security/cve/CVE-2014-9817.html https://www.suse.com/security/cve/CVE-2014-9818.html https://www.suse.com/security/cve/CVE-2014-9819.html https://www.suse.com/security/cve/CVE-2014-9820.html https://www.suse.com/security/cve/CVE-2014-9828.html https://www.suse.com/security/cve/CVE-2014-9829.html https://www.suse.com/security/cve/CVE-2014-9830.html https://www.suse.com/security/cve/CVE-2014-9831.html https://www.suse.com/security/cve/CVE-2014-9834.html https://www.suse.com/security/cve/CVE-2014-9835.html https://www.suse.com/security/cve/CVE-2014-9837.html https://www.suse.com/security/cve/CVE-2014-9839.html https://www.suse.com/security/cve/CVE-2014-9840.html https://www.suse.com/security/cve/CVE-2014-9844.html https://www.suse.com/security/cve/CVE-2014-9845.html https://www.suse.com/security/cve/CVE-2014-9846.html https://www.suse.com/security/cve/CVE-2014-9847.html https://www.suse.com/security/cve/CVE-2014-9853.html https://www.suse.com/security/cve/CVE-2015-8894.html https://www.suse.com/security/cve/CVE-2015-8896.html https://www.suse.com/security/cve/CVE-2015-8901.html https://www.suse.com/security/cve/CVE-2015-8903.html https://www.suse.com/security/cve/CVE-2016-2317.html https://www.suse.com/security/cve/CVE-2016-2318.html https://www.suse.com/security/cve/CVE-2016-5240.html https://www.suse.com/security/cve/CVE-2016-5241.html https://www.suse.com/security/cve/CVE-2016-5688.html https://bugzilla.suse.com/965853 https://bugzilla.suse.com/983234 https://bugzilla.suse.com/983259 https://bugzilla.suse.com/983309 https://bugzilla.suse.com/983455 https://bugzilla.suse.com/983521 https://bugzilla.suse.com/983523 https://bugzilla.suse.com/983533 https://bugzilla.suse.com/983752 https://bugzilla.suse.com/983794 https://bugzilla.suse.com/983796 https://bugzilla.suse.com/983799 https://bugzilla.suse.com/983803 https://bugzilla.suse.com/984028 https://bugzilla.suse.com/984032 https://bugzilla.suse.com/984035 https://bugzilla.suse.com/984135 https://bugzilla.suse.com/984142 https://bugzilla.suse.com/984144 https://bugzilla.suse.com/984145 https://bugzilla.suse.com/984150 https://bugzilla.suse.com/984166 https://bugzilla.suse.com/984181 https://bugzilla.suse.com/984193 https://bugzilla.suse.com/984372 https://bugzilla.suse.com/984373 https://bugzilla.suse.com/984375 https://bugzilla.suse.com/984379 https://bugzilla.suse.com/984394 https://bugzilla.suse.com/984398 https://bugzilla.suse.com/984400 https://bugzilla.suse.com/984408 https://bugzilla.suse.com/984409 https://bugzilla.suse.com/984433 https://bugzilla.suse.com/984436 https://bugzilla.suse.com/985442 - --- SUSE Security Update: Security update for ImageMagick ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:1784-1 Rating: important References: #983232 #983234 #983253 #983259 #983292 #983305 #983308 #983521 #983523 #983527 #983533 #983739 #983746 #983752 #983774 #983794 #983796 #983799 #983803 #984014 #984018 #984023 #984028 #984032 #984035 #984135 #984137 #984142 #984144 #984145 #984149 #984150 #984160 #984166 #984172 #984179 #984181 #984183 #984184 #984185 #984186 #984187 #984191 #984193 #984370 #984372 #984373 #984374 #984375 #984379 #984394 #984398 #984400 #984401 #984404 #984406 #984408 #984409 #984427 #984433 #984436 #985442 #985448 #985451 #985456 #985460 #986608 #986609 Cross-References: CVE-2014-9805 CVE-2014-9806 CVE-2014-9807 CVE-2014-9808 CVE-2014-9809 CVE-2014-9810 CVE-2014-9811 CVE-2014-9812 CVE-2014-9813 CVE-2014-9814 CVE-2014-9815 CVE-2014-9816 CVE-2014-9817 CVE-2014-9818 CVE-2014-9819 CVE-2014-9820 CVE-2014-9821 CVE-2014-9822 CVE-2014-9823 CVE-2014-9824 CVE-2014-9825 CVE-2014-9826 CVE-2014-9828 CVE-2014-9829 CVE-2014-9830 