{"document":{"aggregate_severity":{"namespace":"https://www.suse.com/support/security/rating/","text":"important"},"category":"csaf_security_advisory","csaf_version":"2.0","distribution":{"text":"Copyright 2023 SUSE LLC. All rights reserved.","tlp":{"label":"WHITE","url":"https://www.first.org/tlp/"}},"lang":"en","notes":[{"category":"summary","text":"Security update for GraphicsMagick","title":"Title of the patch"},{"category":"description","text":"This update for GraphicsMagick fixes the following issues:\n\n  * CVE-2017-11640: NULL pointer deref in WritePTIFImage() in coders/tiff.c could lead to denial of service [bsc#1050632]\n  * CVE-2017-14342: Memory exhaustion in ReadWPGImage in coders/wpg.c could lead to denial of service [bsc#1058485]\n  * CVE-2017-14341: Infinite loop in the ReadWPGImage function could lead to denial of service [bsc#1058637]\n  * CVE-2017-16546: Issue in ReadWPGImage function in coders/wpg.c could lead to denial of service [bsc#1067181]\n  * CVE-2017-16545: The ReadWPGImage function in coders/wpg.c in  validation problems could lead to denial of service [bsc#1067184]\n  * CVE-2017-16669: coders/wpg.c  allows remote attackers to cause a denial of service via crafted file [bsc#1067409]\n  * CVE-2017-13776: denial of service issue in ReadXBMImage() in a coders/xbm.c [bsc#1056429]\n  * CVE-2017-13777: denial of service issue in ReadXBMImage() in a coders/xbm.c [bsc#1056426]\n  * CVE-2017-13134: heap-based buffer over-read in the function SFWScan in coders/sfw.c could lead to denial of service via a crafted file [bsc#1055214]\n  * CVE-2017-15930: Null Pointer dereference  while transfering JPEG scanlines could lead to denial of service [bsc#1066003]\n  * CVE-2017-12983: Heap-based buffer overflow in the ReadSFWImage function in coders/sfw.c allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file. [bsc#1054757] \n  * CVE-2017-14165: The ReadSUNImage function in coders/sun.c has an issue where memory allocation is excessive because it depends only on a length field in a header. This may lead to remote denial of service in the MagickMalloc function in magick/memory.c. [bsc#1057508]\n  * CVE-2017-12587: Large loop vulnerability in the ReadPWPImage function in coders\\pwp.c. [bsc#1052450]\n","title":"Description of the patch"},{"category":"details","text":"sdksp4-GraphicsMagick-13386,slestso13-GraphicsMagick-13386","title":"Patchnames"},{"category":"legal_disclaimer","text":"CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).","title":"Terms of use"}],"publisher":{"category":"vendor","contact_details":"https://www.suse.com/support/security/contact/","name":"SUSE Product Security Team","namespace":"https://www.suse.com/"},"references":[{"category":"self","summary":"URL for SUSE-SU-2017:3435-1","url":"https://www.suse.com/support/update/announcement/2017/suse-su-20173435-1/"},{"category":"external","summary":"SUSE ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"self","summary":"URL of this CSAF notice","url":"https://ftp.suse.com/pub/projects/security/csaf/suse-su-2017_3435-1.json"},{"category":"self","summary":"E-Mail link for SUSE-SU-2017:3435-1","url":"https://lists.opensuse.org/opensuse-security-announce/2017-12/msg00093.html"},{"category":"self","summary":"SUSE Bug 1050632","url":"https://bugzilla.suse.com/1050632"},{"category":"self","summary":"SUSE Bug 1052450","url":"https://bugzilla.suse.com/1052450"},{"category":"self","summary":"SUSE Bug 1054757","url":"https://bugzilla.suse.com/1054757"},{"category":"self","summary":"SUSE Bug 1055214","url":"https://bugzilla.suse.com/1055214"},{"category":"self","summary":"SUSE Bug 1056426","url":"https://bugzilla.suse.com/1056426"},{"category":"self","summary":"SUSE Bug 1056429","url":"https://bugzilla.suse.com/1056429"},{"category":"self","summary":"SUSE Bug 1057508","url":"https://bugzilla.suse.com/1057508"},{"category":"self","summary":"SUSE Bug 1058485","url":"https://bugzilla.suse.com/1058485"},{"category":"self","summary":"SUSE Bug 1058637","url":"https://bugzilla.suse.com/1058637"},{"category":"self","summary":"SUSE Bug 1066003","url":"https://bugzilla.suse.com/1066003"},{"category":"self","summary":"SUSE Bug 1067181","url":"https://bugzilla.suse.com/1067181"},{"category":"self","summary":"SUSE Bug 1067184","url":"https://bugzilla.suse.com/1067184"},{"category":"self","summary":"SUSE Bug 1067409","url":"https://bugzilla.suse.com/1067409"},{"category":"self","summary":"SUSE CVE