Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2018-9018 (GCVE-0-2018-9018)
Vulnerability from cvelistv5
Published
2018-03-25 21:00
Modified
2024-08-05 07:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
In GraphicsMagick 1.3.28, there is a divide-by-zero in the ReadMNGImage function of coders/png.c. Remote attackers could leverage this vulnerability to cause a crash and denial of service via a crafted mng file.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:10:47.354Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[debian-lts-announce] 20180328 [SECURITY] [DLA 1322-1] graphicsmagick security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/03/msg00025.html"
},
{
"name": "DSA-4321",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4321"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://sourceforge.net/p/graphicsmagick/bugs/554/"
},
{
"name": "[debian-lts-announce] 20180803 [SECURITY] [DLA 1456-1] graphicsmagick security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00002.html"
},
{
"name": "103526",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/103526"
},
{
"name": "FEDORA-2019-f12cb1ddab",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3IYH7QSNXXOIDFTYLY455ANZ3JWQ7FCS/"
},
{
"name": "FEDORA-2019-210b0a6e4f",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FS76VNCFL3FVRMGXQEMHBOKA7EE46BTS/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-03-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "In GraphicsMagick 1.3.28, there is a divide-by-zero in the ReadMNGImage function of coders/png.c. Remote attackers could leverage this vulnerability to cause a crash and denial of service via a crafted mng file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-01-12T03:06:07",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[debian-lts-announce] 20180328 [SECURITY] [DLA 1322-1] graphicsmagick security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/03/msg00025.html"
},
{
"name": "DSA-4321",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4321"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://sourceforge.net/p/graphicsmagick/bugs/554/"
},
{
"name": "[debian-lts-announce] 20180803 [SECURITY] [DLA 1456-1] graphicsmagick security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00002.html"
},
{
"name": "103526",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/103526"
},
{
"name": "FEDORA-2019-f12cb1ddab",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3IYH7QSNXXOIDFTYLY455ANZ3JWQ7FCS/"
},
{
"name": "FEDORA-2019-210b0a6e4f",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FS76VNCFL3FVRMGXQEMHBOKA7EE46BTS/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-9018",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In GraphicsMagick 1.3.28, there is a divide-by-zero in the ReadMNGImage function of coders/png.c. Remote attackers could leverage this vulnerability to cause a crash and denial of service via a crafted mng file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[debian-lts-announce] 20180328 [SECURITY] [DLA 1322-1] graphicsmagick security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/03/msg00025.html"
},
{
"name": "DSA-4321",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4321"
},
{
"name": "https://sourceforge.net/p/graphicsmagick/bugs/554/",
"refsource": "MISC",
"url": "https://sourceforge.net/p/graphicsmagick/bugs/554/"
},
{
"name": "[debian-lts-announce] 20180803 [SECURITY] [DLA 1456-1] graphicsmagick security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00002.html"
},
{
"name": "103526",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103526"
},
{
"name": "FEDORA-2019-f12cb1ddab",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3IYH7QSNXXOIDFTYLY455ANZ3JWQ7FCS/"
},
{
"name": "FEDORA-2019-210b0a6e4f",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FS76VNCFL3FVRMGXQEMHBOKA7EE46BTS/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-9018",
"datePublished": "2018-03-25T21:00:00",
"dateReserved": "2018-03-25T00:00:00",
"dateUpdated": "2024-08-05T07:10:47.354Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2018-9018\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2018-03-25T21:29:00.250\",\"lastModified\":\"2024-11-21T04:14:47.773\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In GraphicsMagick 1.3.28, there is a divide-by-zero in the ReadMNGImage function of coders/png.c. Remote attackers could leverage this vulnerability to cause a crash and denial of service via a crafted mng file.\"},{\"lang\":\"es\",\"value\":\"En GraphicsMagick 1.3.28 hay una divisi\u00f3n entre cero en la fucnci\u00f3n ReadMNGImage en coders/png.c. Los atacantes remotos podr\u00edan aprovechar esta vulnerabilidad para provocar un cuerre inesperado y una denegaci\u00f3n de servicio (DoS) mediante un archivo mng manipulado.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:N/A:P\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-369\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:graphicsmagick:graphicsmagick:1.3.28:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E1057951-C073-4E4E-9930-25F83B54A68C\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"16F59A04-14CF-49E2-9973-645477EA09DA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEECE5FC-CACF-4496-A3E7-164736409252\"}]}]}],\"references\":[{\"url\":\"http://www.securityfocus.com/bid/103526\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2018/03/msg00025.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2018/08/msg00002.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3IYH7QSNXXOIDFTYLY455ANZ3JWQ7FCS/\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FS76VNCFL3FVRMGXQEMHBOKA7EE46BTS/\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://sourceforge.net/p/graphicsmagick/bugs/554/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2018/dsa-4321\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/103526\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2018/03/msg00025.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2018/08/msg00002.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3IYH7QSNXXOIDFTYLY455ANZ3JWQ7FCS/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FS76VNCFL3FVRMGXQEMHBOKA7EE46BTS/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://sourceforge.net/p/graphicsmagick/bugs/554/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2018/dsa-4321\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
}
}
wid-sec-w-2023-0768
Vulnerability from csaf_certbund
Published
2018-03-25 22:00
Modified
2023-03-27 22:00
Summary
GraphicsMagick: Schwachstelle ermöglicht Denial of Service
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
ImageMagick und GraphicsMagick sind Sammlungen von Programmbibliotheken und Werkzeugen, die Grafiken in zahlreichen Formaten verarbeiten können.
Angriff
Ein entfernter, anonymer Angreifer kann eine Schwachstelle in GraphicsMagick ausnutzen, um einen Denial of Service Angriff durchzuführen.
Betroffene Betriebssysteme
- UNIX
- Linux
- Windows
{
"document": {
"aggregate_severity": {
"text": "niedrig"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "ImageMagick und GraphicsMagick sind Sammlungen von Programmbibliotheken und Werkzeugen, die Grafiken in zahlreichen Formaten verarbeiten k\u00f6nnen.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann eine Schwachstelle in GraphicsMagick ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- UNIX\n- Linux\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2023-0768 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2018/wid-sec-w-2023-0768.json"
},
{
"category": "self",
"summary": "WID-SEC-2023-0768 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0768"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-5974-1 vom 2023-03-27",
"url": "https://ubuntu.com/security/notices/USN-5974-1"
},
{
"category": "external",
"summary": "National Vulnerability Database vom 2018-03-25",
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-9018"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1036-1 vom 2018-04-21",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181036-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1129-1 vom 2018-05-03",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181129-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1178-1 vom 2018-05-09",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181178-1.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-4321 vom 2018-10-17",
"url": "http://www.debian.org/security/2018/dsa-4321"
}
],
"source_lang": "en-US",
"title": "GraphicsMagick: Schwachstelle erm\u00f6glicht Denial of Service",
"tracking": {
"current_release_date": "2023-03-27T22:00:00.000+00:00",
"generator": {
"date": "2024-08-15T17:47:24.010+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2023-0768",
"initial_release_date": "2018-03-25T22:00:00.000+00:00",
"revision_history": [
{
"date": "2018-03-25T22:00:00.000+00:00",
"number": "1",
"summary": "Initial Release"
},
{
"date": "2018-03-25T22:00:00.000+00:00",
"number": "2",
"summary": "Version nicht vorhanden"
},
{
"date": "2018-04-22T22:00:00.000+00:00",
"number": "3",
"summary": "New remediations available"
},
{
"date": "2018-05-02T22:00:00.000+00:00",
"number": "4",
"summary": "New remediations available"
},
{
"date": "2018-05-10T22:00:00.000+00:00",
"number": "5",
"summary": "New remediations available"
},
{
"date": "2018-10-16T22:00:00.000+00:00",
"number": "6",
"summary": "New remediations available"
},
{
"date": "2020-01-05T23:00:00.000+00:00",
"number": "7",
"summary": "Referenz(en) aufgenommen: FEDORA-2019-F12CB1DDAB, FEDORA-2019-210B0A6E4F"
},
{
"date": "2023-03-27T22:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von Ubuntu aufgenommen"
}
],
"status": "final",
"version": "8"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Debian Linux",
"product": {
"name": "Debian Linux",
"product_id": "2951",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:-"
}
}
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"category": "product_name",
"name": "Open Source GraphicsMagick 1.3.28",
"product": {
"name": "Open Source GraphicsMagick 1.3.28",
"product_id": "4505",
"product_identification_helper": {
"cpe": "cpe:/a:graphicsmagick:graphicsmagick:-"
}
}
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-9018",
"notes": [
{
"category": "description",
"text": "Es existiert eine Schwachstelle in GraphicsMagick. Die Schwachstelle beruht auf einem \"Division durch Null\" Fehler in der \"ReadMNGImage\" Funktion in [coders/png.c]. Ein entfernter anonymer Angreifer kann dieses durch \u00dcbermitteln geeignet gestalteter Daten zu einem Denial of Service Angriff nutzen. Zur erfolgreichen Ausnutzung dieser Schwachstelle muss der Angreifer den Benutzer dazu bringen, eine modifizierte mng Datei zu \u00f6ffnen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"T000126",
"4505"
]
},
"release_date": "2018-03-25T22:00:00.000+00:00",
"title": "CVE-2018-9018"
}
]
}
suse-su-2018:1036-1
Vulnerability from csaf_suse
Published
2018-04-20 13:27
Modified
2018-04-20 13:27
Summary
Security update for GraphicsMagick
Notes
Title of the patch
Security update for GraphicsMagick
Description of the patch
This update for GraphicsMagick fixes the following issues:
- security update (png.c)
* CVE-2018-9018: divide-by-zero in the ReadMNGImage function of coders/png.c.
