openSUSE Security Update: Security update for GraphicsMagick ______________________________________________________________________________ Announcement ID: openSUSE-SU-2018:0218-1 Rating: moderate References: #1043353 #1043354 #1051442 #1052708 #1052717 #1052777 #1054600 #1055374 #1055455 #1057000 #1062752 Cross-References: CVE-2017-11750 CVE-2017-12641 CVE-2017-12673 CVE-2017-12676 CVE-2017-12935 CVE-2017-13142 CVE-2017-13147 CVE-2017-14103 CVE-2017-15218 CVE-2017-9261 CVE-2017-9262 Affected Products: openSUSE Leap 42.3 openSUSE Leap 42.2 ______________________________________________________________________________ An update that fixes 11 vulnerabilities is now available. Description: This update for GraphicsMagick fixes several issues. These security issues were fixed: - CVE-2017-9262: The ReadJNGImage function in coders/png.c allowed attackers to cause a denial of service (memory leak) via a crafted file (bsc#1043353) - CVE-2017-9261: The ReadMNGImage function in coders/png.c allowed attackers to cause a denial of service (memory leak) via a crafted file (bsc#1043354) - CVE-2017-11750: The ReadOneJNGImage function in coders/png.c allowed remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file (bsc#1051442) - CVE-2017-12676: Prevent memory leak in the function ReadOneJNGImage in coders/png.c, which allowed attackers to cause a denial of service (bsc#1052708) - CVE-2017-12673: Prevent memory leak in the function ReadOneMNGImage in coders/png.c, which allowed attackers to cause a denial of service (bsc#1052717) - CVE-2017-12641: Prevent a memory leak vulnerability in ReadOneJNGImage in coders\png.c (bsc#1052777) - CVE-2017-12935: The ReadMNGImage function in coders/png.c mishandled large MNG images, leading to an invalid memory read in the SetImageColorCallBack function in magick/image.c (bsc#1054600) - CVE-2017-13147: Prevent allocation failure in the function ReadMNGImage in coders/png.c when a small MNG file has a MEND chunk with a large length value (bsc#1055374) - CVE-2017-13142: Added additional checks for short files to prevent a crafted PNG file from triggering a crash (bsc#1055455) - CVE-2017-14103: The ReadJNGImage and ReadOneJNGImage functions in coders/png.c did not properly manage image pointers after certain error conditions, which allowed remote attackers to conduct use-after-free attacks via a crafted file, related to a ReadMNGImage out-of-order CloseBlob call (bsc#1057000) - CVE-2017-15218: Prevent memory leak in ReadOneJNGImage in coders/png.c (bsc#1062752) Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE Leap 42.3: zypper in -t patch openSUSE-2018-88=1 - openSUSE Leap 42.2: zypper in -t patch openSUSE-2018-88=1 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE Leap 42.3 (i586 x86_64): GraphicsMagick-1.3.25-60.1 GraphicsMagick-debuginfo-1.3.25-60.1 GraphicsMagick-debugsource-1.3.25-60.1 GraphicsMagick-devel-1.3.25-60.1 libGraphicsMagick++-Q16-12-1.3.25-60.1 libGraphicsMagick++-Q16-12-debuginfo-1.3.25-60.1 libGraphicsMagick++-devel-1.3.25-60.1 libGraphicsMagick-Q16-3-1.3.25-60.1 libGraphicsMagick-Q16-3-debuginfo-1.3.25-60.1 libGraphicsMagick3-config-1.3.25-60.1 libGraphicsMagickWand-Q16-2-1.3.25-60.1 libGraphicsMagickWand-Q16-2-debuginfo-1.3.25-60.1 perl-GraphicsMagick-1.3.25-60.1 perl-GraphicsMagick-debuginfo-1.3.25-60.1 - openSUSE Leap 42.2 (i586 x86_64): GraphicsMagick-1.3.25-11.63.1 GraphicsMagick-debuginfo-1.3.25-11.63.1 GraphicsMagick-debugsource-1.3.25-11.63.1 GraphicsMagick-devel-1.3.25-11.63.1 libGraphicsMagick++-Q16-12-1.3.25-11.63.1 libGraphicsMagick++-Q16-12-debuginfo-1.3.25-11.63.1 libGraphicsMagick++-devel-1.3.25-11.63.1 libGraphicsMagick-Q16-3-1.3.25-11.63.1 libGraphicsMagick-Q16-3-debuginfo-1.3.25-11.63.1 libGraphicsMagick3-config-1.3.25-11.63.1 libGraphicsMagickWand-Q16-2-1.3.25-11.63.1 libGraphicsMagickWand-Q16-2-debuginfo-1.3.25-11.63.1 perl-GraphicsMagick-1.3.25-11.63.1 perl-GraphicsMagick-debuginfo-1.3.25-11.63.1 References: https://www.suse.com/security/cve/CVE-2017-11750.html https://www.suse.com/security/cve/CVE-2017-12641.html https://www.suse.com/security/cve/CVE-2017-12673.html https://www.suse.com/security/cve/CVE-2017-12676.html https://www.suse.com/security/cve/CVE-2017-12935.html https://www.suse.com/security/cve/CVE-2017-13142.html https://www.suse.com/security/cve/CVE-2017-13147.html https://www.suse.com/security/cve/CVE-2017-14103.html https://www.suse.com/security/cve/CVE-2017-15218.html https://www.suse.com/security/cve/CVE-2017-9261.html https://www.suse.com/security/cve/CVE-2017-9262.html https://bugzilla.suse.com/1043353 https://bugzilla.suse.com/1043354 https://bugzilla.suse.com/1051442 https://bugzilla.suse.com/1052708 https://bugzilla.suse.com/1052717 https://bugzilla.suse.com/1052777 https://bugzilla.suse.com/1054600 https://bugzilla.suse.com/1055374 https://bugzilla.suse.com/1055455 https://bugzilla.suse.com/1057000 https://bugzilla.suse.com/1062752