Security update for ImageMagick

Announcement ID:	SUSE-SU-2016:2667-1
Rating:	moderate
References:	bsc#1000394 bsc#1000399 bsc#1000434 bsc#1000436 bsc#1000686 bsc#1000688 bsc#1000689 bsc#1000690 bsc#1000691 bsc#1000692 bsc#1000693 bsc#1000694 bsc#1000695 bsc#1000696 bsc#1000697 bsc#1000698 bsc#1000699 bsc#1000700 bsc#1000701 bsc#1000702 bsc#1000703 bsc#1000704 bsc#1000706 bsc#1000707 bsc#1000708 bsc#1000709 bsc#1000711 bsc#1000712 bsc#1000713 bsc#1000714 bsc#1000715 bsc#1001066 bsc#1001221 bsc#1002206 bsc#1002209 bsc#1002421 bsc#1002422 bsc#1003629 bsc#1005123 bsc#1005125 bsc#1005127 bsc#1005328
Cross-References:	CVE-2014-9907 CVE-2015-8957 CVE-2015-8958 CVE-2015-8959 CVE-2016-6823 CVE-2016-7101 CVE-2016-7513 CVE-2016-7514 CVE-2016-7515 CVE-2016-7516 CVE-2016-7517 CVE-2016-7518 CVE-2016-7519 CVE-2016-7520 CVE-2016-7521 CVE-2016-7522 CVE-2016-7523 CVE-2016-7524 CVE-2016-7525 CVE-2016-7526 CVE-2016-7527 CVE-2016-7528 CVE-2016-7529 CVE-2016-7530 CVE-2016-7531 CVE-2016-7532 CVE-2016-7533 CVE-2016-7534 CVE-2016-7535 CVE-2016-7537 CVE-2016-7538 CVE-2016-7539 CVE-2016-7540 CVE-2016-7799 CVE-2016-7800 CVE-2016-7996 CVE-2016-7997 CVE-2016-8677 CVE-2016-8682 CVE-2016-8683 CVE-2016-8684
CVSS scores:	CVE-2015-8959 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2016-6823 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2016-6823 ( NVD ): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2016-7101 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2016-7101 ( NVD ): 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2016-7513 ( NVD ): 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2016-7514 ( NVD ): 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2016-7515 ( NVD ): 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2016-7516 ( NVD ): 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2016-7517 ( NVD ): 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2016-7518 ( NVD ): 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2016-7519 ( NVD ): 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2016-7520 ( NVD ): 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2016-7521 ( NVD ): 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2016-7522 ( NVD ): 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2016-7523 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2016-7524 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2016-7525 ( NVD ): 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2016-7526 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2016-7526 ( NVD ): 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2016-7527 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2016-7527 ( NVD ): 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2016-7528 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2016-7528 ( NVD ): 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2016-7529 ( NVD ): 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2016-7530 ( NVD ): 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2016-7531 ( NVD ): 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2016-7532 ( NVD ): 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2016-7533 ( NVD ): 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2016-7534 ( NVD ): 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2016-7535 ( NVD ): 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2016-7537 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2016-7537 ( NVD ): 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2016-7538 ( NVD ): 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2016-7539 ( NVD ): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2016-7540 ( NVD ): 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2016-7799 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2016-7799 ( NVD ): 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2016-7800 ( NVD ): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2016-7996 ( NVD ): 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2016-7997 ( NVD ): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2016-8677 ( NVD ): 7.8 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2016-8682 ( NVD ): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2016-8683 ( NVD ): 7.8 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2016-8684 ( NVD ): 7.8 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products:	SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server for SAP Applications 12 SP1 SUSE Linux Enterprise Software Development Kit 12 SP1 SUSE Linux Enterprise Workstation Extension 12 SP1

An update that solves 41 vulnerabilities and has one security fix can now be installed.

Description:

This update for ImageMagick fixes the following issues:

These vulnerabilities could be triggered by processing specially crafted image files, which could lead to a process crash or resource consumtion, or potentially have unspecified futher impact.

