SUSE-SU-2019:1019-1 -- SLES ImageMagick, libMagick++-7_Q16HDRI4, libMagick++-devel, libMagickCore-7_Q16HDRI6, libMagickWand-7_Q16HDRI6ID: oval:org.secpod.oval:def:89050701 | Date: (C)2023-10-16 (M)2023-10-15 |
Class: PATCH | Family: unix |
This update for ImageMagick fixes the following issues: Security issues fixed: - CVE-2019-9956: Fixed a stack-based buffer overflow in PopHexPixel . - CVE-2019-10650: Fixed a heap-based buffer over-read in WriteTIFFImage . - CVE-2019-11007: Fixed a heap-based buffer overflow in ReadMNGImage . - CVE-2019-11008: Fixed a heap-based buffer overflow in WriteXWDImage . - Added extra -config- packages with Postscript/EPS/PDF readers still enabled. Removing the PS decoders is used to harden ImageMagick against security issues within ghostscript. Enabling them might impact security. These are two packages that can be selected: - ImageMagick-config-7-SUSE: This has the PS decoders disabled. - ImageMagick-config-7-upstream: This has the PS decoders enabled. Depending on your local needs install either one of them. The default is the -SUSE configuration.
Platform: |
SUSE Linux Enterprise Desktop 15 |
Product: |
ImageMagick |
libMagick++-7_Q16HDRI4 |
libMagick++-devel |
libMagickCore-7_Q16HDRI6 |
libMagickWand-7_Q16HDRI6 |