Attackers could leverage this vulnerability to cause a crash and denial of service
via a crafted mng file. [bsc#1086773]
- security update (gif.c)
* CVE-2017-18254: A memory leak vulnerability was found in the function WriteGIFImage in coders/gif.c,
which could lead to denial of service via a crafted file. [bsc#1087027]
- security update (pcd.c)
* CVE-2017-18251: A memory leak vulnerability was found in the function ReadPCDImage in coders/pcd.c,
which could lead to a denial of service via a crafted file. [bsc#1087037]
Patchnames
sdksp4-GraphicsMagick-13568,slestso13-GraphicsMagick-13568
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for GraphicsMagick",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for GraphicsMagick fixes the following issues:\n\n- security update (png.c)\n * CVE-2018-9018: divide-by-zero in the ReadMNGImage function of coders/png.c. \n Attackers could leverage this vulnerability to cause a crash and denial of service \n via a crafted mng file. [bsc#1086773]\n\n- security update (gif.c)\n * CVE-2017-18254: A memory leak vulnerability was found in the function WriteGIFImage in coders/gif.c, \n which could lead to denial of service via a crafted file. [bsc#1087027]\n\n\n- security update (pcd.c)\n * CVE-2017-18251: A memory leak vulnerability was found in the function ReadPCDImage in coders/pcd.c, \n which could lead to a denial of service via a crafted file. [bsc#1087037]\n ",
"title": "Description of the patch"
},
{
"category": "details",
"text": "sdksp4-GraphicsMagick-13568,slestso13-GraphicsMagick-13568",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_1036-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2018:1036-1",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181036-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2018:1036-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2018-April/003951.html"
},
{
"category": "self",
"summary": "SUSE Bug 1086773",
"url": "https://bugzilla.suse.com/1086773"
},
{
"category": "self",
"summary": "SUSE Bug 1087027",
"url": "https://bugzilla.suse.com/1087027"
},
{
"category": "self",
"summary": "SUSE Bug 1087037",
"url": "https://bugzilla.suse.com/1087037"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-18251 page",
"url": "https://www.suse.com/security/cve/CVE-2017-18251/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-18254 page",
"url": "https://www.suse.com/security/cve/CVE-2017-18254/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-9018 page",
"url": "https://www.suse.com/security/cve/CVE-2018-9018/"
}
],
"title": "Security update for GraphicsMagick",
"tracking": {
"current_release_date": "2018-04-20T13:27:11Z",
"generator": {
"date": "2018-04-20T13:27:11Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2018:1036-1",
"initial_release_date": "2018-04-20T13:27:11Z",
"revision_history": [
{
"date": "2018-04-20T13:27:11Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "GraphicsMagick-1.2.5-78.47.1.i586",
"product": {
"name": "GraphicsMagick-1.2.5-78.47.1.i586",
"product_id": "GraphicsMagick-1.2.5-78.47.1.i586"
}
},
{
"category": "product_version",
"name": "libGraphicsMagick2-1.2.5-78.47.1.i586",
"product": {
"name": "libGraphicsMagick2-1.2.5-78.47.1.i586",
"product_id": "libGraphicsMagick2-1.2.5-78.47.1.i586"
}
},
{
"category": "product_version",
"name": "perl-GraphicsMagick-1.2.5-78.47.1.i586",
"product": {
"name": "perl-GraphicsMagick-1.2.5-78.47.1.i586",
"product_id": "perl-GraphicsMagick-1.2.5-78.47.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "GraphicsMagick-1.2.5-78.47.1.ia64",
"product": {
"name": "GraphicsMagick-1.2.5-78.47.1.ia64",
"product_id": "GraphicsMagick-1.2.5-78.47.1.ia64"
}
},
{
"category": "product_version",
"name": "libGraphicsMagick2-1.2.5-78.47.1.ia64",
"product": {
"name": "libGraphicsMagick2-1.2.5-78.47.1.ia64",
"product_id": "libGraphicsMagick2-1.2.5-78.47.1.ia64"
}
},
{
"category": "product_version",
"name": "perl-GraphicsMagick-1.2.5-78.47.1.ia64",
"product": {
"name": "perl-GraphicsMagick-1.2.5-78.47.1.ia64",
"product_id": "perl-GraphicsMagick-1.2.5-78.47.1.ia64"
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "GraphicsMagick-1.2.5-78.47.1.ppc64",
"product": {
"name": "GraphicsMagick-1.2.5-78.47.1.ppc64",
"product_id": "GraphicsMagick-1.2.5-78.47.1.ppc64"
}
},
{
"category": "product_version",
"name": "libGraphicsMagick2-1.2.5-78.47.1.ppc64",
"product": {
"name": "libGraphicsMagick2-1.2.5-78.47.1.ppc64",
"product_id": "libGraphicsMagick2-1.2.5-78.47.1.ppc64"
}
},
{
"category": "product_version",
"name": "perl-GraphicsMagick-1.2.5-78.47.1.ppc64",
"product": {
"name": "perl-GraphicsMagick-1.2.5-78.47.1.ppc64",
"product_id": "perl-GraphicsMagick-1.2.5-78.47.1.ppc64"
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "GraphicsMagick-1.2.5-78.47.1.s390x",
"product": {
"name": "GraphicsMagick-1.2.5-78.47.1.s390x",
"product_id": "GraphicsMagick-1.2.5-78.47.1.s390x"
}
},
{
"category": "product_version",
"name": "libGraphicsMagick2-1.2.5-78.47.1.s390x",
"product": {
"name": "libGraphicsMagick2-1.2.5-78.47.1.s390x",
"product_id": "libGraphicsMagick2-1.2.5-78.47.1.s390x"
}
},
{
"category": "product_version",
"name": "perl-GraphicsMagick-1.2.5-78.47.1.s390x",
"product": {
"name": "perl-GraphicsMagick-1.2.5-78.47.1.s390x",
"product_id": "perl-GraphicsMagick-1.2.5-78.47.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "GraphicsMagick-1.2.5-78.47.1.x86_64",
"product": {
"name": "GraphicsMagick-1.2.5-78.47.1.x86_64",
"product_id": "GraphicsMagick-1.2.5-78.47.1.x86_64"
}
},
{
"category": "product_version",
"name": "libGraphicsMagick2-1.2.5-78.47.1.x86_64",
"product": {
"name": "libGraphicsMagick2-1.2.5-78.47.1.x86_64",
"product_id": "libGraphicsMagick2-1.2.5-78.47.1.x86_64"
}
},
{
"category": "product_version",
"name": "perl-GraphicsMagick-1.2.5-78.47.1.x86_64",
"product": {
"name": "perl-GraphicsMagick-1.2.5-78.47.1.x86_64",
"product_id": "perl-GraphicsMagick-1.2.5-78.47.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Software Development Kit 11 SP4",
"product": {
"name": "SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_identification_helper": {
"cpe": "cpe:/a:suse:sle-sdk:11:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Studio Onsite 1.3",
"product": {
"name": "SUSE Studio Onsite 1.3",
"product_id": "SUSE Studio Onsite 1.3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-studioonsite:1.3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "GraphicsMagick-1.2.5-78.47.1.i586 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-78.47.1.i586"
},
"product_reference": "GraphicsMagick-1.2.5-78.47.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "GraphicsMagick-1.2.5-78.47.1.ia64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-78.47.1.ia64"
},
"product_reference": "GraphicsMagick-1.2.5-78.47.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "GraphicsMagick-1.2.5-78.47.1.ppc64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-78.47.1.ppc64"
},
"product_reference": "GraphicsMagick-1.2.5-78.47.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "GraphicsMagick-1.2.5-78.47.1.s390x as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-78.47.1.s390x"
},
"product_reference": "GraphicsMagick-1.2.5-78.47.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "GraphicsMagick-1.2.5-78.47.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-78.47.1.x86_64"
},
"product_reference": "GraphicsMagick-1.2.5-78.47.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libGraphicsMagick2-1.2.5-78.47.1.i586 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-78.47.1.i586"
},
"product_reference": "libGraphicsMagick2-1.2.5-78.47.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libGraphicsMagick2-1.2.5-78.47.1.ia64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-78.47.1.ia64"
},
"product_reference": "libGraphicsMagick2-1.2.5-78.47.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libGraphicsMagick2-1.2.5-78.47.1.ppc64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-78.47.1.ppc64"
},
"product_reference": "libGraphicsMagick2-1.2.5-78.47.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libGraphicsMagick2-1.2.5-78.47.1.s390x as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-78.47.1.s390x"
},
"product_reference": "libGraphicsMagick2-1.2.5-78.47.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libGraphicsMagick2-1.2.5-78.47.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-78.47.1.x86_64"
},
"product_reference": "libGraphicsMagick2-1.2.5-78.47.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-GraphicsMagick-1.2.5-78.47.1.i586 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-78.47.1.i586"
},
"product_reference": "perl-GraphicsMagick-1.2.5-78.47.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-GraphicsMagick-1.2.5-78.47.1.ia64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-78.47.1.ia64"
},
"product_reference": "perl-GraphicsMagick-1.2.5-78.47.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-GraphicsMagick-1.2.5-78.47.1.ppc64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-78.47.1.ppc64"
},
"product_reference": "perl-GraphicsMagick-1.2.5-78.47.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-GraphicsMagick-1.2.5-78.47.1.s390x as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-78.47.1.s390x"
},
"product_reference": "perl-GraphicsMagick-1.2.5-78.47.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-GraphicsMagick-1.2.5-78.47.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-78.47.1.x86_64"
},
"product_reference": "perl-GraphicsMagick-1.2.5-78.47.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "GraphicsMagick-1.2.5-78.47.1.x86_64 as component of SUSE Studio Onsite 1.3",
"product_id": "SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-78.47.1.x86_64"
},
"product_reference": "GraphicsMagick-1.2.5-78.47.1.x86_64",
"relates_to_product_reference": "SUSE Studio Onsite 1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libGraphicsMagick2-1.2.5-78.47.1.x86_64 as component of SUSE Studio Onsite 1.3",
"product_id": "SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-78.47.1.x86_64"
},
"product_reference": "libGraphicsMagick2-1.2.5-78.47.1.x86_64",
"relates_to_product_reference": "SUSE Studio Onsite 1.3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-18251",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-18251"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in ImageMagick 7.0.7. A memory leak vulnerability was found in the function ReadPCDImage in coders/pcd.c, which allow remote attackers to cause a denial of service via a crafted file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-78.47.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-78.47.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-78.47.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-78.47.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-78.47.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-78.47.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-78.47.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-78.47.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-78.47.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-78.47.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-78.47.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-78.47.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-78.47.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-78.47.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-78.47.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-78.47.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-78.47.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-18251",
"url": "https://www.suse.com/security/cve/CVE-2017-18251"
},
{
"category": "external",
"summary": "SUSE Bug 1087037 for CVE-2017-18251",
"url": "https://bugzilla.suse.com/1087037"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-78.47.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-78.47.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-78.47.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-78.47.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-78.47.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-78.47.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-78.47.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-78.47.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-78.47.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-78.47.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-78.47.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-78.47.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-78.47.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-78.47.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-78.47.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-78.47.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-78.47.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-78.47.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-78.47.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-78.47.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-78.47.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-78.47.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-78.47.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-78.47.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-78.47.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-78.47.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-78.47.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-78.47.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-78.47.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-78.47.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-78.47.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-78.47.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-78.47.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-78.47.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-04-20T13:27:11Z",
"details": "low"
}
],
"title": "CVE-2017-18251"
},
{
"cve": "CVE-2017-18254",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-18254"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in ImageMagick 7.0.7. A memory leak vulnerability was found in the function WriteGIFImage in coders/gif.c, which allow remote attackers to cause a denial of service via a crafted file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-78.47.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-78.47.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-78.47.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-78.47.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-78.47.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-78.47.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-78.47.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-78.47.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-78.47.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-78.47.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-78.47.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-78.47.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-78.47.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-78.47.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-78.47.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-78.47.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-78.47.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-18254",
"url": "https://www.suse.com/security/cve/CVE-2017-18254"
},
{
"category": "external",
"summary": "SUSE Bug 1087027 for CVE-2017-18254",
"url": "https://bugzilla.suse.com/1087027"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-78.47.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-78.47.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-78.47.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-78.47.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-78.47.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-78.47.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-78.47.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-78.47.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-78.47.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-78.47.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-78.47.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-78.47.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-78.47.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-78.47.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-78.47.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-78.47.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-78.47.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-78.47.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-78.47.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-78.47.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-78.47.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-78.47.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-78.47.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-78.47.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-78.47.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-78.47.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-78.47.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-78.47.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-78.47.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-78.47.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-78.47.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-78.47.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-78.47.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-78.47.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-04-20T13:27:11Z",
"details": "low"
}
],
"title": "CVE-2017-18254"
},
{
"cve": "CVE-2018-9018",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-9018"
}
],
"notes": [
{
"category": "general",
"text": "In GraphicsMagick 1.3.28, there is a divide-by-zero in the ReadMNGImage function of coders/png.c. Remote attackers could leverage this vulnerability to cause a crash and denial of service via a crafted mng file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-78.47.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-78.47.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-78.47.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-78.47.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-78.47.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-78.47.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-78.47.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-78.47.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-78.47.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-78.47.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-78.47.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-78.47.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-78.47.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-78.47.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-78.47.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-78.47.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-78.47.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-9018",
"url": "https://www.suse.com/security/cve/CVE-2018-9018"
},
{
"category": "external",
"summary": "SUSE Bug 1086773 for CVE-2018-9018",
"url": "https://bugzilla.suse.com/1086773"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-78.47.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-78.47.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-78.47.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-78.47.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-78.47.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-78.47.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-78.47.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-78.47.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-78.47.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-78.47.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-78.47.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-78.47.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-78.47.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-78.47.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-78.47.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-78.47.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-78.47.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-78.47.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-78.47.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-78.47.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-78.47.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-78.47.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-78.47.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-78.47.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-78.47.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-78.47.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-78.47.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-78.47.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-78.47.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-78.47.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-78.47.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-78.47.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-78.47.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-78.47.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-04-20T13:27:11Z",
"details": "low"
}
],
"title": "CVE-2018-9018"
}
]
}
suse-su-2018:1178-1
Vulnerability from csaf_suse
Published
2018-05-09 11:30
Modified
2018-05-09 11:30
Summary
Security update for ImageMagick
Notes
Title of the patch
Security update for ImageMagick
Description of the patch
This update for ImageMagick fixes the following issues:
- CVE-2017-14325: In ImageMagick, a memory leak vulnerability was found in
the function PersistPixelCache in magick/cache.c, which allowed attackers
to cause a denial of service (memory consumption in ReadMPCImage in
coders/mpc.c) via a crafted file. [bsc#1058635]
- CVE-2017-17887: In ImageMagick, a memory leak vulnerability was found
in the function GetImagePixelCache in magick/cache.c, which allowed
attackers to cause a denial of service via a crafted MNG image file that
is processed by ReadOneMNGImage. [bsc#1074117]
- CVE-2017-18250: A NULL pointer dereference vulnerability was found in the function
LogOpenCLBuildFailure in MagickCore/opencl.c, which could lead to a denial of service
via a crafted file. [bsc#1087039]
- CVE-2017-18251: A memory leak vulnerability was found in the function ReadPCDImage in coders/pcd.c,
which could lead to a denial of service via a crafted file. [bsc#1087037]
- CVE-2017-18252: The MogrifyImageList function in MagickWand/mogrify.c could allow
attackers to cause a denial of service via a crafted file. [bsc#1087033]
- CVE-2017-18254: A memory leak vulnerability was found in the function WriteGIFImage in coders/gif.c,
which could lead to denial of service via a crafted file. [bsc#1087027]
- CVE-2018-8960: The ReadTIFFImage function in coders/tiff.c in
ImageMagick did not properly restrict memory allocation, leading to a
heap-based buffer over-read. [bsc#1086782]
- CVE-2018-9018: divide-by-zero in the ReadMNGImage function of coders/png.c.
