Security update for ImageMagick

Announcement ID:	SUSE-SU-2018:2977-1
Rating:	low
References:	bsc#1106855 bsc#1106857 bsc#1106858 bsc#1106989 bsc#1107604 bsc#1107609 bsc#1107612 bsc#1107616 bsc#1107618 bsc#1107619
Cross-References:	CVE-2018-16323 CVE-2018-16328 CVE-2018-16329 CVE-2018-16413 CVE-2018-16640 CVE-2018-16641 CVE-2018-16642 CVE-2018-16643 CVE-2018-16644 CVE-2018-16645
CVSS scores:	CVE-2018-16323 ( SUSE ): 4.0 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVE-2018-16323 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N CVE-2018-16323 ( NVD ): 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N CVE-2018-16328 ( SUSE ): 4.0 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2018-16328 ( NVD ): 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2018-16329 ( SUSE ): 4.0 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2018-16329 ( NVD ): 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2018-16413 ( SUSE ): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N CVE-2018-16413 ( NVD ): 8.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2018-16640 ( SUSE ): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2018-16640 ( NVD ): 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2018-16641 ( SUSE ): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2018-16641 ( NVD ): 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2018-16642 ( SUSE ): 4.4 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L CVE-2018-16642 ( NVD ): 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2018-16643 ( SUSE ): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2018-16643 ( NVD ): 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2018-16644 ( SUSE ): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2018-16644 ( NVD ): 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2018-16645 ( SUSE ): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2018-16645 ( NVD ): 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Affected Products:	Desktop Applications Module 15 Development Tools Module 15 SUSE Linux Enterprise Desktop 15 SUSE Linux Enterprise High Performance Computing 15 SUSE Linux Enterprise Server 15 SUSE Linux Enterprise Server for SAP Applications 15

An update that solves 10 vulnerabilities can now be installed.

Description:

This update for ImageMagick fixes the following security issues:

• CVE-2018-16413: Prevent heap-based buffer over-read in the PushShortPixel function leading to DoS (bsc#1106989)
• CVE-2018-16329: Prevent NULL pointer dereference in the GetMagickProperty function leading to DoS (bsc#1106858).
• CVE-2018-16328: Prevent NULL pointer dereference exists in the CheckEventLogging function leading to DoS (bsc#1106857).
• CVE-2018-16323: ReadXBMImage left data uninitialized when processing an XBM file that has a negative pixel value. If the affected code was used as a library loaded into a process that includes sensitive information, that information sometimes can be leaked via the image data (bsc#1106855)
• CVE-2018-16642: The function InsertRow allowed remote attackers to cause a denial of service via a crafted image file due to an out-of-bounds write (bsc#1107616)
• CVE-2018-16640: Prevent memory leak in the function ReadOneJNGImage (bsc#1107619)
• CVE-2018-16641: Prevent memory leak in the TIFFWritePhotoshopLayers function (bsc#1107618).
• CVE-2018-16643: The functions ReadDCMImage, ReadPWPImage, ReadCALSImage, and ReadPICTImage did check the return value of the fputc function, which allowed remote attackers to cause a denial of service via a crafted image file (bsc#1107612)
• CVE-2018-16644: Added missing check for length in the functions ReadDCMImage and ReadPICTImage, which allowed remote attackers to cause a denial of service via a crafted image (bsc#1107609)
• CVE-2018-16645: Prevent excessive memory allocation issue in the functions ReadBMPImage and ReadDIBImage, which allowed remote attackers to cause a denial of service via a crafted image file (bsc#1107604)

Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

• Desktop Applications Module 15
  zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-2018-2118=1
• Development Tools Module 15
  zypper in -t patch SUSE-SLE-Module-Development-Tools-15-2018-2118=1

Package List:

• Desktop Applications Module 15 (aarch64 ppc64le s390x x86_64)
  • libMagick++-7_Q16HDRI4-debuginfo-7.0.7.34-3.24.1
  • ImageMagick-7.0.7.34-3.24.1
  • ImageMagick-debuginfo-7.0.7.34-3.24.1
  • libMagickWand-7_Q16HDRI6-7.0.7.34-3.24.1
  • libMagickWand-7_Q16HDRI6-debuginfo-7.0.7.34-3.24.1
  • libMagick++-7_Q16HDRI4-7.0.7.34-3.24.1
  • ImageMagick-devel-7.0.7.34-3.24.1
  • libMagick++-devel-7.0.7.34-3.24.1
  • libMagickCore-7_Q16HDRI6-7.0.7.34-3.24.1
  • libMagickCore-7_Q16HDRI6-debuginfo-7.0.7.34-3.24.1
  • ImageMagick-debugsource-7.0.7.34-3.24.1
• Development Tools Module 15 (aarch64 ppc64le s390x x86_64)
  • perl-PerlMagick-debuginfo-7.0.7.34-3.24.1
  • perl-PerlMagick-7.0.7.34-3.24.1
  • ImageMagick-debuginfo-7.0.7.34-3.24.1
  • ImageMagick-debugsource-7.0.7.34-3.24.1

References:

• https://www.suse.com/security/cve/CVE-2018-16323.html
• https://www.suse.com/security/cve/CVE-2018-16328.html
• https://www.suse.com/security/cve/CVE-2018-16329.html
• https://www.suse.com/security/cve/CVE-2018-16413.html
• https://www.suse.com/security/cve/CVE-2018-16640.html
• https://www.suse.com/security/cve/CVE-2018-16641.html
• https://www.suse.com/security/cve/CVE-2018-16642.html
• https://www.suse.com/security/cve/CVE-2018-16643.html
• https://www.suse.com/security/cve/CVE-2018-16644.html
• https://www.suse.com/security/cve/CVE-2018-16645.html
• https://bugzilla.suse.com/show_bug.cgi?id=1106855
• https://bugzilla.suse.com/show_bug.cgi?id=1106857
• https://bugzilla.suse.com/show_bug.cgi?id=1106858
• https://bugzilla.suse.com/show_bug.cgi?id=1106989
• https://bugzilla.suse.com/show_bug.cgi?id=1107604
• https://bugzilla.suse.com/show_bug.cgi?id=1107609
• https://bugzilla.suse.com/show_bug.cgi?id=1107612
• https://bugzilla.suse.com/show_bug.cgi?id=1107616
• https://bugzilla.suse.com/show_bug.cgi?id=1107618
• https://bugzilla.suse.com/show_bug.cgi?id=1107619