SUSE-SU-2021:0153-1 -- SLES ImageMagick, libMagick++-7_Q16HDRI4, libMagick++-devel, libMagickCore-7_Q16HDRI6, libMagickWand-7_Q16HDRI6ID: oval:org.secpod.oval:def:89049517 | Date: (C)2023-09-27 (M)2023-11-28 |
Class: PATCH | Family: unix |
This update for ImageMagick fixes the following issues: - CVE-2020-25664: Fixed a heap-based buffer overflow in PopShortPixel . - CVE-2020-25665: Fixed a heap-based buffer overflow in WritePALMImage . - CVE-2020-25666: Fixed an outside the range of representable values of type "int" and signed integer overflow . - CVE-2020-25674: Fixed a heap-based buffer overflow in WriteOnePNGImage . - CVE-2020-25675: Fixed an outside the range of representable values of type "long" and integer overflow . - CVE-2020-25676: Fixed an outside the range of representable values of type "long" and integer overflow at MagickCore/pixel.c . - CVE-2020-27750: Fixed a division by zero in MagickCore/colorspace-private.h . - CVE-2020-27751: Fixed an integer overflow in MagickCore/quantum-export.c . - CVE-2020-27752: Fixed a heap-based buffer overflow in PopShortPixel in MagickCore/quantum-private.h . - CVE-2020-27752: Fixed a heap-based buffer overflow in PopShortPixel in MagickCore/quantum-private.h . - CVE-2020-27753: Fixed memory leaks in AcquireMagickMemory function . - CVE-2020-27755: Fixed memory leaks in ResizeMagickMemory function in ImageMagick/MagickCore/memory.c . - CVE-2020-27756: Fixed a division by zero at MagickCore/geometry.c . - CVE-2020-27757: Fixed an outside the range of representable values of type "unsigned long long" at MagickCore/quantum-private.h . - CVE-2020-27758: Fixed an outside the range of representable values of type "unsigned long long" . - CVE-2020-27759: Fixed an outside the range of representable values of type "int" at MagickCore/quantize.c . - CVE-2020-27760: Fixed a division by zero at MagickCore/enhance.c . - CVE-2020-27761: Fixed an outside the range of representable values of type "unsigned long" at coders/palm.c . - CVE-2020-27762: Fixed an outside the range of representable values of type "unsigned char" . - CVE-2020-27763: Fixed a division by zero at MagickCore/resize.c . - CVE-2020-27764: Fixed an outside the range of representable values of type "unsigned long" at MagickCore/statistic.c . - CVE-2020-27765: Fixed a division by zero at MagickCore/segment.c . - CVE-2020-27766: Fixed an outside the range of representable values of type "unsigned long" at MagickCore/statistic.c . - CVE-2020-27767: Fixed an outside the range of representable values of type "float" at MagickCore/quantum.h . - CVE-2020-27768: Fixed an outside the range of representable values of type "unsigned int" at MagickCore/quantum-private.h . - CVE-2020-27770: Fixed an unsigned offset overflowed at MagickCore/string.c . - CVE-2020-27771: Fixed an outside the range of representable values of type "unsigned char" at coders/pdf.c . - CVE-2020-27772: Fixed an outside the range of representable values of type "unsigned int" at coders/bmp.c . - CVE-2020-27773: Fixed a division by zero at MagickCore/gem-private.h . - CVE-2020-27774: Fixed an integer overflow at MagickCore/statistic.c . - CVE-2020-27775: Fixed an outside the range of representable values of type "unsigned char" at MagickCore/quantum.h . - CVE-2020-27776: Fixed an outside the range of representable values of type "unsigned long" at MagickCore/statistic.c . - CVE-2020-29599: Fixed a shell command injection in -authenticate .
Platform: |
SUSE Linux Enterprise Desktop 15 SP2 |
Product: |
ImageMagick |
libMagick++-7_Q16HDRI4 |
libMagick++-devel |
libMagickCore-7_Q16HDRI6 |
libMagickWand-7_Q16HDRI6 |