CVE-2016-7996 page","url":"https://www.suse.com/security/cve/CVE-2016-7996/"},{"category":"self","summary":"SUSE CVE CVE-2017-11640 page","url":"https://www.suse.com/security/cve/CVE-2017-11640/"},{"category":"self","summary":"SUSE CVE CVE-2017-12587 page","url":"https://www.suse.com/security/cve/CVE-2017-12587/"},{"category":"self","summary":"SUSE CVE CVE-2017-12983 page","url":"https://www.suse.com/security/cve/CVE-2017-12983/"},{"category":"self","summary":"SUSE CVE CVE-2017-13134 page","url":"https://www.suse.com/security/cve/CVE-2017-13134/"},{"category":"self","summary":"SUSE CVE CVE-2017-13776 page","url":"https://www.suse.com/security/cve/CVE-2017-13776/"},{"category":"self","summary":"SUSE CVE CVE-2017-13777 page","url":"https://www.suse.com/security/cve/CVE-2017-13777/"},{"category":"self","summary":"SUSE CVE CVE-2017-14165 page","url":"https://www.suse.com/security/cve/CVE-2017-14165/"},{"category":"self","summary":"SUSE CVE CVE-2017-14341 page","url":"https://www.suse.com/security/cve/CVE-2017-14341/"},{"category":"self","summary":"SUSE CVE CVE-2017-14342 page","url":"https://www.suse.com/security/cve/CVE-2017-14342/"},{"category":"self","summary":"SUSE CVE CVE-2017-15930 page","url":"https://www.suse.com/security/cve/CVE-2017-15930/"},{"category":"self","summary":"SUSE CVE CVE-2017-16545 page","url":"https://www.suse.com/security/cve/CVE-2017-16545/"},{"category":"self","summary":"SUSE CVE CVE-2017-16546 page","url":"https://www.suse.com/security/cve/CVE-2017-16546/"},{"category":"self","summary":"SUSE CVE CVE-2017-16669 page","url":"https://www.suse.com/security/cve/CVE-2017-16669/"}],"title":"Security update for GraphicsMagick","tracking":{"current_release_date":"2017-12-27T09:55:41Z","generator":{"date":"2017-12-27T09:55:41Z","engine":{"name":"cve-database.git:bin/generate-csaf.pl","version":"1"}},"id":"SUSE-SU-2017:3435-1","initial_release_date":"2017-12-27T09:55:41Z","revision_history":[{"date":"2017-12-27T09:55:41Z","number":"1","summary":"Current version"}],"status":"final","version":"1"}},"product_tree":{"branches":[{"branches":[{"branches":[{"category":"product_version","name":"GraphicsMagick-1.2.5-4.78.19.1.i586","product":{"name":"GraphicsMagick-1.2.5-4.78.19.1.i586","product_id":"GraphicsMagick-1.2.5-4.78.19.1.i586"}},{"category":"product_version","name":"libGraphicsMagick2-1.2.5-4.78.19.1.i586","product":{"name":"libGraphicsMagick2-1.2.5-4.78.19.1.i586","product_id":"libGraphicsMagick2-1.2.5-4.78.19.1.i586"}},{"category":"product_version","name":"perl-GraphicsMagick-1.2.5-4.78.19.1.i586","product":{"name":"perl-GraphicsMagick-1.2.5-4.78.19.1.i586","product_id":"perl-GraphicsMagick-1.2.5-4.78.19.1.i586"}}],"category":"architecture","name":"i586"},{"branches":[{"category":"product_version","name":"GraphicsMagick-1.2.5-4.78.19.1.ia64","product":{"name":"GraphicsMagick-1.2.5-4.78.19.1.ia64","product_id":"GraphicsMagick-1.2.5-4.78.19.1.ia64"}},{"category":"product_version","name":"libGraphicsMagick2-1.2.5-4.78.19.1.ia64","product":{"name":"libGraphicsMagick2-1.2.5-4.78.19.1.ia64","product_id":"libGraphicsMagick2-1.2.5-4.78.19.1.ia64"}},{"category":"product_version","name":"perl-GraphicsMagick-1.2.5-4.78.19.1.ia64","product":{"name":"perl-GraphicsMagick-1.2.5-4.78.19.1.ia64","product_id":"perl-GraphicsMagick-1.2.5-4.78.19.1.ia64"}}],"category":"architecture","name":"ia64"},{"branches":[{"category":"product_version","name":"GraphicsMagick-1.2.5-4.78.19.1.ppc64","product":{"name":"GraphicsMagick-1.2.5-4.78.19.1.ppc64","product_id":"GraphicsMagick-1.2.5-4.78.19.1.ppc64"}},{"category":"product_version","name":"libGraphicsMagick2-1.2.5-4.78.19.1.ppc64","product":{"name":"libGraphicsMagick2-1.2.5-4.78.19.1.ppc64","product_id":"libGraphicsMagick2-1.2.5-4.78.19.1.ppc64"}},{"category":"product_version","name":"perl-GraphicsMagick-1.2.5-4.78.19.1.ppc64","product":{"name":"perl-GraphicsMagick-1.2.5-4.78.19.1.ppc64","product_id":"perl-GraphicsMagick-1.2.5-4.78.19.1.ppc64"}}],"category":"architecture","name":"ppc64"},{"branches":[{"category":"product_version","name":"GraphicsMagick-1.2.5-4.78.19.1.s390x","product":{"name":"GraphicsMagick-1.2.5-4.78.19.1.s390x","product_id":"GraphicsMagick-1.2.5-4.78.19.1.s390x"}},{"category":"product_version","name":"libGraphicsMagick2-1.2.5-4.78.19.1.s390x","product":{"name":"libGraphicsMagick2-1.2.5-4.78.19.1.s390x","product_id":"libGraphicsMagick2-1.2.5-4.78.19.1.s390x"}},{"category":"product_version","name":"perl-GraphicsMagick-1.2.5-4.78.19.1.s390x","product":{"name":"perl-GraphicsMagick-1.2.5-4.78.19.1.s390x","product_id":"perl-GraphicsMagick-1.2.5-4.78.19.1.s390x"}}],"category":"architecture","name":"s390x"},{"branches":[{"category":"product_version","name":"GraphicsMagick-1.2.5-4.78.19.1.x86_64","product":{"name":"GraphicsMagick-1.2.5-4.78.19.1.x86_64","product_id":"GraphicsMagick-1.2.5-4.78.19.1.x86_64"}},{"category":"product_version","name":"libGraphicsMagick2-1.2.5-4.78.19.1.x86_64","product":{"name":"libGraphicsMagick2-1.2.5-4.78.19.1.x86_64","product_id":"libGraphicsMagick2-1.2.5-4.78.19.1.x86_64"}},{"category":"product_version","name":"perl-GraphicsMagick-1.2.5-4.78.19.1.x86_64","product":{"name":"perl-GraphicsMagick-1.2.5-4.78.19.1.x86_64","product_id":"perl-GraphicsMagick-1.2.5-4.78.19.1.x86_64"}}],"category":"architecture","name":"x86_64"},{"branches":[{"category":"product_name","name":"SUSE Linux Enterprise Software Development Kit 11 SP4","product":{"name":"SUSE Linux Enterprise Software Development Kit 11 SP4","product_id":"SUSE Linux Enterprise Software Development Kit 11 SP4","product_identification_helper":{"cpe":"cpe:/a:suse:sle-sdk:11:sp4"}}},{"category":"product_name","name":"SUSE Studio Onsite 1.3","product":{"name":"SUSE Studio Onsite 1.3","product_id":"SUSE Studio Onsite 1.3","product_identification_helper":{"cpe":"cpe:/o:suse:sle-studioonsite:1.3"}}}],"category":"product_family","name":"SUSE Linux Enterprise"}],"category":"vendor","name":"SUSE"}],"relationships":[{"category":"default_component_of","full_product_name":{"name":"GraphicsMagick-1.2.5-4.78.19.1.i586 as component of SUSE Linux Enterprise Software Development Kit 11 SP4","product_id":"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.i586"},"product_reference":"GraphicsMagick-1.2.5-4.78.19.1.i586","relates_to_product_reference":"SUSE Linux Enterprise Software Development Kit 11 SP4"},{"category":"default_component_of","full_product_name":{"name":"GraphicsMagick-1.2.5-4.78.19.1.ia64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4","product_id":"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.ia64"},"product_reference":"GraphicsMagick-1.2.5-4.78.19.1.ia64","relates_to_product_reference":"SUSE Linux Enterprise Software Development Kit 11 SP4"},{"category":"default_component_of","full_product_name":{"name":"GraphicsMagick-1.2.5-4.78.19.1.ppc64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4","product_id":"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.ppc64"},"product_reference":"GraphicsMagick-1.2.5-4.78.19.1.ppc64","relates_to_product_reference":"SUSE Linux Enterprise Software Development Kit 11 SP4"},{"category":"default_component_of","full_product_name":{"name":"GraphicsMagick-1.2.5-4.78.19.1.s390x as component of SUSE Linux Enterprise Software Development Kit 11 SP4","product_id":"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.s390x"},"product_reference":"GraphicsMagick-1.2.5-4.78.19.1.s390x","relates_to_product_reference":"SUSE Linux Enterprise Software Development Kit 11 SP4"},{"category":"default_component_of","full_product_name":{"name":"GraphicsMagick-1.2.5-4.78.19.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4","product_id":"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.x86_64"},"product_reference":"GraphicsMagick-1.2.5-4.78.19.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Software Development Kit 11 SP4"},{"category":"default_component_of","full_product_name":{"name":"libGraphicsMagick2-1.2.5-4.78.19.1.i586 as component of SUSE Linux Enterprise Software Development Kit 11 SP4","product_id":"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.i586"},"product_reference":"libGraphicsMagick2-1.2.5-4.78.19.1.i586","relates_to_product_reference":"SUSE Linux Enterprise Software Development Kit 11 SP4"},{"category":"default_component_of","full_product_name":{"name":"libGraphicsMagick2-1.2.5-4.78.19.1.ia64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4","product_id":"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.ia64"},"product_reference":"libGraphicsMagick2-1.2.5-4.78.19.1.ia64","relates_to_product_reference":"SUSE Linux Enterprise Software Development Kit 11 SP4"},{"category":"default_component_of","full_product_name":{"name":"libGraphicsMagick2-1.2.5-4.78.19.1.ppc64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4","product_id":"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.ppc64"},"product_reference":"libGraphicsMagick2-1.2.5-4.78.19.1.ppc64","relates_to_product_reference":"SUSE Linux Enterprise Software Development Kit 11 SP4"},{"category":"default_component_of","full_product_name":{"name":"libGraphicsMagick2-1.2.5-4.78.19.1.s390x as component of SUSE Linux Enterprise Software Development Kit 11 SP4","product_id":"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.s390x"},"product_reference":"libGraphicsMagick2-1.2.5-4.78.19.1.s390x","relates_to_product_reference":"SUSE Linux Enterprise Software Development Kit 11 SP4"},{"category":"default_component_of","full_product_name":{"name":"libGraphicsMagick2-1.2.5-4.78.19.