CVE-2014-9831 CVE-2014-9832 CVE-2014-9833 CVE-2014-9834 CVE-2014-9835 CVE-2014-9836 CVE-2014-9837 CVE-2014-9838 CVE-2014-9839 CVE-2014-9840 CVE-2014-9841 CVE-2014-9842 CVE-2014-9843 CVE-2014-9844 CVE-2014-9845 CVE-2014-9846 CVE-2014-9847 CVE-2014-9848 CVE-2014-9849 CVE-2014-9850 CVE-2014-9851 CVE-2014-9852 CVE-2014-9853 CVE-2014-9854 CVE-2015-8894 CVE-2015-8895 CVE-2015-8896 CVE-2015-8897 CVE-2015-8898 CVE-2015-8900 CVE-2015-8901 CVE-2015-8902 CVE-2015-8903 CVE-2016-4562 CVE-2016-4563 CVE-2016-4564 CVE-2016-5687 CVE-2016-5688 CVE-2016-5689 CVE-2016-5690 CVE-2016-5691 CVE-2016-5841 CVE-2016-5842 Affected Products: SUSE Linux Enterprise Workstation Extension 12-SP1 SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Desktop 12-SP1 ______________________________________________________________________________ An update that fixes 68 vulnerabilities is now available. Description: ImageMagick was updated to fix 66 security issues. These security issues were fixed: - CVE-2014-9810: SEGV in dpx file handler. (bsc#983803). - CVE-2014-9811: Crash in xwd file handler (bsc#984032). - CVE-2014-9812: NULL pointer dereference in ps file handling (bsc#984137). - CVE-2014-9813: Crash on corrupted viff file (bsc#984035). - CVE-2014-9814: NULL pointer dereference in wpg file handling (bsc#984193). - CVE-2014-9815: Crash on corrupted wpg file (bsc#984372). - CVE-2014-9816: Out of bound access in viff image (bsc#984398). - CVE-2014-9817: Heap buffer overflow in pdb file handling (bsc#984400). - CVE-2014-9818: Out of bound access on malformed sun file (bsc#984181). - CVE-2014-9819: Heap overflow in palm files (bsc#984142). - CVE-2014-9830: Handling of corrupted sun file (bsc#984135). - CVE-2014-9831: Handling of corrupted wpg file (bsc#984375). - CVE-2014-9850: Incorrect thread limit logic (bsc#984149). - CVE-2014-9851: Crash when parsing resource block (bsc#984160). - CVE-2014-9852: Incorrect usage of object after it has been destroyed (bsc#984191). - CVE-2014-9853: Memory leak in rle file handling (bsc#984408). - CVE-2015-8902: PDB file DoS (CPU consumption) (bsc#983253). - CVE-2015-8903: Denial of service (cpu) in vicar (bsc#983259). - CVE-2015-8900: HDR file DoS (endless loop) (bsc#983232). - CVE-2015-8901: MIFF file DoS (endless loop) (bsc#983234). - CVE-2016-5688: Various invalid memory reads in ImageMagick WPG (bsc#985442). - CVE-2014-9834: Heap overflow in pict file (bsc#984436). - CVE-2014-9806: Prevent leak of file descriptor due to corrupted file. (bsc#983774). - CVE-2016-5687: Out of bounds read in DDS coder (bsc#985448). - CVE-2014-9838: Out of memory crash in magick/cache.c (bsc#984370). - CVE-2014-9854: Filling memory during identification of TIFF image (bsc#984184). - CVE-2015-8898: Prevent null pointer access in magick/constitute.c (bsc#983746). - CVE-2014-9833: Heap overflow in psd file (bsc#984406). - CVE-2015-8894: Double free in coders/tga.c:221 (bsc#983523). - CVE-2015-8895: Integer and Buffer overflow in coders/icon.c (bsc#983527). - CVE-2015-8896: Double free / integer truncation issue in coders/pict.c:2000 (bsc#983533). - CVE-2015-8897: Out of bounds error in SpliceImage (bsc#983739). - CVE-2016-5690: Bad foor loop in DCM coder (bsc#985451). - CVE-2016-5691: Checks for pixel.red/green/blue in dcm coder (bsc#985456). - CVE-2014-9836: Crash in xpm file handling (bsc#984023). - CVE-2014-9808: SEGV due to corrupted dpc images. (bsc#983796). - CVE-2014-9821: Avoid heap overflow in pnm files. (bsc#984014). - CVE-2014-9820: Heap overflow in xpm files (bsc#984150). - CVE-2014-9823: Heap overflow in palm file (bsc#984401). - CVE-2014-9822: Heap overflow in quantum file (bsc#984187). - CVE-2014-9825: Heap overflow in corrupted psd file (bsc#984427). - CVE-2014-9824: Heap overflow in psd file (bsc#984185). - CVE-2014-9809: SEGV due to corrupted xwd images. (bsc#983799). - CVE-2014-9826: Incorrect error handling in sun files (bsc#984186). - CVE-2014-9843: Incorrect boundary checks in DecodePSDPixels (bsc#984179). - CVE-2014-9842: Memory leak in psd handling (bsc#984374). - CVE-2014-9841: Throwing of exceptions in psd handling (bsc#984172). - CVE-2014-9840: Out of bound access in palm file (bsc#984433). - CVE-2014-9847: Incorrect handling of "previous" image in the JNG decoder (bsc#984144). - CVE-2014-9846: Added checks to prevent overflow in rle file. (bsc#983521). - CVE-2014-9845: Crash due to corrupted dib file (bsc#984394). - CVE-2014-9844: Out of bound issue in rle file (bsc#984373). - CVE-2014-9849: Crash in png coder (bsc#984018). - CVE-2014-9848: Memory leak in quantum management (bsc#984404). - CVE-2014-9807: Double free in pdb coder. (bsc#983794). - CVE-2014-9829: Out of bound access in sun file (bsc#984409). - CVE-2014-9832: Heap overflow in pcx file (bsc#984183). - CVE-2014-9805: SEGV due to a corrupted pnm file. (bsc#983752). - CVE-2016-4564: The DrawImage function in MagickCore/draw.c in ImageMagick made an incorrect function call in attempting to locate the next token, which allowed remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted file (bsc#983308). - CVE-2016-4563: The TraceStrokePolygon function in MagickCore/draw.c in ImageMagick mishandled the relationship between the BezierQuantum value and certain strokes data, which allowed remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted file (bsc#983305). - CVE-2016-4562: The DrawDashPolygon function in MagickCore/draw.c in ImageMagick mishandled calculations of certain vertices integer data, which allowed remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted file (bsc#983292). - CVE-2014-9839: Theoretical out of bound access in magick/colormap-private.h (bsc#984379). - CVE-2016-5689: NULL ptr dereference in dcm coder (bsc#985460). - CVE-2014-9837: Additional PNM sanity checks (bsc#984166). - CVE-2014-9835: Heap overflow in wpf file (bsc#984145). - CVE-2014-9828: Corrupted (too many colors) psd file (bsc#984028). - CVE-2016-5841: Integer overflow could have read to RCE (bnc#986609). - CVE-2016-5842: Out-of-bounds read in MagickCore/property.c:1396 could have lead to memory leak (bnc#986608). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 12-SP1: zypper in -t patch SUSE-SLE-WE-12-SP1-2016-1041=1 - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2016-1041=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-1041=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2016-1041=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Workstation Extension 12-SP1 (x86_64): ImageMagick-6.8.8.1-30.2 ImageMagick-debuginfo-6.8.8.1-30.2 ImageMagick-debugsource-6.8.8.1-30.2 libMagick++-6_Q16-3-6.8.8.1-30.2 libMagick++-6_Q16-3-debuginfo-6.8.8.1-30.2 libMagickCore-6_Q16-1-32bit-6.8.8.1-30.2 libMagickCore-6_Q16-1-debuginfo-32bit-6.8.8.1-30.2 - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): ImageMagick-6.8.8.1-30.2 ImageMagick-debuginfo-6.8.8.1-30.2 ImageMagick-debugsource-6.8.8.1-30.2 ImageMagick-devel-6.8.8.1-30.2 libMagick++-6_Q16-3-6.8.8.1-30.2 libMagick++-6_Q16-3-debuginfo-6.8.8.1-30.2 libMagick++-devel-6.8.8.1-30.2 perl-PerlMagick-6.8.8.1-30.2 perl-PerlMagick-debuginfo-6.8.8.1-30.2 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): ImageMagick-debuginfo-6.8.8.1-30.2 ImageMagick-debugsource-6.8.8.1-30.2 libMagickCore-6_Q16-1-6.8.8.1-30.2 libMagickCore-6_Q16-1-debuginfo-6.8.8.1-30.2 