Attackers could leverage this vulnerability to cause a crash and denial of service
via a crafted mng file. [bsc#1086773]
- CVE-2018-9135: heap-based buffer over-read in IsWEBPImageLossless in coders/webp.c
could lead to denial of service. [bsc#1087825]
- CVE-2018-10177: In ImageMagick, there was an infinite loop in the
ReadOneMNGImage function of the coders/png.c file. Remote attackers
could leverage this vulnerability to cause a denial of service via a
crafted mng file. [bsc#1089781]
- CVE-2017-10928: a heap-based buffer over-read in the GetNextToken function in token.c
could allow attackers to obtain sensitive information from process memory or possibly have
unspecified other impact via a crafted SVG document that is mishandled in the
GetUserSpaceCoordinateValue function in coders/svg.c. [bsc#1047356]
Patchnames
SUSE-SLE-DESKTOP-12-SP3-2018-818,SUSE-SLE-SDK-12-SP3-2018-818,SUSE-SLE-SERVER-12-SP3-2018-818,SUSE-SLE-WE-12-SP3-2018-818
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for ImageMagick",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for ImageMagick fixes the following issues:\n\n- CVE-2017-14325: In ImageMagick, a memory leak vulnerability was found in\n the function PersistPixelCache in magick/cache.c, which allowed attackers\n to cause a denial of service (memory consumption in ReadMPCImage in\n coders/mpc.c) via a crafted file. [bsc#1058635]\n- CVE-2017-17887: In ImageMagick, a memory leak vulnerability was found\n in the function GetImagePixelCache in magick/cache.c, which allowed\n attackers to cause a denial of service via a crafted MNG image file that\n is processed by ReadOneMNGImage. [bsc#1074117]\n- CVE-2017-18250: A NULL pointer dereference vulnerability was found in the function \n LogOpenCLBuildFailure in MagickCore/opencl.c, which could lead to a denial of service \n via a crafted file. [bsc#1087039]\n- CVE-2017-18251: A memory leak vulnerability was found in the function ReadPCDImage in coders/pcd.c, \n which could lead to a denial of service via a crafted file. [bsc#1087037]\n- CVE-2017-18252: The MogrifyImageList function in MagickWand/mogrify.c could allow \n attackers to cause a denial of service via a crafted file. [bsc#1087033]\n- CVE-2017-18254: A memory leak vulnerability was found in the function WriteGIFImage in coders/gif.c, \n which could lead to denial of service via a crafted file. [bsc#1087027]\n- CVE-2018-8960: The ReadTIFFImage function in coders/tiff.c in\n ImageMagick did not properly restrict memory allocation, leading to a\n heap-based buffer over-read. [bsc#1086782]\n- CVE-2018-9018: divide-by-zero in the ReadMNGImage function of coders/png.c. \n Attackers could leverage this vulnerability to cause a crash and denial of service \n via a crafted mng file. [bsc#1086773]\n- CVE-2018-9135: heap-based buffer over-read in IsWEBPImageLossless in coders/webp.c \n could lead to denial of service. [bsc#1087825]\n- CVE-2018-10177: In ImageMagick, there was an infinite loop in the\n ReadOneMNGImage function of the coders/png.c file. Remote attackers\n could leverage this vulnerability to cause a denial of service via a\n crafted mng file. [bsc#1089781]\n- CVE-2017-10928: a heap-based buffer over-read in the GetNextToken function in token.c \n could allow attackers to obtain sensitive information from process memory or possibly have \n unspecified other impact via a crafted SVG document that is mishandled in the \n GetUserSpaceCoordinateValue function in coders/svg.c. [bsc#1047356]\n\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-DESKTOP-12-SP3-2018-818,SUSE-SLE-SDK-12-SP3-2018-818,SUSE-SLE-SERVER-12-SP3-2018-818,SUSE-SLE-WE-12-SP3-2018-818",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_1178-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2018:1178-1",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181178-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2018:1178-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2018-May/003983.html"
},
{
"category": "self",
"summary": "SUSE Bug 1047356",
"url": "https://bugzilla.suse.com/1047356"
},
{
"category": "self",
"summary": "SUSE Bug 1058635",
"url": "https://bugzilla.suse.com/1058635"
},
{
"category": "self",
"summary": "SUSE Bug 1074117",
"url": "https://bugzilla.suse.com/1074117"
},
{
"category": "self",
"summary": "SUSE Bug 1086773",
"url": "https://bugzilla.suse.com/1086773"
},
{
"category": "self",
"summary": "SUSE Bug 1086782",
"url": "https://bugzilla.suse.com/1086782"
},
{
"category": "self",
"summary": "SUSE Bug 1087027",
"url": "https://bugzilla.suse.com/1087027"
},
{
"category": "self",
"summary": "SUSE Bug 1087033",
"url": "https://bugzilla.suse.com/1087033"
},
{
"category": "self",
"summary": "SUSE Bug 1087037",
"url": "https://bugzilla.suse.com/1087037"
},
{
"category": "self",
"summary": "SUSE Bug 1087039",
"url": "https://bugzilla.suse.com/1087039"
},
{
"category": "self",
"summary": "SUSE Bug 1087825",
"url": "https://bugzilla.suse.com/1087825"
},
{
"category": "self",
"summary": "SUSE Bug 1089781",
"url": "https://bugzilla.suse.com/1089781"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-1000476 page",
"url": "https://www.suse.com/security/cve/CVE-2017-1000476/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-10928 page",
"url": "https://www.suse.com/security/cve/CVE-2017-10928/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-11450 page",
"url": "https://www.suse.com/security/cve/CVE-2017-11450/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-14325 page",
"url": "https://www.suse.com/security/cve/CVE-2017-14325/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-17887 page",
"url": "https://www.suse.com/security/cve/CVE-2017-17887/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-18250 page",
"url": "https://www.suse.com/security/cve/CVE-2017-18250/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-18251 page",
"url": "https://www.suse.com/security/cve/CVE-2017-18251/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-18252 page",
"url": "https://www.suse.com/security/cve/CVE-2017-18252/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-18254 page",
"url": "https://www.suse.com/security/cve/CVE-2017-18254/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-10177 page",
"url": "https://www.suse.com/security/cve/CVE-2018-10177/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-8960 page",
"url": "https://www.suse.com/security/cve/CVE-2018-8960/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-9018 page",
"url": "https://www.suse.com/security/cve/CVE-2018-9018/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-9135 page",
"url": "https://www.suse.com/security/cve/CVE-2018-9135/"
}
],
"title": "Security update for ImageMagick",
"tracking": {
"current_release_date": "2018-05-09T11:30:27Z",
"generator": {
"date": "2018-05-09T11:30:27Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2018:1178-1",
"initial_release_date": "2018-05-09T11:30:27Z",
"revision_history": [
{
"date": "2018-05-09T11:30:27Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "ImageMagick-6.8.8.1-71.54.5.aarch64",
"product": {
"name": "ImageMagick-6.8.8.1-71.54.5.aarch64",
"product_id": "ImageMagick-6.8.8.1-71.54.5.aarch64"
}
},
{
"category": "product_version",
"name": "ImageMagick-devel-6.8.8.1-71.54.5.aarch64",
"product": {
"name": "ImageMagick-devel-6.8.8.1-71.54.5.aarch64",
"product_id": "ImageMagick-devel-6.8.8.1-71.54.5.aarch64"
}
},
{
"category": "product_version",
"name": "libMagick++-6_Q16-3-6.8.8.1-71.54.5.aarch64",
"product": {
"name": "libMagick++-6_Q16-3-6.8.8.1-71.54.5.aarch64",
"product_id": "libMagick++-6_Q16-3-6.8.8.1-71.54.5.aarch64"
}
},
{
"category": "product_version",
"name": "libMagick++-devel-6.8.8.1-71.54.5.aarch64",
"product": {
"name": "libMagick++-devel-6.8.8.1-71.54.5.aarch64",
"product_id": "libMagick++-devel-6.8.8.1-71.54.5.aarch64"
}
},
{
"category": "product_version",
"name": "perl-PerlMagick-6.8.8.1-71.54.5.aarch64",
"product": {
"name": "perl-PerlMagick-6.8.8.1-71.54.5.aarch64",
"product_id": "perl-PerlMagick-6.8.8.1-71.54.5.aarch64"
}
},
{
"category": "product_version",
"name": "libMagickCore-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"product": {
"name": "libMagickCore-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"product_id": "libMagickCore-6_Q16-1-6.8.8.1-71.54.5.aarch64"
}
},
{
"category": "product_version",
"name": "libMagickWand-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"product": {
"name": "libMagickWand-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"product_id": "libMagickWand-6_Q16-1-6.8.8.1-71.54.5.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "ImageMagick-6.8.8.1-71.54.5.ppc64le",
"product": {
"name": "ImageMagick-6.8.8.1-71.54.5.ppc64le",
"product_id": "ImageMagick-6.8.8.1-71.54.5.ppc64le"
}
},
{
"category": "product_version",
"name": "ImageMagick-devel-6.8.8.1-71.54.5.ppc64le",
"product": {
"name": "ImageMagick-devel-6.8.8.1-71.54.5.ppc64le",
"product_id": "ImageMagick-devel-6.8.8.1-71.54.5.ppc64le"
}
},
{
"category": "product_version",
"name": "libMagick++-6_Q16-3-6.8.8.1-71.54.5.ppc64le",
"product": {
"name": "libMagick++-6_Q16-3-6.8.8.1-71.54.5.ppc64le",
"product_id": "libMagick++-6_Q16-3-6.8.8.1-71.54.5.ppc64le"
}
},
{
"category": "product_version",
"name": "libMagick++-devel-6.8.8.1-71.54.5.ppc64le",
"product": {
"name": "libMagick++-devel-6.8.8.1-71.54.5.ppc64le",
"product_id": "libMagick++-devel-6.8.8.1-71.54.5.ppc64le"
}
},
{
"category": "product_version",
"name": "perl-PerlMagick-6.8.8.1-71.54.5.ppc64le",
"product": {
"name": "perl-PerlMagick-6.8.8.1-71.54.5.ppc64le",
"product_id": "perl-PerlMagick-6.8.8.1-71.54.5.ppc64le"
}
},
{
"category": "product_version",
"name": "libMagickCore-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"product": {
"name": "libMagickCore-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"product_id": "libMagickCore-6_Q16-1-6.8.8.1-71.54.5.ppc64le"
}
},
{
"category": "product_version",
"name": "libMagickWand-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"product": {
"name": "libMagickWand-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"product_id": "libMagickWand-6_Q16-1-6.8.8.1-71.54.5.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "ImageMagick-6.8.8.1-71.54.5.s390x",
"product": {
"name": "ImageMagick-6.8.8.1-71.54.5.s390x",
"product_id": "ImageMagick-6.8.8.1-71.54.5.s390x"
}
},
{
"category": "product_version",
"name": "ImageMagick-devel-6.8.8.1-71.54.5.s390x",
"product": {
"name": "ImageMagick-devel-6.8.8.1-71.54.5.s390x",
"product_id": "ImageMagick-devel-6.8.8.1-71.54.5.s390x"
}
},
{
"category": "product_version",
"name": "libMagick++-6_Q16-3-6.8.8.1-71.54.5.s390x",
"product": {
"name": "libMagick++-6_Q16-3-6.8.8.1-71.54.5.s390x",
"product_id": "libMagick++-6_Q16-3-6.8.8.1-71.54.5.s390x"
}
},
{
"category": "product_version",
"name": "libMagick++-devel-6.8.8.1-71.54.5.s390x",
"product": {
"name": "libMagick++-devel-6.8.8.1-71.54.5.s390x",
"product_id": "libMagick++-devel-6.8.8.1-71.54.5.s390x"
}
},
{
"category": "product_version",
"name": "perl-PerlMagick-6.8.8.1-71.54.5.s390x",
"product": {
"name": "perl-PerlMagick-6.8.8.1-71.54.5.s390x",
"product_id": "perl-PerlMagick-6.8.8.1-71.54.5.s390x"
}
},
{
"category": "product_version",
"name": "libMagickCore-6_Q16-1-6.8.8.1-71.54.5.s390x",
"product": {
"name": "libMagickCore-6_Q16-1-6.8.8.1-71.54.5.s390x",
"product_id": "libMagickCore-6_Q16-1-6.8.8.1-71.54.5.s390x"
}
},
{
"category": "product_version",
"name": "libMagickWand-6_Q16-1-6.8.8.1-71.54.5.s390x",
"product": {
"name": "libMagickWand-6_Q16-1-6.8.8.1-71.54.5.s390x",
"product_id": "libMagickWand-6_Q16-1-6.8.8.1-71.54.5.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "ImageMagick-6.8.8.1-71.54.5.x86_64",
"product": {
"name": "ImageMagick-6.8.8.1-71.54.5.x86_64",
"product_id": "ImageMagick-6.8.8.1-71.54.5.x86_64"
}
},
{
"category": "product_version",
"name": "libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"product": {
"name": "libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"product_id": "libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64"
}
},
{
"category": "product_version",
"name": "libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"product": {
"name": "libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"product_id": "libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64"
}
},
{
"category": "product_version",
"name": "libMagickCore-6_Q16-1-32bit-6.8.8.1-71.54.5.x86_64",
"product": {
"name": "libMagickCore-6_Q16-1-32bit-6.8.8.1-71.54.5.x86_64",
"product_id": "libMagickCore-6_Q16-1-32bit-6.8.8.1-71.54.5.x86_64"
}
},
{
"category": "product_version",