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4","product_id":"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.x86_64"},"product_reference":"libGraphicsMagick2-1.2.5-4.78.19.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Software Development Kit 11 SP4"},{"category":"default_component_of","full_product_name":{"name":"perl-GraphicsMagick-1.2.5-4.78.19.1.i586 as component of SUSE Linux Enterprise Software Development Kit 11 SP4","product_id":"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.i586"},"product_reference":"perl-GraphicsMagick-1.2.5-4.78.19.1.i586","relates_to_product_reference":"SUSE Linux Enterprise Software Development Kit 11 SP4"},{"category":"default_component_of","full_product_name":{"name":"perl-GraphicsMagick-1.2.5-4.78.19.1.ia64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4","product_id":"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.ia64"},"product_reference":"perl-GraphicsMagick-1.2.5-4.78.19.1.ia64","relates_to_product_reference":"SUSE Linux Enterprise Software Development Kit 11 SP4"},{"category":"default_component_of","full_product_name":{"name":"perl-GraphicsMagick-1.2.5-4.78.19.1.ppc64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4","product_id":"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.ppc64"},"product_reference":"perl-GraphicsMagick-1.2.5-4.78.19.1.ppc64","relates_to_product_reference":"SUSE Linux Enterprise Software Development Kit 11 SP4"},{"category":"default_component_of","full_product_name":{"name":"perl-GraphicsMagick-1.2.5-4.78.19.1.s390x as component of SUSE Linux Enterprise Software Development Kit 11 SP4","product_id":"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.s390x"},"product_reference":"perl-GraphicsMagick-1.2.5-4.78.19.1.s390x","relates_to_product_reference":"SUSE Linux Enterprise Software Development Kit 11 SP4"},{"category":"default_component_of","full_product_name":{"name":"perl-GraphicsMagick-1.2.5-4.78.19.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4","product_id":"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.x86_64"},"product_reference":"perl-GraphicsMagick-1.2.5-4.78.19.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Software Development Kit 11 SP4"},{"category":"default_component_of","full_product_name":{"name":"GraphicsMagick-1.2.5-4.78.19.1.x86_64 as component of SUSE Studio Onsite 1.3","product_id":"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.78.19.1.x86_64"},"product_reference":"GraphicsMagick-1.2.5-4.78.19.1.x86_64","relates_to_product_reference":"SUSE Studio Onsite 1.3"},{"category":"default_component_of","full_product_name":{"name":"libGraphicsMagick2-1.2.5-4.78.19.1.x86_64 as component of SUSE Studio Onsite 1.3","product_id":"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.78.19.1.x86_64"},"product_reference":"libGraphicsMagick2-1.2.5-4.78.19.1.x86_64","relates_to_product_reference":"SUSE Studio Onsite 1.3"}]},"vulnerabilities":[{"cve":"CVE-2016-7996","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2016-7996"}],"notes":[{"category":"general","text":"Heap-based buffer overflow in the WPG format reader in GraphicsMagick 1.3.25 and earlier allows remote attackers to have unspecified impact via a colormap with a large number of entries.","title":"Vulnerability description"}],"product_status":{"fixed":["SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.x86_64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.78.19.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2016-7996","url":"https://www.suse.com/security/cve/CVE-2016-7996"},{"category":"external","summary":"SUSE Bug 1003629 for CVE-2016-7996","url":"https://bugzilla.suse.com/1003629"},{"category":"external","summary":"SUSE Bug 1067184 for CVE-2016-7996","url":"https://bugzilla.suse.com/1067184"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.x86_64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.78.19.