• CVE-2016-8684: Mismatch between real filesize and header values (bsc#1005123)
• CVE-2016-8683: Check that filesize is reasonable compared to the header value (bsc#1005127)
• CVE-2016-8682: Stack-buffer read overflow while reading SCT header (bsc#1005125)
• CVE-2016-8677: Memory allocation failure in AcquireQuantumPixels (bsc#1005328)
• CVE-2016-7996, CVE-2016-7997: WPG Reader Issues (bsc#1003629)
• CVE-2016-7800: 8BIM/8BIMW unsigned underflow leads to heap overflow (bsc#1002422)
• CVE-2016-7799: mogrify global buffer overflow (bsc#1002421)
• CVE-2016-7540: writing to RGF format aborts (bsc#1000394)
• CVE-2016-7539: Potential DOS by not releasing memory (bsc#1000715)
• CVE-2016-7538: SIGABRT for corrupted pdb file (bsc#1000712)
• CVE-2016-7537: Out of bound access for corrupted pdb file (bsc#1000711)
• CVE-2016-7535: Out of bound access for corrupted psd file (bsc#1000709)
• CVE-2016-7534: Out of bound access in generic decoder (bsc#1000708)
• CVE-2016-7533: Wpg file out of bound for corrupted file (bsc#1000707)
• CVE-2016-7532: fix handling of corrupted psd file (bsc#1000706)
• CVE-2016-7531: Pbd file out of bound access (bsc#1000704)
• CVE-2016-7530: Out of bound in quantum handling (bsc#1000703)
• CVE-2016-7529: Out-of-bound in quantum handling (bsc#1000399)
• CVE-2016-7528: Out-of-bound access in xcf file coder (bsc#1000434)
• CVE-2016-7527: Out-of-bound access in wpg file coder: (bsc#1000436)
• CVE-2016-7526: out-of-bounds write in ./MagickCore/pixel-accessor.h (bsc#1000702)
• CVE-2016-7525: Heap buffer overflow in psd file coder (bsc#1000701)
• CVE-2016-7524: AddressSanitizer:heap-buffer-overflow READ of size 1 in meta.c:465 (bsc#1000700)
• CVE-2016-7523: AddressSanitizer:heap-buffer-overflow READ of size 1 meta.c:496 (bsc#1000699)
• CVE-2016-7522: Out of bound access for malformed psd file (bsc#1000698)
• CVE-2016-7521: Heap buffer overflow in psd file handling (bsc#1000697)
• CVE-2016-7520: Heap overflow in hdr file handling (bsc#1000696)
• CVE-2016-7519: Out-of-bounds read in coders/rle.c (bsc#1000695)
• CVE-2016-7518: Out-of-bounds read in coders/sun.c (bsc#1000694)
• CVE-2016-7517: Out-of-bounds read in coders/pict.c (bsc#1000693)
• CVE-2016-7516: Out-of-bounds problem in rle, pict, viff and sun files (bsc#1000692)
• CVE-2016-7515: Rle file handling for corrupted file (bsc#1000689)
• CVE-2016-7514: Out-of-bounds read in coders/psd.c (bsc#1000688)
• CVE-2016-7513: Off-by-one error leading to segfault (bsc#1000686)
• CVE-2016-7101: raphicsMagick: SGI Coder Out-Of-Bounds Read Vulnerability (bsc#1001221)
• CVE-2016-6823: raphicsMagick: BMP Coder Out-Of-Bounds Write Vulnerability (bsc#1001066)
• CVE-2015-8959: dOS due to corrupted DDS files (bsc#1000713)
• CVE-2015-8958: Potential DOS in sun file handling due to malformed files (bsc#1000691)
• CVE-2015-8957: Buffer overflow in sun file handling (bsc#1000690)
• CVE-2014-9907: DOS due to corrupted DDS files (bsc#1000714)
• Buffer overflows in SIXEL, PDB, MAP, and TIFF coders (bsc#1002209)
• Divide by zero in WriteTIFFImage (bsc#1002206)

Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

• SUSE Linux Enterprise Desktop 12 SP1
  zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2016-1572=1
• SUSE Linux Enterprise Software Development Kit 12 SP1
  zypper in -t patch SUSE-SLE-SDK-12-SP1-2016-1572=1
• SUSE Linux Enterprise Server for SAP Applications 12 SP1
  zypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-1572=1
• SUSE Linux Enterprise Server 12 SP1
  zypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-1572=1
• SUSE Linux Enterprise Workstation Extension 12 SP1
  zypper in -t patch SUSE-SLE-WE-12-SP1-2016-1572=1

Package List:

• SUSE Linux Enterprise Desktop 12 SP1 (x86_64)
  • ImageMagick-6.8.8.1-40.1
  • libMagickWand-6_Q16-1-debuginfo-6.8.8.1-40.1
  • libMagickCore-6_Q16-1-debuginfo-32bit-6.8.8.1-40.1
  • libMagick++-6_Q16-3-6.8.8.1-40.1
  • libMagickCore-6_Q16-1-6.8.8.1-40.1
  • libMagickWand-6_Q16-1-6.8.8.1-40.1
  • ImageMagick-debugsource-6.8.8.1-40.1
  • libMagickCore-6_Q16-1-debuginfo-6.8.8.1-40.1
  • libMagickCore-6_Q16-1-32bit-6.8.8.1-40.1
  • ImageMagick-debuginfo-6.8.8.1-40.1
  • libMagick++-6_Q16-3-debuginfo-6.8.8.1-40.1
• SUSE Linux Enterprise Software Development Kit 12 SP1 (ppc64le s390x x86_64)
  • ImageMagick-6.8.8.1-40.1
  • libMagick++-devel-6.8.8.1-40.1
  • libMagick++-6_Q16-3-6.8.8.1-40.1
  • perl-PerlMagick-6.8.8.1-40.1
  • ImageMagick-debugsource-6.8.8.1-40.1
  • ImageMagick-devel-6.8.8.1-40.1
  • ImageMagick-debuginfo-6.8.8.1-40.1
  • libMagick++-6_Q16-3-debuginfo-6.8.8.1-40.1
  • perl-PerlMagick-debuginfo-6.8.8.1-40.1
• SUSE Linux Enterprise Server for SAP Applications 12 SP1 (ppc64le x86_64)
  • libMagickWand-6_Q16-1-debuginfo-6.8.8.1-40.1
  • libMagickWand-6_Q16-1-6.8.8.1-40.1
  • ImageMagick-debugsource-6.8.8.1-40.1
  • libMagickCore-6_Q16-1-debuginfo-6.8.8.1-40.1
  • ImageMagick-debuginfo-6.8.8.1-40.1
  • libMagickCore-6_Q16-1-6.8.8.1-40.1
• SUSE Linux Enterprise Server 12 SP1 (ppc64le s390x x86_64)
  • libMagickWand-6_Q16-1-debuginfo-6.8.8.1-40.1
  • libMagickWand-6_Q16-1-6.8.8.1-40.1
  • ImageMagick-debugsource-6.8.8.1-40.1
  • libMagickCore-6_Q16-1-debuginfo-6.8.8.1-40.1
  • ImageMagick-debuginfo-6.8.8.1-40.1
  • libMagickCore-6_Q16-1-6.8.8.1-40.1
• SUSE Linux Enterprise Workstation Extension 12 SP1 (x86_64)
  • ImageMagick-6.8.8.1-40.1
  • libMagickCore-6_Q16-1-debuginfo-32bit-6.8.8.1-40.1
  • libMagick++-6_Q16-3-6.8.8.1-40.1
  • ImageMagick-debugsource-6.8.8.1-40.1
  • libMagickCore-6_Q16-1-32bit-6.8.8.1-40.1
  • ImageMagick-debuginfo-6.8.8.1-40.1
  • libMagick++-6_Q16-3-debuginfo-6.8.8.1-40.1

References:

• https://www.suse.com/security/cve/CVE-2014-9907.html
• https://www.suse.com/security/cve/CVE-2015-8957.html
• https://www.suse.com/security/cve/CVE-2015-8958.html
• https://www.suse.com/security/cve/CVE-2015-8959.html
• https://www.suse.com/security/cve/CVE-2016-6823.html
• https://www.suse.com/security/cve/CVE-2016-7101.html
• https://www.suse.com/security/cve/CVE-2016-7513.html
• https://www.suse.com/security/cve/CVE-2016-7514.html
• https://www.suse.com/security/cve/CVE-2016-7515.html
• https://www.suse.com/security/cve/CVE-2016-7516.html
• https://www.suse.com/security/cve/CVE-2016-7517.html
• https://www.suse.com/security/cve/CVE-2016-7518.html
• https://www.suse.com/security/cve/CVE-2016-7519.html
• https://www.suse.com/security/cve/CVE-2016-7520.html
• https://www.suse.com/security/cve/CVE-2016-7521.html
• https://www.suse.com/security/cve/CVE-2016-7522.html
• https://www.suse.com/security/cve/CVE-2016-7523.html
• https://www.suse.com/security/cve/CVE-2016-7524.html
• https://www.suse.com/security/cve/CVE-2016-7525.html
• https://www.suse.com/security/cve/CVE-2016-7526.html
• https://www.suse.com/security/cve/CVE-