"name": "libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"product": {
"name": "libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"product_id": "libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64"
}
},
{
"category": "product_version",
"name": "ImageMagick-devel-6.8.8.1-71.54.5.x86_64",
"product": {
"name": "ImageMagick-devel-6.8.8.1-71.54.5.x86_64",
"product_id": "ImageMagick-devel-6.8.8.1-71.54.5.x86_64"
}
},
{
"category": "product_version",
"name": "libMagick++-devel-6.8.8.1-71.54.5.x86_64",
"product": {
"name": "libMagick++-devel-6.8.8.1-71.54.5.x86_64",
"product_id": "libMagick++-devel-6.8.8.1-71.54.5.x86_64"
}
},
{
"category": "product_version",
"name": "perl-PerlMagick-6.8.8.1-71.54.5.x86_64",
"product": {
"name": "perl-PerlMagick-6.8.8.1-71.54.5.x86_64",
"product_id": "perl-PerlMagick-6.8.8.1-71.54.5.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Desktop 12 SP3",
"product": {
"name": "SUSE Linux Enterprise Desktop 12 SP3",
"product_id": "SUSE Linux Enterprise Desktop 12 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sled:12:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Software Development Kit 12 SP3",
"product": {
"name": "SUSE Linux Enterprise Software Development Kit 12 SP3",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-sdk:12:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP3",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Workstation Extension 12 SP3",
"product": {
"name": "SUSE Linux Enterprise Workstation Extension 12 SP3",
"product_id": "SUSE Linux Enterprise Workstation Extension 12 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-we:12:sp3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ImageMagick-6.8.8.1-71.54.5.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP3",
"product_id": "SUSE Linux Enterprise Desktop 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64"
},
"product_reference": "ImageMagick-6.8.8.1-71.54.5.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP3",
"product_id": "SUSE Linux Enterprise Desktop 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64"
},
"product_reference": "libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP3",
"product_id": "SUSE Linux Enterprise Desktop 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64"
},
"product_reference": "libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libMagickCore-6_Q16-1-32bit-6.8.8.1-71.54.5.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP3",
"product_id": "SUSE Linux Enterprise Desktop 12 SP3:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.54.5.x86_64"
},
"product_reference": "libMagickCore-6_Q16-1-32bit-6.8.8.1-71.54.5.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP3",
"product_id": "SUSE Linux Enterprise Desktop 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64"
},
"product_reference": "libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ImageMagick-6.8.8.1-71.54.5.aarch64 as component of SUSE Linux Enterprise Software Development Kit 12 SP3",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.aarch64"
},
"product_reference": "ImageMagick-6.8.8.1-71.54.5.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ImageMagick-6.8.8.1-71.54.5.ppc64le as component of SUSE Linux Enterprise Software Development Kit 12 SP3",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.ppc64le"
},
"product_reference": "ImageMagick-6.8.8.1-71.54.5.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ImageMagick-6.8.8.1-71.54.5.s390x as component of SUSE Linux Enterprise Software Development Kit 12 SP3",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.s390x"
},
"product_reference": "ImageMagick-6.8.8.1-71.54.5.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ImageMagick-6.8.8.1-71.54.5.x86_64 as component of SUSE Linux Enterprise Software Development Kit 12 SP3",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64"
},
"product_reference": "ImageMagick-6.8.8.1-71.54.5.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ImageMagick-devel-6.8.8.1-71.54.5.aarch64 as component of SUSE Linux Enterprise Software Development Kit 12 SP3",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.aarch64"
},
"product_reference": "ImageMagick-devel-6.8.8.1-71.54.5.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ImageMagick-devel-6.8.8.1-71.54.5.ppc64le as component of SUSE Linux Enterprise Software Development Kit 12 SP3",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.ppc64le"
},
"product_reference": "ImageMagick-devel-6.8.8.1-71.54.5.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ImageMagick-devel-6.8.8.1-71.54.5.s390x as component of SUSE Linux Enterprise Software Development Kit 12 SP3",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.s390x"
},
"product_reference": "ImageMagick-devel-6.8.8.1-71.54.5.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ImageMagick-devel-6.8.8.1-71.54.5.x86_64 as component of SUSE Linux Enterprise Software Development Kit 12 SP3",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.x86_64"
},
"product_reference": "ImageMagick-devel-6.8.8.1-71.54.5.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libMagick++-6_Q16-3-6.8.8.1-71.54.5.aarch64 as component of SUSE Linux Enterprise Software Development Kit 12 SP3",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.aarch64"
},
"product_reference": "libMagick++-6_Q16-3-6.8.8.1-71.54.5.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libMagick++-6_Q16-3-6.8.8.1-71.54.5.ppc64le as component of SUSE Linux Enterprise Software Development Kit 12 SP3",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.ppc64le"
},
"product_reference": "libMagick++-6_Q16-3-6.8.8.1-71.54.5.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libMagick++-6_Q16-3-6.8.8.1-71.54.5.s390x as component of SUSE Linux Enterprise Software Development Kit 12 SP3",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.s390x"
},
"product_reference": "libMagick++-6_Q16-3-6.8.8.1-71.54.5.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64 as component of SUSE Linux Enterprise Software Development Kit 12 SP3",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64"
},
"product_reference": "libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libMagick++-devel-6.8.8.1-71.54.5.aarch64 as component of SUSE Linux Enterprise Software Development Kit 12 SP3",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.aarch64"
},
"product_reference": "libMagick++-devel-6.8.8.1-71.54.5.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libMagick++-devel-6.8.8.1-71.54.5.ppc64le as component of SUSE Linux Enterprise Software Development Kit 12 SP3",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.ppc64le"
},
"product_reference": "libMagick++-devel-6.8.8.1-71.54.5.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libMagick++-devel-6.8.8.1-71.54.5.s390x as component of SUSE Linux Enterprise Software Development Kit 12 SP3",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.s390x"
},
"product_reference": "libMagick++-devel-6.8.8.1-71.54.5.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libMagick++-devel-6.8.8.1-71.54.5.x86_64 as component of SUSE Linux Enterprise Software Development Kit 12 SP3",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.x86_64"
},
"product_reference": "libMagick++-devel-6.8.8.1-71.54.5.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-PerlMagick-6.8.8.1-71.54.5.aarch64 as component of SUSE Linux Enterprise Software Development Kit 12 SP3",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.aarch64"
},
"product_reference": "perl-PerlMagick-6.8.8.1-71.54.5.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-PerlMagick-6.8.8.1-71.54.5.ppc64le as component of SUSE Linux Enterprise Software Development Kit 12 SP3",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.ppc64le"
},
"product_reference": "perl-PerlMagick-6.8.8.1-71.54.5.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-PerlMagick-6.8.8.1-71.54.5.s390x as component of SUSE Linux Enterprise Software Development Kit 12 SP3",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.s390x"
},
"product_reference": "perl-PerlMagick-6.8.8.1-71.54.5.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-PerlMagick-6.8.8.1-71.54.5.x86_64 as component of SUSE Linux Enterprise Software Development Kit 12 SP3",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.x86_64"
},
"product_reference": "perl-PerlMagick-6.8.8.1-71.54.5.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libMagickCore-6_Q16-1-6.8.8.1-71.54.5.aarch64 as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.aarch64"
},
"product_reference": "libMagickCore-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libMagickCore-6_Q16-1-6.8.8.1-71.54.5.ppc64le as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.ppc64le"
},
"product_reference": "libMagickCore-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libMagickCore-6_Q16-1-6.8.8.1-71.54.5.s390x as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.s390x"
},
"product_reference": "libMagickCore-6_Q16-1-6.8.8.1-71.54.5.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64 as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64"
},
"product_reference": "libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libMagickWand-6_Q16-1-6.8.8.1-71.54.5.aarch64 as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.aarch64"
},
"product_reference": "libMagickWand-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libMagickWand-6_Q16-1-6.8.8.1-71.54.5.ppc64le as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.ppc64le"
},
"product_reference": "libMagickWand-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libMagickWand-6_Q16-1-6.8.8.1-71.54.5.s390x as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.s390x"
},
"product_reference": "libMagickWand-6_Q16-1-6.8.8.1-71.54.5.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64 as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64"
},
"product_reference": "libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libMagickCore-6_Q16-1-6.8.8.1-71.54.5.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.aarch64"
},
"product_reference": "libMagickCore-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libMagickCore-6_Q16-1-6.8.8.1-71.54.5.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.ppc64le"
},
"product_reference": "libMagickCore-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libMagickCore-6_Q16-1-6.8.8.1-71.54.5.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.s390x"
},
"product_reference": "libMagickCore-6_Q16-1-6.8.8.1-71.54.5.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64"
},
"product_reference": "libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libMagickWand-6_Q16-1-6.8.8.1-71.54.5.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.aarch64"
},
"product_reference": "libMagickWand-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libMagickWand-6_Q16-1-6.8.8.1-71.54.5.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.ppc64le"
},
"product_reference": "libMagickWand-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libMagickWand-6_Q16-1-6.8.8.1-71.54.5.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.s390x"
},
"product_reference": "libMagickWand-6_Q16-1-6.8.8.1-71.54.5.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64"
},
"product_reference": "libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ImageMagick-6.8.8.1-71.54.5.x86_64 as component of SUSE Linux Enterprise Workstation Extension 12 SP3",
"product_id": "SUSE Linux Enterprise Workstation Extension 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64"
},
"product_reference": "ImageMagick-6.8.8.1-71.54.5.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Workstation Extension 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64 as component of SUSE Linux Enterprise Workstation Extension 12 SP3",
"product_id": "SUSE Linux Enterprise Workstation Extension 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64"
},
"product_reference": "libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Workstation Extension 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libMagickCore-6_Q16-1-32bit-6.8.8.1-71.54.5.x86_64 as component of SUSE Linux Enterprise Workstation Extension 12 SP3",
"product_id": "SUSE Linux Enterprise Workstation Extension 12 SP3:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.54.5.x86_64"
},
"product_reference": "libMagickCore-6_Q16-1-32bit-6.8.8.1-71.54.5.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Workstation Extension 12 SP3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-1000476",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-1000476"