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":9.8,"baseSeverity":"CRITICAL","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","version":"3.0"},"products":["SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.x86_64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.78.19.1.x86_64"]}],"threats":[{"category":"impact","date":"2017-12-27T09:55:41Z","details":"important"}],"title":"CVE-2016-7996"},{"cve":"CVE-2017-11640","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2017-11640"}],"notes":[{"category":"general","text":"When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to an address access exception in the WritePTIFImage() function in coders/tiff.c.","title":"Vulnerability description"}],"product_status":{"fixed":["SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.x86_64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.78.19.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2017-11640","url":"https://www.suse.com/security/cve/CVE-2017-11640"},{"category":"external","summary":"SUSE Bug 1050632 for CVE-2017-11640","url":"https://bugzilla.suse.com/1050632"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.x86_64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.78.19.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":7.5,"baseSeverity":"HIGH","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","version":"3.0"},"products":["SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.x86_64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.78.19.1.x86_64"]}],"threats":[{"category":"impact","date":"2017-12-27T09:55:41Z","details":"important"}],"title":"CVE-2017-11640"},{"cve":"CVE-2017-12587","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2017-12587"}],"notes":[{"category":"general","text":"ImageMagick 7.0.6-1 has a large loop vulnerability in the ReadPWPImage function in coders\\pwp.c.","title":"Vulnerability description"}],"product_status":{"fixed":["SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.x86_64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.78.19.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2017-12587","url":"https://www.suse.com/security/cve/CVE-2017-12587"},{"category":"external","summary":"SUSE Bug 1052450 for CVE-2017-12587","url":"https://bugzilla.suse.com/1052450"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.x86_64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.78.19.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":5.3,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","version":"3.0"},"products":["SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.x86_64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.78.19.1.x86_64"]}],"threats":[{"category":"impact","date":"2017-12-27T09:55:41Z","details":"moderate"}],"title":"CVE-2017-12587"},{"cve":"CVE-2017-12983","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2017-12983"}],"notes":[{"category":"general","text":"Heap-based buffer overflow in the ReadSFWImage function in coders/sfw.c in ImageMagick 7.0.6-8 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file.","title":"Vulnerability description"}],"product_status":{"fixed":["SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.x86_64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.78.19.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2017-12983","url":"https://www.suse.com/security/cve/CVE-2017-12983"},{"category":"external","summary":"SUSE Bug 1054757 for CVE-2017-12983","url":"https://bugzilla.suse.com/1054757"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.x86_64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.78.19.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":7.5,"baseSeverity":"HIGH","vectorString":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.0"},"products":["SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.x86_64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.78.19.1.x86_64"]}],"threats":[{"category":"impact","date":"2017-12-27T09:55:41Z","details":"important"}],"title":"CVE-2017-12983"},{"cve":"CVE-2017-13134","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2017-13134"}],"notes":[{"category":"general","text":"In ImageMagick 7.0.6-6 and GraphicsMagick 1.3.26, a heap-based buffer over-read was found in the function SFWScan in coders/sfw.c, which allows attackers to cause a denial of service via a crafted file.","title":"Vulnerability description"}],"product_status":{"fixed":["SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.x86_64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.78.19.