libMagickWand-6_Q16-1-6.8.8.1-30.2 libMagickWand-6_Q16-1-debuginfo-6.8.8.1-30.2 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): ImageMagick-6.8.8.1-30.2 ImageMagick-debuginfo-6.8.8.1-30.2 ImageMagick-debugsource-6.8.8.1-30.2 libMagick++-6_Q16-3-6.8.8.1-30.2 libMagick++-6_Q16-3-debuginfo-6.8.8.1-30.2 libMagickCore-6_Q16-1-32bit-6.8.8.1-30.2 libMagickCore-6_Q16-1-6.8.8.1-30.2 libMagickCore-6_Q16-1-debuginfo-32bit-6.8.8.1-30.2 libMagickCore-6_Q16-1-debuginfo-6.8.8.1-30.2 libMagickWand-6_Q16-1-6.8.8.1-30.2 libMagickWand-6_Q16-1-debuginfo-6.8.8.1-30.2 References: https://www.suse.com/security/cve/CVE-2014-9805.html https://www.suse.com/security/cve/CVE-2014-9806.html https://www.suse.com/security/cve/CVE-2014-9807.html https://www.suse.com/security/cve/CVE-2014-9808.html https://www.suse.com/security/cve/CVE-2014-9809.html https://www.suse.com/security/cve/CVE-2014-9810.html https://www.suse.com/security/cve/CVE-2014-9811.html https://www.suse.com/security/cve/CVE-2014-9812.html https://www.suse.com/security/cve/CVE-2014-9813.html https://www.suse.com/security/cve/CVE-2014-9814.html https://www.suse.com/security/cve/CVE-2014-9815.html https://www.suse.com/security/cve/CVE-2014-9816.html https://www.suse.com/security/cve/CVE-2014-9817.html https://www.suse.com/security/cve/CVE-2014-9818.html https://www.suse.com/security/cve/CVE-2014-9819.html https://www.suse.com/security/cve/CVE-2014-9820.html https://www.suse.com/security/cve/CVE-2014-9821.html https://www.suse.com/security/cve/CVE-2014-9822.html https://www.suse.com/security/cve/CVE-2014-9823.html https://www.suse.com/security/cve/CVE-2014-9824.html https://www.suse.com/security/cve/CVE-2014-9825.html https://www.suse.com/security/cve/CVE-2014-9826.html https://www.suse.com/security/cve/CVE-2014-9828.html https://www.suse.com/security/cve/CVE-2014-9829.html https://www.suse.com/security/cve/CVE-2014-9830.html https://www.suse.com/security/cve/CVE-2014-9831.html https://www.suse.com/security/cve/CVE-2014-9832.html https://www.suse.com/security/cve/CVE-2014-9833.html https://www.suse.com/security/cve/CVE-2014-9834.html https://www.suse.com/security/cve/CVE-2014-9835.html https://www.suse.com/security/cve/CVE-2014-9836.html https://www.suse.com/security/cve/CVE-2014-9837.html https://www.suse.com/security/cve/CVE-2014-9838.html https://www.suse.com/security/cve/CVE-2014-9839.html https://www.suse.com/security/cve/CVE-2014-9840.html https://www.suse.com/security/cve/CVE-2014-9841.html https://www.suse.com/security/cve/CVE-2014-9842.html https://www.suse.com/security/cve/CVE-2014-9843.html https://www.suse.com/security/cve/CVE-2014-9844.html https://www.suse.com/security/cve/CVE-2014-9845.html https://www.suse.com/security/cve/CVE-2014-9846.html https://www.suse.com/security/cve/CVE-2014-9847.html https://www.suse.com/security/cve/CVE-2014-9848.html https://www.suse.com/security/cve/CVE-2014-9849.html https://www.suse.com/security/cve/CVE-2014-9850.html https://www.suse.com/security/cve/CVE-2014-9851.html https://www.suse.com/security/cve/CVE-2014-9852.html https://www.suse.com/security/cve/CVE-2014-9853.html https://www.suse.com/security/cve/CVE-2014-9854.html https://www.suse.com/security/cve/CVE-2015-8894.html https://www.suse.com/security/cve/CVE-2015-8895.html https://www.suse.com/security/cve/CVE-2015-8896.html https://www.suse.com/security/cve/CVE-2015-8897.html https://www.suse.com/security/cve/CVE-2015-8898.html https://www.suse.com/security/cve/CVE-2015-8900.html https://www.suse.com/security/cve/CVE-2015-8901.html https://www.suse.com/security/cve/CVE-2015-8902.html https://www.suse.com/security/cve/CVE-2015-8903.html