}
],
"notes": [
{
"category": "general",
"text": "ImageMagick 7.0.7-12 Q16, a CPU exhaustion vulnerability was found in the function ReadDDSInfo in coders/dds.c, which allows attackers to cause a denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.54.5.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-1000476",
"url": "https://www.suse.com/security/cve/CVE-2017-1000476"
},
{
"category": "external",
"summary": "SUSE Bug 1074610 for CVE-2017-1000476",
"url": "https://bugzilla.suse.com/1074610"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.54.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.54.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-05-09T11:30:27Z",
"details": "important"
}
],
"title": "CVE-2017-1000476"
},
{
"cve": "CVE-2017-10928",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-10928"
}
],
"notes": [
{
"category": "general",
"text": "In ImageMagick 7.0.6-0, a heap-based buffer over-read in the GetNextToken function in token.c allows remote attackers to obtain sensitive information from process memory or possibly have unspecified other impact via a crafted SVG document that is mishandled in the GetUserSpaceCoordinateValue function in coders/svg.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.54.5.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-10928",
"url": "https://www.suse.com/security/cve/CVE-2017-10928"
},
{
"category": "external",
"summary": "SUSE Bug 1047356 for CVE-2017-10928",
"url": "https://bugzilla.suse.com/1047356"
},
{
"category": "external",
"summary": "SUSE Bug 1047359 for CVE-2017-10928",
"url": "https://bugzilla.suse.com/1047359"
},
{
"category": "external",
"summary": "SUSE Bug 1056277 for CVE-2017-10928",
"url": "https://bugzilla.suse.com/1056277"
},
{
"category": "external",
"summary": "SUSE Bug 1060176 for CVE-2017-10928",
"url": "https://bugzilla.suse.com/1060176"
},
{
"category": "external",
"summary": "SUSE Bug 1096261 for CVE-2017-10928",
"url": "https://bugzilla.suse.com/1096261"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.54.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.54.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-05-09T11:30:27Z",
"details": "moderate"
}
],
"title": "CVE-2017-10928"
},
{
"cve": "CVE-2017-11450",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-11450"
}
],
"notes": [
{
"category": "general",
"text": "coders/jpeg.c in ImageMagick before 7.0.6-1 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via JPEG data that is too short.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.54.5.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-11450",
"url": "https://www.suse.com/security/cve/CVE-2017-11450"
},
{
"category": "external",
"summary": "SUSE Bug 1049374 for CVE-2017-11450",
"url": "https://bugzilla.suse.com/1049374"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.54.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.54.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-05-09T11:30:27Z",
"details": "moderate"
}
],
"title": "CVE-2017-11450"
},
{
"cve": "CVE-2017-14325",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-14325"
}
],
"notes": [
{
"category": "general",
"text": "In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in the function PersistPixelCache in magick/cache.c, which allows attackers to cause a denial of service (memory consumption in ReadMPCImage in coders/mpc.c) via a crafted file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.54.5.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-14325",
"url": "https://www.suse.com/security/cve/CVE-2017-14325"
},
{
"category": "external",
"summary": "SUSE Bug 1058635 for CVE-2017-14325",
"url": "https://bugzilla.suse.com/1058635"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.54.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.54.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-05-09T11:30:27Z",
"details": "low"
}
],
"title": "CVE-2017-14325"
},
{
"cve": "CVE-2017-17887",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-17887"
}
],
"notes": [
{
"category": "general",
"text": "In ImageMagick 7.0.7-16 Q16, a memory leak vulnerability was found in the function GetImagePixelCache in magick/cache.c, which allows attackers to cause a denial of service via a crafted MNG image file that is processed by ReadOneMNGImage.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.54.5.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-17887",
"url": "https://www.suse.com/security/cve/CVE-2017-17887"
},
{
"category": "external",
"summary": "SUSE Bug 1074117 for CVE-2017-17887",
"url": "https://bugzilla.suse.com/1074117"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.54.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.54.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-05-09T11:30:27Z",
"details": "moderate"
}
],
"title": "CVE-2017-17887"
},
{
"cve": "CVE-2017-18250",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-18250"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in ImageMagick 7.0.7. A NULL pointer dereference vulnerability was found in the function LogOpenCLBuildFailure in MagickCore/opencl.c, which allows attackers to cause a denial of service via a crafted file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.54.5.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-18250",
"url": "https://www.suse.com/security/cve/CVE-2017-18250"
},
{
"category": "external",
"summary": "SUSE Bug 1087039 for CVE-2017-18250",
"url": "https://bugzilla.suse.com/1087039"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.54.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.54.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-05-09T11:30:27Z",
"details": "low"
}
],
"title": "CVE-2017-18250"
},
{
"cve": "CVE-2017-18251",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-18251"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in ImageMagick 7.0.7. A memory leak vulnerability was found in the function ReadPCDImage in coders/pcd.c, which allow remote attackers to cause a denial of service via a crafted file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.54.5.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-18251",
"url": "https://www.suse.com/security/cve/CVE-2017-18251"
},
{
"category": "external",
"summary": "SUSE Bug 1087037 for CVE-2017-18251",
"url": "https://bugzilla.suse.com/1087037"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.54.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.54.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-05-09T11:30:27Z",
"details": "low"
}
],
"title": "CVE-2017-18251"
},
{
"cve": "CVE-2017-18252",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-18252"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in ImageMagick 7.0.7. The MogrifyImageList function in MagickWand/mogrify.c allows attackers to cause a denial of service (assertion failure and application exit in ReplaceImageInList) via a crafted file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.54.5.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-18252",
"url": "https://www.suse.com/security/cve/CVE-2017-18252"
},
{
"category": "external",
"summary": "SUSE Bug 1087033 for CVE-2017-18252",
"url": "https://bugzilla.suse.com/1087033"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.54.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.54.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-05-09T11:30:27Z",
"details": "low"
}
],
"title": "CVE-2017-18252"
},
{
"cve": "CVE-2017-18254",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-18254"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in ImageMagick 7.0.7. A memory leak vulnerability was found in the function WriteGIFImage in coders/gif.c, which allow remote attackers to cause a denial of service via a crafted file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.54.5.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-18254",
"url": "https://www.suse.com/security/cve/CVE-2017-18254"
},
{
"category": "external",
"summary": "SUSE Bug 1087027 for CVE-2017-18254",
"url": "https://bugzilla.suse.com/1087027"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.54.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.54.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-05-09T11:30:27Z",
"details": "low"
}
],
"title": "CVE-2017-18254"
},
{
"cve": "CVE-2018-10177",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-10177"
}
],
"notes": [
{
"category": "general",
"text": "In ImageMagick 7.0.7-28, there is an infinite loop in the ReadOneMNGImage function of the coders/png.c file. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted mng file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.54.5.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-10177",
"url": "https://www.suse.com/security/cve/CVE-2018-10177"
},
{
"category": "external",
"summary": "SUSE Bug 1089781 for CVE-2018-10177",
"url": "https://bugzilla.suse.com/1089781"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.54.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.54.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-05-09T11:30:27Z",
"details": "moderate"
}
],
"title": "CVE-2018-10177"
},
{
"cve": "CVE-2018-8960",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-8960"
}
],
"notes": [
{
"category": "general",
"text": "The ReadTIFFImage function in coders/tiff.c in ImageMagick 7.0.7-26 Q16 does not properly restrict memory allocation, leading to a heap-based buffer over-read.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.54.5.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-8960",
"url": "https://www.suse.com/security/cve/CVE-2018-8960"
},
{
"category": "external",
"summary": "SUSE Bug 1086782 for CVE-2018-8960",
"url": "https://bugzilla.suse.com/1086782"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.54.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.54.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-05-09T11:30:27Z",
"details": "low"
}
],
"title": "CVE-2018-8960"
},
{
"cve": "CVE-2018-9018",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-9018"
}
],
"notes": [
{
"category": "general",
"text": "In GraphicsMagick 1.3.28, there is a divide-by-zero in the ReadMNGImage function of coders/png.c. Remote attackers could leverage this vulnerability to cause a crash and denial of service via a crafted mng file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.54.5.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-9018",
"url": "https://www.suse.com/security/cve/CVE-2018-9018"
},
{
"category": "external",
"summary": "SUSE Bug 1086773 for CVE-2018-9018",
"url": "https://bugzilla.suse.com/1086773"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.54.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.54.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-05-09T11:30:27Z",
"details": "low"
}
],
"title": "CVE-2018-9018"
},
{
"cve": "CVE-2018-9135",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-9135"
}
],
"notes": [
{
"category": "general",
"text": "In ImageMagick 7.0.7-24 Q16, there is a heap-based buffer over-read in IsWEBPImageLossless in coders/webp.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.54.5.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-9135",
"url": "https://www.suse.com/security/cve/CVE-2018-9135"
},
{
"category": "external",
"summary": "SUSE Bug 1087825 for CVE-2018-9135",
"url": "https://bugzilla.suse.com/1087825"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.54.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickCore-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:libMagickWand-6_Q16-1-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:ImageMagick-devel-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:libMagick++-devel-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:perl-PerlMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:ImageMagick-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:libMagick++-6_Q16-3-6.8.8.1-71.54.5.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:libMagickCore-6_Q16-1-32bit-6.8.8.1-71.54.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-05-09T11:30:27Z",
"details": "important"
}
],
"title": "CVE-2018-9135"
}
]
}
suse-su-2018:1129-1
Vulnerability from csaf_suse
Published
2018-05-02 13:50
Modified
2018-05-02 13:50
Summary
Security update for ImageMagick
Notes
Title of the patch
Security update for ImageMagick
Description of the patch
This update for ImageMagick fixes the following issues:
- security update (png.c)
* CVE-2018-9018: divide-by-zero in the ReadMNGImage function of coders/png.c.