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2017-13134","url":"https://www.suse.com/security/cve/CVE-2017-13134"},{"category":"external","summary":"SUSE Bug 1055214 for CVE-2017-13134","url":"https://bugzilla.suse.com/1055214"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.x86_64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.78.19.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":4.3,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L","version":"3.0"},"products":["SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.x86_64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.78.19.1.x86_64"]}],"threats":[{"category":"impact","date":"2017-12-27T09:55:41Z","details":"moderate"}],"title":"CVE-2017-13134"},{"cve":"CVE-2017-13776","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2017-13776"}],"notes":[{"category":"general","text":"GraphicsMagick 1.3.26 has a denial of service issue in ReadXBMImage() in a coders/xbm.c \"Read hex image data\" version!=10 case that results in the reader not returning; it would cause large amounts of CPU and memory consumption although the crafted file itself does not request it.","title":"Vulnerability description"}],"product_status":{"fixed":["SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.x86_64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.78.19.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2017-13776","url":"https://www.suse.com/security/cve/CVE-2017-13776"},{"category":"external","summary":"SUSE Bug 1056429 for CVE-2017-13776","url":"https://bugzilla.suse.com/1056429"},{"category":"external","summary":"SUSE Bug 1106855 for CVE-2017-13776","url":"https://bugzilla.suse.com/1106855"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.x86_64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.78.19.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":5.3,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","version":"3.0"},"products":["SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.x86_64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.78.19.1.x86_64"]}],"threats":[{"category":"impact","date":"2017-12-27T09:55:41Z","details":"moderate"}],"title":"CVE-2017-13776"},{"cve":"CVE-2017-13777","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2017-13777"}],"notes":[{"category":"general","text":"GraphicsMagick 1.3.26 has a denial of service issue in ReadXBMImage() in a coders/xbm.c \"Read hex image data\" version==10 case that results in the reader not returning; it would cause large amounts of CPU and memory consumption although the crafted file itself does not request it.","title":"Vulnerability description"}],"product_status":{"fixed":["SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.x86_64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.78.19.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2017-13777","url":"https://www.suse.com/security/cve/CVE-2017-13777"},{"category":"external","summary":"SUSE Bug 1056426 for CVE-2017-13777","url":"https://bugzilla.suse.com/1056426"},{"category":"external","summary":"SUSE Bug 1057719 for CVE-2017-13777","url":"https://bugzilla.suse.com/1057719"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.x86_64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.78.19.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":5.3,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","version":"3.0"},"products":["SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.x86_64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.78.19.1.x86_64"]}],"threats":[{"category":"impact","date":"2017-12-27T09:55:41Z","details":"moderate"}],"title":"CVE-2017-13777"},{"cve":"CVE-2017-14165","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2017-14165"}],"notes":[{"category":"general","text":"The ReadSUNImage function in coders/sun.c in GraphicsMagick 1.3.26 has an issue where memory allocation is excessive because it depends only on a length field in a header. This may lead to remote denial of service in the MagickMalloc function in magick/memory.c.","title":"Vulnerability description"}],"product_status":{"fixed":["SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.x86_64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.78.19.