https://www.suse.com/security/cve/CVE-2016-4562.html https://www.suse.com/security/cve/CVE-2016-4563.html https://www.suse.com/security/cve/CVE-2016-4564.html https://www.suse.com/security/cve/CVE-2016-5687.html https://www.suse.com/security/cve/CVE-2016-5688.html https://www.suse.com/security/cve/CVE-2016-5689.html https://www.suse.com/security/cve/CVE-2016-5690.html https://www.suse.com/security/cve/CVE-2016-5691.html https://www.suse.com/security/cve/CVE-2016-5841.html https://www.suse.com/security/cve/CVE-2016-5842.html https://bugzilla.suse.com/983232 https://bugzilla.suse.com/983234 https://bugzilla.suse.com/983253 https://bugzilla.suse.com/983259 https://bugzilla.suse.com/983292 https://bugzilla.suse.com/983305 https://bugzilla.suse.com/983308 https://bugzilla.suse.com/983521 https://bugzilla.suse.com/983523 https://bugzilla.suse.com/983527 https://bugzilla.suse.com/983533 https://bugzilla.suse.com/983739 https://bugzilla.suse.com/983746 https://bugzilla.suse.com/983752 https://bugzilla.suse.com/983774 https://bugzilla.suse.com/983794 https://bugzilla.suse.com/983796 https://bugzilla.suse.com/983799 https://bugzilla.suse.com/983803 https://bugzilla.suse.com/984014 https://bugzilla.suse.com/984018 https://bugzilla.suse.com/984023 https://bugzilla.suse.com/984028 https://bugzilla.suse.com/984032 https://bugzilla.suse.com/984035 https://bugzilla.suse.com/984135 https://bugzilla.suse.com/984137 https://bugzilla.suse.com/984142 https://bugzilla.suse.com/984144 https://bugzilla.suse.com/984145 https://bugzilla.suse.com/984149 https://bugzilla.suse.com/984150 https://bugzilla.suse.com/984160 https://bugzilla.suse.com/984166 https://bugzilla.suse.com/984172 https://bugzilla.suse.com/984179 https://bugzilla.suse.com/984181 https://bugzilla.suse.com/984183 https://bugzilla.suse.com/984184 https://bugzilla.suse.com/984185 https://bugzilla.suse.com/984186 https://bugzilla.suse.com/984187 https://bugzilla.suse.com/984191 https://bugzilla.suse.com/984193 https://bugzilla.suse.com/984370 https://bugzilla.suse.com/984372 https://bugzilla.suse.com/984373 https://bugzilla.suse.com/984374 https://bugzilla.suse.com/984375 https://bugzilla.suse.com/984379 https://bugzilla.suse.com/984394 https://bugzilla.suse.com/984398 https://bugzilla.suse.com/984400 https://bugzilla.suse.com/984401 https://bugzilla.suse.com/984404 https://bugzilla.suse.com/984406 https://bugzilla.suse.com/984408 https://bugzilla.suse.com/984409 https://bugzilla.suse.com/984427 https://bugzilla.suse.com/984433 https://bugzilla.suse.com/984436 https://bugzilla.suse.com/985442 https://bugzilla.suse.com/985448 https://bugzilla.suse.com/985451 https://bugzilla.suse.com/985456 https://bugzilla.suse.com/985460 https://bugzilla.suse.com/986608 https://bugzilla.suse.com/986609 - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: http://www.auscert.org.au/render.html?cid=1980 =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBV4Rl3ox+lLeg9Ub1AQgjMxAAlO3DET0ykEw+JIQhnW8FiXC9Db6Vi4wC UirHFpv74UJRYEYSyltNmkAcJLOTYkDNNCNfML5EApN2yIaLHkvBl5v9OOP2lYKp tUVGo20XaSb6S4k8hNoB0MH5vArxYIG0MAcnm/ZSK3LoqmJPuLLMMjD+B+zxqIsK tTd+/Olh6zuVVm+5Nfe8SEJGDO+RvyQryqRIKlhT4uZbRjQPaJwqCuhYaFk7pj5N /5VNRKByc0mSyitvEFTtS+xnF1WaSOB/PdFLgpEfJEEGdsBc83ynmC1fXL/8cNo7 7NOZ2Yi/0fDeY2NAT7yeJnRq4UAiHQdKGtbgFxOcjyhJ/ge6iutKE0+PhHo2GegH IF8NaKhTbjQ3ZtayrYHGE9CVdMRPB/ef9xv4DGjpUuDfD9IAYwOUNG1FaWJAwkd3 MJn1UVT17SOLB63LzNqWe4LGVeekv2PePrGPzgvd/AiV/q3KCnsFLmiLrtgBN6wV Inz08NNuG//5CbQFMPo+3OGbJmIl/cL7l0Pq35Plh/6CpZwyYJJMVEAeoDSSgerv 7uue2nqY9afifYPieI7704KwRLvuWz8I44xB183ZHMhdUpzwu9td8lwwmj13DHs1 1GIQcuyaig/OCtAGuU910N9B1XzwolrIR/juiARgznU0XPXt5DTJnKrqeFgjsWjU dvsq71YKO4c= =e8Vz -----END PGP SIGNATURE-----