Attackers could leverage this vulnerability to cause a crash and denial of service
via a crafted mng file. [bsc#1086773]
* CVE-2018-10177: there is an infinite loop in the ReadOneMNGImagefunction of the coders/png.c file. Remote attackers could leverage thisvulnerability to cause a denial of service (bsc#1089781)
- security update (wand)
* CVE-2017-18252: The MogrifyImageList function in MagickWand/mogrify.c could allow
attackers to cause a denial of service via a crafted file. [bsc#1087033]
- security update (gif.c)
* CVE-2017-18254: A memory leak vulnerability was found in the function WriteGIFImage in coders/gif.c,
which could lead to denial of service via a crafted file. [bsc#1087027]
- security update (core)
* CVE-2017-10928: a heap-based buffer over-read in the GetNextToken function in token.c
could allow attackers to obtain sensitive information from process memory or possibly have
unspecified other impact via a crafted SVG document that is mishandled in the
GetUserSpaceCoordinateValue function in coders/svg.c. [bsc#1047356]
- security update (pcd.c)
* CVE-2017-18251: A memory leak vulnerability was found in the function ReadPCDImage in coders/pcd.c,
which could lead to a denial of service via a crafted file. [bsc#1087037]
- security update (gif.c)
* CVE-2017-18254: A memory leak vulnerability was found in the function WriteGIFImage in coders/gif.c, which could lead to denial of service via a crafted file. [bsc#1087027]
- security update (tiff.c)
* CVE-2018-8960: The ReadTIFFImage function in coders/tiff.c in ImageMagick memory allocation issue could lead to denial of service (bsc#1086782)
Patchnames
sdksp4-ImageMagick-13586,slessp4-ImageMagick-13586
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for ImageMagick",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for ImageMagick fixes the following issues:\n\n\n- security update (png.c)\n * CVE-2018-9018: divide-by-zero in the ReadMNGImage function of coders/png.c. \n Attackers could leverage this vulnerability to cause a crash and denial of service \n via a crafted mng file. [bsc#1086773]\n * CVE-2018-10177: there is an infinite loop in the ReadOneMNGImagefunction of the coders/png.c file. Remote attackers could leverage thisvulnerability to cause a denial of service (bsc#1089781)\n\n- security update (wand)\n * CVE-2017-18252: The MogrifyImageList function in MagickWand/mogrify.c could allow \n attackers to cause a denial of service via a crafted file. [bsc#1087033]\n\n- security update (gif.c)\n * CVE-2017-18254: A memory leak vulnerability was found in the function WriteGIFImage in coders/gif.c, \n which could lead to denial of service via a crafted file. [bsc#1087027]\n\n- security update (core)\n * CVE-2017-10928: a heap-based buffer over-read in the GetNextToken function in token.c \n could allow attackers to obtain sensitive information from process memory or possibly have \n unspecified other impact via a crafted SVG document that is mishandled in the \n GetUserSpaceCoordinateValue function in coders/svg.c. [bsc#1047356]\n\n- security update (pcd.c)\n * CVE-2017-18251: A memory leak vulnerability was found in the function ReadPCDImage in coders/pcd.c, \n which could lead to a denial of service via a crafted file. [bsc#1087037]\n\n- security update (gif.c)\n * CVE-2017-18254: A memory leak vulnerability was found in the function WriteGIFImage in coders/gif.c, which could lead to denial of service via a crafted file. [bsc#1087027]\n\n- security update (tiff.c)\n * CVE-2018-8960: The ReadTIFFImage function in coders/tiff.c in ImageMagick memory allocation issue could lead to denial of service (bsc#1086782)\n\n\n\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "sdksp4-ImageMagick-13586,slessp4-ImageMagick-13586",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_1129-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2018:1129-1",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181129-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2018:1129-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2018-May/003971.html"
},
{
"category": "self",
"summary": "SUSE Bug 1047356",
"url": "https://bugzilla.suse.com/1047356"
},
{
"category": "self",
"summary": "SUSE Bug 1086773",
"url": "https://bugzilla.suse.com/1086773"
},
{
"category": "self",
"summary": "SUSE Bug 1086782",
"url": "https://bugzilla.suse.com/1086782"
},
{
"category": "self",
"summary": "SUSE Bug 1087027",
"url": "https://bugzilla.suse.com/1087027"
},
{
"category": "self",
"summary": "SUSE Bug 1087033",
"url": "https://bugzilla.suse.com/1087033"
},
{
"category": "self",
"summary": "SUSE Bug 1087037",
"url": "https://bugzilla.suse.com/1087037"
},
{
"category": "self",
"summary": "SUSE Bug 1089781",
"url": "https://bugzilla.suse.com/1089781"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-1000476 page",
"url": "https://www.suse.com/security/cve/CVE-2017-1000476/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-10928 page",
"url": "https://www.suse.com/security/cve/CVE-2017-10928/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-18251 page",
"url": "https://www.suse.com/security/cve/CVE-2017-18251/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-18252 page",
"url": "https://www.suse.com/security/cve/CVE-2017-18252/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-18254 page",
"url": "https://www.suse.com/security/cve/CVE-2017-18254/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-10177 page",
"url": "https://www.suse.com/security/cve/CVE-2018-10177/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-8960 page",
"url": "https://www.suse.com/security/cve/CVE-2018-8960/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-9018 page",
"url": "https://www.suse.com/security/cve/CVE-2018-9018/"
}
],
"title": "Security update for ImageMagick",
"tracking": {
"current_release_date": "2018-05-02T13:50:19Z",
"generator": {
"date": "2018-05-02T13:50:19Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2018:1129-1",
"initial_release_date": "2018-05-02T13:50:19Z",
"revision_history": [
{
"date": "2018-05-02T13:50:19Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "ImageMagick-6.4.3.6-78.45.1.i586",
"product": {
"name": "ImageMagick-6.4.3.6-78.45.1.i586",
"product_id": "ImageMagick-6.4.3.6-78.45.1.i586"
}
},
{
"category": "product_version",
"name": "ImageMagick-devel-6.4.3.6-78.45.1.i586",
"product": {
"name": "ImageMagick-devel-6.4.3.6-78.45.1.i586",
"product_id": "ImageMagick-devel-6.4.3.6-78.45.1.i586"
}
},
{
"category": "product_version",
"name": "libMagick++-devel-6.4.3.6-78.45.1.i586",
"product": {
"name": "libMagick++-devel-6.4.3.6-78.45.1.i586",
"product_id": "libMagick++-devel-6.4.3.6-78.45.1.i586"
}
},
{
"category": "product_version",
"name": "libMagick++1-6.4.3.6-78.45.1.i586",
"product": {
"name": "libMagick++1-6.4.3.6-78.45.1.i586",
"product_id": "libMagick++1-6.4.3.6-78.45.1.i586"
}
},
{
"category": "product_version",
"name": "libMagickWand1-6.4.3.6-78.45.1.i586",
"product": {
"name": "libMagickWand1-6.4.3.6-78.45.1.i586",
"product_id": "libMagickWand1-6.4.3.6-78.45.1.i586"
}
},
{
"category": "product_version",
"name": "perl-PerlMagick-6.4.3.6-78.45.1.i586",
"product": {
"name": "perl-PerlMagick-6.4.3.6-78.45.1.i586",
"product_id": "perl-PerlMagick-6.4.3.6-78.45.1.i586"
}
},
{
"category": "product_version",
"name": "libMagickCore1-6.4.3.6-78.45.1.i586",
"product": {
"name": "libMagickCore1-6.4.3.6-78.45.1.i586",
"product_id": "libMagickCore1-6.4.3.6-78.45.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "ImageMagick-6.4.3.6-78.45.1.ia64",
"product": {
"name": "ImageMagick-6.4.3.6-78.45.1.ia64",
"product_id": "ImageMagick-6.4.3.6-78.45.1.ia64"
}
},
{
"category": "product_version",
"name": "ImageMagick-devel-6.4.3.6-78.45.1.ia64",
"product": {
"name": "ImageMagick-devel-6.4.3.6-78.45.1.ia64",
"product_id": "ImageMagick-devel-6.4.3.6-78.45.1.ia64"
}
},
{
"category": "product_version",
"name": "libMagick++-devel-6.4.3.6-78.45.1.ia64",
"product": {
"name": "libMagick++-devel-6.4.3.6-78.45.1.ia64",
"product_id": "libMagick++-devel-6.4.3.6-78.45.1.ia64"
}
},
{
"category": "product_version",
"name": "libMagick++1-6.4.3.6-78.45.1.ia64",
"product": {
"name": "libMagick++1-6.4.3.6-78.45.1.ia64",
"product_id": "libMagick++1-6.4.3.6-78.45.1.ia64"
}
},
{
"category": "product_version",
"name": "libMagickWand1-6.4.3.6-78.45.1.ia64",
"product": {
"name": "libMagickWand1-6.4.3.6-78.45.1.ia64",
"product_id": "libMagickWand1-6.4.3.6-78.45.1.ia64"
}
},
{
"category": "product_version",
"name": "perl-PerlMagick-6.4.3.6-78.45.1.ia64",
"product": {
"name": "perl-PerlMagick-6.4.3.6-78.45.1.ia64",
"product_id": "perl-PerlMagick-6.4.3.6-78.45.1.ia64"
}
},
{
"category": "product_version",
"name": "libMagickCore1-6.4.3.6-78.45.1.ia64",
"product": {
"name": "libMagickCore1-6.4.3.6-78.45.1.ia64",
"product_id": "libMagickCore1-6.4.3.6-78.45.1.ia64"
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "ImageMagick-6.4.3.6-78.45.1.ppc64",
"product": {
"name": "ImageMagick-6.4.3.6-78.45.1.ppc64",
"product_id": "ImageMagick-6.4.3.6-78.45.1.ppc64"
}
},
{
"category": "product_version",
"name": "ImageMagick-devel-6.4.3.6-78.45.1.ppc64",
"product": {
"name": "ImageMagick-devel-6.4.3.6-78.45.1.ppc64",
"product_id": "ImageMagick-devel-6.4.3.6-78.45.1.ppc64"
}
},
{
"category": "product_version",
"name": "libMagick++-devel-6.4.3.6-78.45.1.ppc64",
"product": {
"name": "libMagick++-devel-6.4.3.6-78.45.1.ppc64",
"product_id": "libMagick++-devel-6.4.3.6-78.45.1.ppc64"
}
},
{
"category": "product_version",
"name": "libMagick++1-6.4.3.6-78.45.1.ppc64",
"product": {
"name": "libMagick++1-6.4.3.6-78.45.1.ppc64",
"product_id": "libMagick++1-6.4.3.6-78.45.1.ppc64"
}
},
{
"category": "product_version",
"name": "libMagickWand1-6.4.3.6-78.45.1.ppc64",
"product": {
"name": "libMagickWand1-6.4.3.6-78.45.1.ppc64",
"product_id": "libMagickWand1-6.4.3.6-78.45.1.ppc64"
}
},
{
"category": "product_version",
"name": "libMagickWand1-32bit-6.4.3.6-78.45.1.ppc64",
"product": {
"name": "libMagickWand1-32bit-6.4.3.6-78.45.1.ppc64",
"product_id": "libMagickWand1-32bit-6.4.3.6-78.45.1.ppc64"
}
},
{
"category": "product_version",
"name": "perl-PerlMagick-6.4.3.6-78.45.1.ppc64",
"product": {
"name": "perl-PerlMagick-6.4.3.6-78.45.1.ppc64",
"product_id": "perl-PerlMagick-6.4.3.6-78.45.1.ppc64"
}
},
{
"category": "product_version",
"name": "libMagickCore1-6.4.3.6-78.45.1.ppc64",
"product": {
"name": "libMagickCore1-6.4.3.6-78.45.1.ppc64",
"product_id": "libMagickCore1-6.4.3.6-78.45.1.ppc64"
}
},
{
"category": "product_version",
"name": "libMagickCore1-32bit-6.4.3.6-78.45.1.ppc64",
"product": {
"name": "libMagickCore1-32bit-6.4.3.6-78.45.1.ppc64",
"product_id": "libMagickCore1-32bit-6.4.3.6-78.45.1.ppc64"
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "ImageMagick-6.4.3.6-78.45.1.s390x",
"product": {
"name": "ImageMagick-6.4.3.6-78.45.1.s390x",
"product_id": "ImageMagick-6.4.3.6-78.45.1.s390x"
}
},
{
"category": "product_version",
"name": "ImageMagick-devel-6.4.3.6-78.45.1.s390x",
"product": {
"name": "ImageMagick-devel-6.4.3.6-78.45.1.s390x",
"product_id": "ImageMagick-devel-6.4.3.6-78.45.1.s390x"
}
},
{
"category": "product_version",
"name": "libMagick++-devel-6.4.3.6-78.45.1.s390x",
"product": {
"name": "libMagick++-devel-6.4.3.6-78.45.1.s390x",
"product_id": "libMagick++-devel-6.4.3.6-78.45.1.s390x"
}
},
{
"category": "product_version",
"name": "libMagick++1-6.4.3.6-78.45.1.s390x",
"product": {
"name": "libMagick++1-6.4.3.6-78.45.1.s390x",
"product_id": "libMagick++1-6.4.3.6-78.45.1.s390x"
}
},
{
"category": "product_version",
"name": "libMagickWand1-6.4.3.6-78.45.1.s390x",
"product": {
"name": "libMagickWand1-6.4.3.6-78.45.1.s390x",
"product_id": "libMagickWand1-6.4.3.6-78.45.1.s390x"
}
},
{
"category": "product_version",
"name": "libMagickWand1-32bit-6.4.3.6-78.45.1.s390x",
"product": {
"name": "libMagickWand1-32bit-6.4.3.6-78.45.1.s390x",
"product_id": "libMagickWand1-32bit-6.4.3.6-78.45.1.s390x"
}
},
{
"category": "product_version",
"name": "perl-PerlMagick-6.4.3.6-78.45.1.s390x",
"product": {
"name": "perl-PerlMagick-6.4.3.6-78.45.1.s390x",
"product_id": "perl-PerlMagick-6.4.3.6-78.45.1.s390x"
}
},
{
"category": "product_version",
"name": "libMagickCore1-6.4.3.6-78.45.1.s390x",
"product": {
"name": "libMagickCore1-6.4.3.6-78.45.1.s390x",
"product_id": "libMagickCore1-6.4.3.6-78.45.1.s390x"
}
},
{
"category": "product_version",
"name": "libMagickCore1-32bit-6.4.3.6-78.45.1.s390x",
"product": {
"name": "libMagickCore1-32bit-6.4.3.6-78.45.1.s390x",
"product_id": "libMagickCore1-32bit-6.4.3.6-78.45.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "ImageMagick-6.4.3.6-78.45.1.x86_64",
"product": {
"name": "ImageMagick-6.4.3.6-78.45.1.x86_64",
"product_id": "ImageMagick-6.4.3.6-78.45.1.x86_64"
}
},
{
"category": "product_version",
"name": "ImageMagick-devel-6.4.3.6-78.45.1.x86_64",
"product": {
"name": "ImageMagick-devel-6.4.3.6-78.45.1.x86_64",
"product_id": "ImageMagick-devel-6.4.3.6-78.45.1.x86_64"
}
},
{
"category": "product_version",
"name": "libMagick++-devel-6.4.3.6-78.45.1.x86_64",
"product": {
"name": "libMagick++-devel-6.4.3.6-78.45.1.x86_64",
"product_id": "libMagick++-devel-6.4.3.6-78.45.1.x86_64"
}
},
{
"category": "product_version",
"name": "libMagick++1-6.4.3.6-78.45.1.x86_64",
"product": {
"name": "libMagick++1-6.4.3.6-78.45.1.x86_64",
"product_id": "libMagick++1-6.4.3.6-78.45.1.x86_64"
}
},
{
"category": "product_version",
"name": "libMagickWand1-6.4.3.6-78.45.1.x86_64",
"product": {
"name": "libMagickWand1-6.4.3.6-78.45.1.x86_64",
"product_id": "libMagickWand1-6.4.3.6-78.45.1.x86_64"
}
},
{
"category": "product_version",
"name": "libMagickWand1-32bit-6.4.3.6-78.45.1.x86_64",
"product": {
"name": "libMagickWand1-32bit-6.4.3.6-78.45.1.x86_64",
"product_id": "libMagickWand1-32bit-6.4.3.6-78.45.1.x86_64"
}
},
{
"category": "product_version",
"name": "perl-PerlMagick-6.4.3.6-78.45.1.x86_64",
"product": {
"name": "perl-PerlMagick-6.4.3.6-78.45.1.x86_64",
"product_id": "perl-PerlMagick-6.4.3.6-78.45.1.x86_64"
}
},
{
"category": "product_version",
"name": "libMagickCore1-6.4.3.6-78.45.1.x86_64",
"product": {
"name": "libMagickCore1-6.4.3.6-78.45.1.x86_64",
"product_id": "libMagickCore1-6.4.3.6-78.45.1.x86_64"
}
},
{
"category": "product_version",
"name": "libMagickCore1-32bit-6.4.3.6-78.45.1.x86_64",
"product": {
"name": "libMagickCore1-32bit-6.4.3.6-78.45.1.x86_64",
"product_id": "libMagickCore1-32bit-6.4.3.6-78.45.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Software Development Kit 11 SP4",
"product": {
"name": "SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_identification_helper": {
"cpe": "cpe:/a:suse:sle-sdk:11:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 11 SP4",
"product": {
"name": "SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_sles:11:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:11:sp4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ImageMagick-6.4.3.6-78.45.1.i586 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.i586"
},