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2017-14165","url":"https://www.suse.com/security/cve/CVE-2017-14165"},{"category":"external","summary":"SUSE Bug 1052553 for CVE-2017-14165","url":"https://bugzilla.suse.com/1052553"},{"category":"external","summary":"SUSE Bug 1057508 for CVE-2017-14165","url":"https://bugzilla.suse.com/1057508"},{"category":"external","summary":"SUSE Bug 1059666 for CVE-2017-14165","url":"https://bugzilla.suse.com/1059666"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.x86_64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.78.19.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":3.7,"baseSeverity":"LOW","vectorString":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L","version":"3.0"},"products":["SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.x86_64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.78.19.1.x86_64"]}],"threats":[{"category":"impact","date":"2017-12-27T09:55:41Z","details":"moderate"}],"title":"CVE-2017-14165"},{"cve":"CVE-2017-14341","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2017-14341"}],"notes":[{"category":"general","text":"ImageMagick 7.0.6-6 has a large loop vulnerability in ReadWPGImage in coders/wpg.c, causing CPU exhaustion via a crafted wpg image file.","title":"Vulnerability description"}],"product_status":{"fixed":["SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.x86_64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.78.19.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2017-14341","url":"https://www.suse.com/security/cve/CVE-2017-14341"},{"category":"external","summary":"SUSE Bug 1058637 for CVE-2017-14341","url":"https://bugzilla.suse.com/1058637"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.x86_64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.78.19.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":5.3,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","version":"3.0"},"products":["SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.x86_64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.78.19.1.x86_64"]}],"threats":[{"category":"impact","date":"2017-12-27T09:55:41Z","details":"low"}],"title":"CVE-2017-14341"},{"cve":"CVE-2017-14342","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2017-14342"}],"notes":[{"category":"general","text":"ImageMagick 7.0.6-6 has a memory exhaustion vulnerability in ReadWPGImage in coders/wpg.c via a crafted wpg image file.","title":"Vulnerability description"}],"product_status":{"fixed":["SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.x86_64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.78.19.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2017-14342","url":"https://www.suse.com/security/cve/CVE-2017-14342"},{"category":"external","summary":"SUSE Bug 1058485 for CVE-2017-14342","url":"https://bugzilla.suse.com/1058485"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.x86_64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.78.19.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":5.3,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","version":"3.0"},"products":["SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.x86_64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.78.19.1.x86_64"]}],"threats":[{"category":"impact","date":"2017-12-27T09:55:41Z","details":"low"}],"title":"CVE-2017-14342"},{"cve":"CVE-2017-15930","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2017-15930"}],"notes":[{"category":"general","text":"In ReadOneJNGImage in coders/png.c in GraphicsMagick 1.3.26, a Null Pointer Dereference occurs while transferring JPEG scanlines, related to a PixelPacket pointer.","title":"Vulnerability description"}],"product_status":{"fixed":["SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.x86_64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.78.19.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2017-15930","url":"https://www.suse.com/security/cve/CVE-2017-15930"},{"category":"external","summary":"SUSE Bug 1066003 for CVE-2017-15930","url":"https://bugzilla.suse.com/1066003"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.x86_64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.78.19.