"product_reference": "ImageMagick-6.4.3.6-78.45.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ImageMagick-6.4.3.6-78.45.1.ia64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.ia64"
},
"product_reference": "ImageMagick-6.4.3.6-78.45.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ImageMagick-6.4.3.6-78.45.1.ppc64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.ppc64"
},
"product_reference": "ImageMagick-6.4.3.6-78.45.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ImageMagick-6.4.3.6-78.45.1.s390x as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.s390x"
},
"product_reference": "ImageMagick-6.4.3.6-78.45.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ImageMagick-6.4.3.6-78.45.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.x86_64"
},
"product_reference": "ImageMagick-6.4.3.6-78.45.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ImageMagick-devel-6.4.3.6-78.45.1.i586 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.i586"
},
"product_reference": "ImageMagick-devel-6.4.3.6-78.45.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ImageMagick-devel-6.4.3.6-78.45.1.ia64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.ia64"
},
"product_reference": "ImageMagick-devel-6.4.3.6-78.45.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ImageMagick-devel-6.4.3.6-78.45.1.ppc64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.ppc64"
},
"product_reference": "ImageMagick-devel-6.4.3.6-78.45.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ImageMagick-devel-6.4.3.6-78.45.1.s390x as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.s390x"
},
"product_reference": "ImageMagick-devel-6.4.3.6-78.45.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ImageMagick-devel-6.4.3.6-78.45.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.x86_64"
},
"product_reference": "ImageMagick-devel-6.4.3.6-78.45.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libMagick++-devel-6.4.3.6-78.45.1.i586 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.i586"
},
"product_reference": "libMagick++-devel-6.4.3.6-78.45.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libMagick++-devel-6.4.3.6-78.45.1.ia64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.ia64"
},
"product_reference": "libMagick++-devel-6.4.3.6-78.45.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libMagick++-devel-6.4.3.6-78.45.1.ppc64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.ppc64"
},
"product_reference": "libMagick++-devel-6.4.3.6-78.45.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libMagick++-devel-6.4.3.6-78.45.1.s390x as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.s390x"
},
"product_reference": "libMagick++-devel-6.4.3.6-78.45.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libMagick++-devel-6.4.3.6-78.45.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.x86_64"
},
"product_reference": "libMagick++-devel-6.4.3.6-78.45.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libMagick++1-6.4.3.6-78.45.1.i586 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.i586"
},
"product_reference": "libMagick++1-6.4.3.6-78.45.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libMagick++1-6.4.3.6-78.45.1.ia64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.ia64"
},
"product_reference": "libMagick++1-6.4.3.6-78.45.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libMagick++1-6.4.3.6-78.45.1.ppc64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.ppc64"
},
"product_reference": "libMagick++1-6.4.3.6-78.45.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libMagick++1-6.4.3.6-78.45.1.s390x as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.s390x"
},
"product_reference": "libMagick++1-6.4.3.6-78.45.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libMagick++1-6.4.3.6-78.45.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.x86_64"
},
"product_reference": "libMagick++1-6.4.3.6-78.45.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libMagickWand1-6.4.3.6-78.45.1.i586 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.i586"
},
"product_reference": "libMagickWand1-6.4.3.6-78.45.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libMagickWand1-6.4.3.6-78.45.1.ia64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.ia64"
},
"product_reference": "libMagickWand1-6.4.3.6-78.45.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libMagickWand1-6.4.3.6-78.45.1.ppc64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.ppc64"
},
"product_reference": "libMagickWand1-6.4.3.6-78.45.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libMagickWand1-6.4.3.6-78.45.1.s390x as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.s390x"
},
"product_reference": "libMagickWand1-6.4.3.6-78.45.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libMagickWand1-6.4.3.6-78.45.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.x86_64"
},
"product_reference": "libMagickWand1-6.4.3.6-78.45.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libMagickWand1-32bit-6.4.3.6-78.45.1.ppc64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-32bit-6.4.3.6-78.45.1.ppc64"
},
"product_reference": "libMagickWand1-32bit-6.4.3.6-78.45.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libMagickWand1-32bit-6.4.3.6-78.45.1.s390x as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-32bit-6.4.3.6-78.45.1.s390x"
},
"product_reference": "libMagickWand1-32bit-6.4.3.6-78.45.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libMagickWand1-32bit-6.4.3.6-78.45.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-32bit-6.4.3.6-78.45.1.x86_64"
},
"product_reference": "libMagickWand1-32bit-6.4.3.6-78.45.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-PerlMagick-6.4.3.6-78.45.1.i586 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.i586"
},
"product_reference": "perl-PerlMagick-6.4.3.6-78.45.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-PerlMagick-6.4.3.6-78.45.1.ia64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.ia64"
},
"product_reference": "perl-PerlMagick-6.4.3.6-78.45.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-PerlMagick-6.4.3.6-78.45.1.ppc64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.ppc64"
},
"product_reference": "perl-PerlMagick-6.4.3.6-78.45.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-PerlMagick-6.4.3.6-78.45.1.s390x as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.s390x"
},
"product_reference": "perl-PerlMagick-6.4.3.6-78.45.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-PerlMagick-6.4.3.6-78.45.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.x86_64"
},
"product_reference": "perl-PerlMagick-6.4.3.6-78.45.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libMagickCore1-6.4.3.6-78.45.1.i586 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.i586"
},
"product_reference": "libMagickCore1-6.4.3.6-78.45.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libMagickCore1-6.4.3.6-78.45.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ia64"
},
"product_reference": "libMagickCore1-6.4.3.6-78.45.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libMagickCore1-6.4.3.6-78.45.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ppc64"
},
"product_reference": "libMagickCore1-6.4.3.6-78.45.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libMagickCore1-6.4.3.6-78.45.1.s390x as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.s390x"
},
"product_reference": "libMagickCore1-6.4.3.6-78.45.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libMagickCore1-6.4.3.6-78.45.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.x86_64"
},
"product_reference": "libMagickCore1-6.4.3.6-78.45.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libMagickCore1-32bit-6.4.3.6-78.45.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.ppc64"
},
"product_reference": "libMagickCore1-32bit-6.4.3.6-78.45.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libMagickCore1-32bit-6.4.3.6-78.45.1.s390x as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.s390x"
},
"product_reference": "libMagickCore1-32bit-6.4.3.6-78.45.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libMagickCore1-32bit-6.4.3.6-78.45.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.x86_64"
},
"product_reference": "libMagickCore1-32bit-6.4.3.6-78.45.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libMagickCore1-6.4.3.6-78.45.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.i586"
},
"product_reference": "libMagickCore1-6.4.3.6-78.45.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libMagickCore1-6.4.3.6-78.45.1.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ia64"
},
"product_reference": "libMagickCore1-6.4.3.6-78.45.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libMagickCore1-6.4.3.6-78.45.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ppc64"
},
"product_reference": "libMagickCore1-6.4.3.6-78.45.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libMagickCore1-6.4.3.6-78.45.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.s390x"
},
"product_reference": "libMagickCore1-6.4.3.6-78.45.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libMagickCore1-6.4.3.6-78.45.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.x86_64"
},
"product_reference": "libMagickCore1-6.4.3.6-78.45.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libMagickCore1-32bit-6.4.3.6-78.45.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.ppc64"
},
"product_reference": "libMagickCore1-32bit-6.4.3.6-78.45.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libMagickCore1-32bit-6.4.3.6-78.45.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.s390x"
},
"product_reference": "libMagickCore1-32bit-6.4.3.6-78.45.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libMagickCore1-32bit-6.4.3.6-78.45.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.x86_64"
},
"product_reference": "libMagickCore1-32bit-6.4.3.6-78.45.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-1000476",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-1000476"
}
],
"notes": [
{
"category": "general",
"text": "ImageMagick 7.0.7-12 Q16, a CPU exhaustion vulnerability was found in the function ReadDDSInfo in coders/dds.c, which allows attackers to cause a denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-32bit-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-32bit-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-32bit-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-1000476",
"url": "https://www.suse.com/security/cve/CVE-2017-1000476"
},
{
"category": "external",
"summary": "SUSE Bug 1074610 for CVE-2017-1000476",
"url": "https://bugzilla.suse.com/1074610"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-32bit-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-32bit-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-32bit-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-32bit-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-32bit-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-32bit-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-05-02T13:50:19Z",
"details": "important"
}
],
"title": "CVE-2017-1000476"
},
{
"cve": "CVE-2017-10928",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-10928"
}
],
"notes": [
{
"category": "general",
"text": "In ImageMagick 7.0.6-0, a heap-based buffer over-read in the GetNextToken function in token.c allows remote attackers to obtain sensitive information from process memory or possibly have unspecified other impact via a crafted SVG document that is mishandled in the GetUserSpaceCoordinateValue function in coders/svg.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-32bit-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-32bit-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-32bit-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-10928",
"url": "https://www.suse.com/security/cve/CVE-2017-10928"
},
{
"category": "external",
"summary": "SUSE Bug 1047356 for CVE-2017-10928",
"url": "https://bugzilla.suse.com/1047356"
},
{
"category": "external",
"summary": "SUSE Bug 1047359 for CVE-2017-10928",
"url": "https://bugzilla.suse.com/1047359"
},
{
"category": "external",
"summary": "SUSE Bug 1056277 for CVE-2017-10928",
"url": "https://bugzilla.suse.com/1056277"
},
{
"category": "external",
"summary": "SUSE Bug 1060176 for CVE-2017-10928",
"url": "https://bugzilla.suse.com/1060176"
},
{
"category": "external",
"summary": "SUSE Bug 1096261 for CVE-2017-10928",
"url": "https://bugzilla.suse.com/1096261"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-32bit-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-32bit-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-32bit-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-32bit-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-32bit-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-32bit-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-05-02T13:50:19Z",
"details": "moderate"
}
],
"title": "CVE-2017-10928"
},
{
"cve": "CVE-2017-18251",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-18251"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in ImageMagick 7.0.7. A memory leak vulnerability was found in the function ReadPCDImage in coders/pcd.c, which allow remote attackers to cause a denial of service via a crafted file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-32bit-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-32bit-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-32bit-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-18251",
"url": "https://www.suse.com/security/cve/CVE-2017-18251"
},
{
"category": "external",
"summary": "SUSE Bug 1087037 for CVE-2017-18251",
"url": "https://bugzilla.suse.com/1087037"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-32bit-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-32bit-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-32bit-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-32bit-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-32bit-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-32bit-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-05-02T13:50:19Z",
"details": "low"
}
],
"title": "CVE-2017-18251"
},
{
"cve": "CVE-2017-18252",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-18252"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in ImageMagick 7.0.7. The MogrifyImageList function in MagickWand/mogrify.c allows attackers to cause a denial of service (assertion failure and application exit in ReplaceImageInList) via a crafted file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-32bit-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-32bit-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-32bit-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-18252",
"url": "https://www.suse.com/security/cve/CVE-2017-18252"
},
{
"category": "external",
"summary": "SUSE Bug 1087033 for CVE-2017-18252",
"url": "https://bugzilla.suse.com/1087033"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-32bit-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-32bit-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-32bit-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-32bit-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-32bit-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-32bit-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-05-02T13:50:19Z",
"details": "low"
}
],
"title": "CVE-2017-18252"
},
{
"cve": "CVE-2017-18254",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-18254"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in ImageMagick 7.0.7. A memory leak vulnerability was found in the function WriteGIFImage in coders/gif.c, which allow remote attackers to cause a denial of service via a crafted file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-32bit-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-32bit-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-32bit-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-18254",
"url": "https://www.suse.com/security/cve/CVE-2017-18254"
},
{
"category": "external",
"summary": "SUSE Bug 1087027 for CVE-2017-18254",
"url": "https://bugzilla.suse.com/1087027"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-32bit-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-32bit-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-32bit-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-32bit-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-32bit-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-32bit-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-05-02T13:50:19Z",
"details": "low"
}
],
"title": "CVE-2017-18254"
},
{
"cve": "CVE-2018-10177",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-10177"
}
],
"notes": [
{
"category": "general",
"text": "In ImageMagick 7.0.7-28, there is an infinite loop in the ReadOneMNGImage function of the coders/png.c file. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted mng file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-32bit-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-32bit-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-32bit-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-10177",
"url": "https://www.suse.com/security/cve/CVE-2018-10177"
},
{
"category": "external",
"summary": "SUSE Bug 1089781 for CVE-2018-10177",
"url": "https://bugzilla.suse.com/1089781"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-32bit-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-32bit-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-32bit-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-32bit-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-32bit-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-32bit-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-05-02T13:50:19Z",
"details": "moderate"
}
],
"title": "CVE-2018-10177"
},
{
"cve": "CVE-2018-8960",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-8960"
}
],
"notes": [
{
"category": "general",
"text": "The ReadTIFFImage function in coders/tiff.c in ImageMagick 7.0.7-26 Q16 does not properly restrict memory allocation, leading to a heap-based buffer over-read.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-32bit-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-32bit-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-32bit-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-8960",
"url": "https://www.suse.com/security/cve/CVE-2018-8960"
},
{
"category": "external",
"summary": "SUSE Bug 1086782 for CVE-2018-8960",
"url": "https://bugzilla.suse.com/1086782"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-32bit-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-32bit-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-32bit-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-32bit-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-32bit-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-32bit-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-05-02T13:50:19Z",
"details": "low"
}
],
"title": "CVE-2018-8960"
},
{
"cve": "CVE-2018-9018",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-9018"
}
],
"notes": [
{
"category": "general",
"text": "In GraphicsMagick 1.3.28, there is a divide-by-zero in the ReadMNGImage function of coders/png.c. Remote attackers could leverage this vulnerability to cause a crash and denial of service via a crafted mng file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-32bit-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-32bit-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-32bit-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-9018",
"url": "https://www.suse.com/security/cve/CVE-2018-9018"
},
{
"category": "external",
"summary": "SUSE Bug 1086773 for CVE-2018-9018",
"url": "https://bugzilla.suse.com/1086773"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-32bit-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-32bit-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-32bit-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libMagickCore1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-32bit-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libMagickCore1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:ImageMagick-devel-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++-devel-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagick++1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-32bit-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-32bit-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-32bit-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libMagickWand1-6.4.3.6-78.45.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-PerlMagick-6.4.3.6-78.45.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-05-02T13:50:19Z",
"details": "low"
}
],
"title": "CVE-2018-9018"
}
]
}
gsd-2018-9018
Vulnerability from gsd
Modified
2023-12-13 01:22
Details
In GraphicsMagick 1.3.28, there is a divide-by-zero in the ReadMNGImage function of coders/png.c. Remote attackers could leverage this vulnerability to cause a crash and denial of service via a crafted mng file.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2018-9018",
"description": "In GraphicsMagick 1.3.28, there is a divide-by-zero in the ReadMNGImage function of coders/png.c. Remote attackers could leverage this vulnerability to cause a crash and denial of service via a crafted mng file.",
"id": "GSD-2018-9018",
"references": [
"https://www.suse.com/security/cve/CVE-2018-9018.html",
"https://www.debian.org/security/2018/dsa-4321",
"https://advisories.mageia.org/CVE-2018-9018.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2018-9018"
],
"details": "In GraphicsMagick 1.3.28, there is a divide-by-zero in the ReadMNGImage function of coders/png.c. Remote attackers could leverage this vulnerability to cause a crash and denial of service via a crafted mng file.",
"id": "GSD-2018-9018",
"modified": "2023-12-13T01:22:33.828339Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-9018",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In GraphicsMagick 1.3.28, there is a divide-by-zero in the ReadMNGImage function of coders/png.c. Remote attackers could leverage this vulnerability to cause a crash and denial of service via a crafted mng file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[debian-lts-announce] 20180328 [SECURITY] [DLA 1322-1] graphicsmagick security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/03/msg00025.html"
},
{
"name": "DSA-4321",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4321"
},
{
"name": "https://sourceforge.net/p/graphicsmagick/bugs/554/",
"refsource": "MISC",
"url": "https://sourceforge.net/p/graphicsmagick/bugs/554/"
},
{
"name": "[debian-lts-announce] 20180803 [SECURITY] [DLA 1456-1] graphicsmagick security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00002.html"
},
{
"name": "103526",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103526"
},
{
"name": "FEDORA-2019-f12cb1ddab",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3IYH7QSNXXOIDFTYLY455ANZ3JWQ7FCS/"
},
{
"name": "FEDORA-2019-210b0a6e4f",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FS76VNCFL3FVRMGXQEMHBOKA7EE46BTS/"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:graphicsmagick:graphicsmagick:1.3.28:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-9018"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "In GraphicsMagick 1.3.28, there is a divide-by-zero in the ReadMNGImage function of coders/png.c. Remote attackers could leverage this vulnerability to cause a crash and denial of service via a crafted mng file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-369"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://sourceforge.net/p/graphicsmagick/bugs/554/",
"refsource": "MISC",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://sourceforge.net/p/graphicsmagick/bugs/554/"
},
{
"name": "103526",
"refsource": "BID",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/103526"
},
{
"name": "[debian-lts-announce] 20180328 [SECURITY] [DLA 1322-1] graphicsmagick security update",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/03/msg00025.html"
},
{
"name": "[debian-lts-announce] 20180803 [SECURITY] [DLA 1456-1] graphicsmagick security update",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00002.html"
},
{
"name": "DSA-4321",
"refsource": "DEBIAN",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4321"
},
{
"name": "FEDORA-2019-f12cb1ddab",
"refsource": "FEDORA",
"tags": [],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3IYH7QSNXXOIDFTYLY455ANZ3JWQ7FCS/"
},
{
"name": "FEDORA-2019-210b0a6e4f",
"refsource": "FEDORA",
"tags": [],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FS76VNCFL3FVRMGXQEMHBOKA7EE46BTS/"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": true
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
},
"lastModifiedDate": "2020-01-12T03:15Z",
"publishedDate": "2018-03-25T21:29Z"
}
}
}
fkie_cve-2018-9018
Vulnerability from fkie_nvd
Published
2018-03-25 21:29
Modified
2024-11-21 04:14
Severity ?
Summary
In GraphicsMagick 1.3.28, there is a divide-by-zero in the ReadMNGImage function of coders/png.c. Remote attackers could leverage this vulnerability to cause a crash and denial of service via a crafted mng file.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/bid/103526 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://lists.debian.org/debian-lts-announce/2018/03/msg00025.html | Mailing List, Third Party Advisory | |
| cve@mitre.org | https://lists.debian.org/debian-lts-announce/2018/08/msg00002.html | Mailing List, Third Party Advisory | |
| cve@mitre.org | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3IYH7QSNXXOIDFTYLY455ANZ3JWQ7FCS/ | ||
| cve@mitre.org | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FS76VNCFL3FVRMGXQEMHBOKA7EE46BTS/ | ||
| cve@mitre.org | https://sourceforge.net/p/graphicsmagick/bugs/554/ | Exploit, Issue Tracking, Third Party Advisory | |
| cve@mitre.org | https://www.debian.org/security/2018/dsa-4321 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/103526 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2018/03/msg00025.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2018/08/msg00002.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3IYH7QSNXXOIDFTYLY455ANZ3JWQ7FCS/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FS76VNCFL3FVRMGXQEMHBOKA7EE46BTS/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceforge.net/p/graphicsmagick/bugs/554/ | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.debian.org/security/2018/dsa-4321 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| graphicsmagick | graphicsmagick | 1.3.28 | |
| debian | debian_linux | 7.0 | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:graphicsmagick:graphicsmagick:1.3.28:*:*:*:*:*:*:*",
"matchCriteriaId": "E1057951-C073-4E4E-9930-25F83B54A68C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In GraphicsMagick 1.3.28, there is a divide-by-zero in the ReadMNGImage function of coders/png.c. Remote attackers could leverage this vulnerability to cause a crash and denial of service via a crafted mng file."
},
{
"lang": "es",
"value": "En GraphicsMagick 1.3.28 hay una divisi\u00f3n entre cero en la fucnci\u00f3n ReadMNGImage en coders/png.c. Los atacantes remotos podr\u00edan aprovechar esta vulnerabilidad para provocar un cuerre inesperado y una denegaci\u00f3n de servicio (DoS) mediante un archivo mng manipulado."
}
],
"id": "CVE-2018-9018",
"lastModified": "2024-11-21T04:14:47.773",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-03-25T21:29:00.250",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/103526"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/03/msg00025.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00002.html"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3IYH7QSNXXOIDFTYLY455ANZ3JWQ7FCS/"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FS76VNCFL3FVRMGXQEMHBOKA7EE46BTS/"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://sourceforge.net/p/graphicsmagick/bugs/554/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4321"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/103526"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/03/msg00025.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3IYH7QSNXXOIDFTYLY455ANZ3JWQ7FCS/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FS76VNCFL3FVRMGXQEMHBOKA7EE46BTS/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://sourceforge.net/p/graphicsmagick/bugs/554/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4321"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-369"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
ghsa-4w24-2qm8-wfcm
Vulnerability from github
Published
2022-05-13 01:28
Modified
2022-05-13 01:28
Severity ?
VLAI Severity ?
Details
In GraphicsMagick 1.3.28, there is a divide-by-zero in the ReadMNGImage function of coders/png.c. Remote attackers could leverage this vulnerability to cause a crash and denial of service via a crafted mng file.
{
"affected": [],
"aliases": [
"CVE-2018-9018"
],
"database_specific": {
"cwe_ids": [
"CWE-369"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-03-25T21:29:00Z",
"severity": "MODERATE"
},
"details": "In GraphicsMagick 1.3.28, there is a divide-by-zero in the ReadMNGImage function of coders/png.c. Remote attackers could leverage this vulnerability to cause a crash and denial of service via a crafted mng file.",
"id": "GHSA-4w24-2qm8-wfcm",
"modified": "2022-05-13T01:28:57Z",
"published": "2022-05-13T01:28:57Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-9018"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2018/03/msg00025.html"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00002.html"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3IYH7QSNXXOIDFTYLY455ANZ3JWQ7FCS"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FS76VNCFL3FVRMGXQEMHBOKA7EE46BTS"
},
{
"type": "WEB",
"url": "https://sourceforge.net/p/graphicsmagick/bugs/554"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2018/dsa-4321"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/103526"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…