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":5.3,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","version":"3.0"},"products":["SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.x86_64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.78.19.1.x86_64"]}],"threats":[{"category":"impact","date":"2017-12-27T09:55:41Z","details":"moderate"}],"title":"CVE-2017-15930"},{"cve":"CVE-2017-16545","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2017-16545"}],"notes":[{"category":"general","text":"The ReadWPGImage function in coders/wpg.c in GraphicsMagick 1.3.26 does not properly validate colormapped images, which allows remote attackers to cause a denial of service (ImportIndexQuantumType invalid write and application crash) or possibly have unspecified other impact via a malformed WPG image.","title":"Vulnerability description"}],"product_status":{"fixed":["SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.x86_64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.78.19.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2017-16545","url":"https://www.suse.com/security/cve/CVE-2017-16545"},{"category":"external","summary":"SUSE Bug 1067184 for CVE-2017-16545","url":"https://bugzilla.suse.com/1067184"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.x86_64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.78.19.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.0"},"products":["SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.x86_64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.78.19.1.x86_64"]}],"threats":[{"category":"impact","date":"2017-12-27T09:55:41Z","details":"important"}],"title":"CVE-2017-16545"},{"cve":"CVE-2017-16546","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2017-16546"}],"notes":[{"category":"general","text":"The ReadWPGImage function in coders/wpg.c in ImageMagick 7.0.7-9 does not properly validate the colormap index in a WPG palette, which allows remote attackers to cause a denial of service (use of uninitialized data or invalid memory allocation) or possibly have unspecified other impact via a malformed WPG file.","title":"Vulnerability description"}],"product_status":{"fixed":["SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.x86_64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.78.19.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2017-16546","url":"https://www.suse.com/security/cve/CVE-2017-16546"},{"category":"external","summary":"SUSE Bug 1067181 for CVE-2017-16546","url":"https://bugzilla.suse.com/1067181"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.x86_64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.78.19.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":5.9,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","version":"3.0"},"products":["SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.x86_64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.78.19.1.x86_64"]}],"threats":[{"category":"impact","date":"2017-12-27T09:55:41Z","details":"moderate"}],"title":"CVE-2017-16546"},{"cve":"CVE-2017-16669","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2017-16669"}],"notes":[{"category":"general","text":"coders/wpg.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted file, related to the AcquireCacheNexus function in magick/pixel_cache.c.","title":"Vulnerability description"}],"product_status":{"fixed":["SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.x86_64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.78.19.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2017-16669","url":"https://www.suse.com/security/cve/CVE-2017-16669"},{"category":"external","summary":"SUSE Bug 1067409 for CVE-2017-16669","url":"https://bugzilla.suse.com/1067409"},{"category":"external","summary":"SUSE Bug 1072898 for CVE-2017-16669","url":"https://bugzilla.suse.com/1072898"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.x86_64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.78.19.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.0"},"products":["SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.78.19.1.x86_64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.i586","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.ia64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.ppc64","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.s390x","SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.78.19.1.x86_64","SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.78.19.1.x86_64"]}],"threats":[{"category":"impact","date":"2017-12-27T09:55:41Z","details":"important"}],"title":"CVE-2017-16669"}]}