Bug 1017311 - (CVE-2016-10049) VUL-0: CVE-2016-10049: ImageMagick: Buffer overflow when reading corrupt RLE files
(CVE-2016-10049)
VUL-0: CVE-2016-10049: ImageMagick: Buffer overflow when reading corrupt RLE ...
Status: RESOLVED FIXED
: 1016579 (view as bug list)
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P3 - Medium : Normal
: ---
Assigned To: Security Team bot
Security Team bot
CVSSv2:SUSE:CVE-2016-10049:6.8:(AV:N/...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2016-12-27 09:21 UTC by Johannes Segitz
Modified: 2017-05-18 14:41 UTC (History)
2 users (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Comment 1 Swamp Workflow Management 2016-12-27 23:01:04 UTC
bugbot adjusting priority
Comment 2 Johannes Segitz 2016-12-28 10:49:27 UTC
*** Bug 1016579 has been marked as a duplicate of this bug. ***
Comment 3 Johannes Segitz 2016-12-28 10:51:22 UTC
From Matthias Gerstner

ImageMagick:

SLE-12:Update is affected in coders/rle.c:313
SLE-11:Update is affected in coders/rle.c:315
openSUSE:13.2:Update is affected in coders/rle.c:313

GraphicsMagick:

SLE-11:Update is affected in coders/rle.c:315
openSUSE:13.2:Update is affected in coders/rle.c:316

openSUSE:Leap:42.1:Update is *not* affected in coders/rle.c:357
openSUSE:Leap:42.2:Update is *not* affected in coders/rle.c:433

A link to a reproducer is in 1016579, but it doesn't seem to work
Comment 4 Petr Gajdos 2017-01-17 09:05:47 UTC
For the testcase from upstream bug, I get 'Improper image header' for all GraphicsMagick and ImageMagick versions we maintain, no segfault.
Comment 5 Petr Gajdos 2017-01-17 10:13:03 UTC
GraphicsMagick is affected, too -- it has the patch in newer versions.
Comment 6 Petr Gajdos 2017-01-17 14:31:17 UTC
Affected: ImageMagick, 11/GraphicsMagick.
Comment 7 Petr Gajdos 2017-01-27 11:04:55 UTC
Packages submitted, I believe all fixed.
Comment 9 Swamp Workflow Management 2017-02-20 14:11:18 UTC
SUSE-SU-2017:0518-1: An update that fixes 11 vulnerabilities is now available.

Category: security (moderate)
Bug References: 1017310,1017311,1017312,1017313,1017318,1017321,1017322,1017324,1017326,1020443,1020448
CVE References: CVE-2016-10048,CVE-2016-10049,CVE-2016-10050,CVE-2016-10051,CVE-2016-10059,CVE-2016-10064,CVE-2016-10065,CVE-2016-10068,CVE-2016-10070,CVE-2016-10146,CVE-2017-5511
Sources used:
SUSE Studio Onsite 1.3 (src):    GraphicsMagick-1.2.5-4.62.1
SUSE Linux Enterprise Software Development Kit 11-SP4 (src):    GraphicsMagick-1.2.5-4.62.1
SUSE Linux Enterprise Debuginfo 11-SP4 (src):    GraphicsMagick-1.2.5-4.62.1
Comment 10 Swamp Workflow Management 2017-02-21 14:08:26 UTC
SUSE-SU-2017:0529-1: An update that fixes 25 vulnerabilities is now available.

Category: security (moderate)
Bug References: 1017308,1017310,1017311,1017312,1017313,1017314,1017318,1017319,1017320,1017321,1017322,1017324,1017325,1017326,1017421,1020433,1020435,1020436,1020439,1020441,1020443,1020446,1020448
CVE References: CVE-2016-10046,CVE-2016-10048,CVE-2016-10049,CVE-2016-10050,CVE-2016-10051,CVE-2016-10052,CVE-2016-10059,CVE-2016-10060,CVE-2016-10061,CVE-2016-10062,CVE-2016-10063,CVE-2016-10064,CVE-2016-10065,CVE-2016-10068,CVE-2016-10069,CVE-2016-10070,CVE-2016-10071,CVE-2016-10144,CVE-2016-10145,CVE-2016-10146,CVE-2017-5506,CVE-2017-5507,CVE-2017-5508,CVE-2017-5510,CVE-2017-5511
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP2 (src):    ImageMagick-6.8.8.1-59.1
SUSE Linux Enterprise Workstation Extension 12-SP1 (src):    ImageMagick-6.8.8.1-59.1
SUSE Linux Enterprise Software Development Kit 12-SP2 (src):    ImageMagick-6.8.8.1-59.1
SUSE Linux Enterprise Software Development Kit 12-SP1 (src):    ImageMagick-6.8.8.1-59.1
SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (src):    ImageMagick-6.8.8.1-59.1
SUSE Linux Enterprise Server 12-SP2 (src):    ImageMagick-6.8.8.1-59.1
SUSE Linux Enterprise Server 12-SP1 (src):    ImageMagick-6.8.8.1-59.1
SUSE Linux Enterprise Desktop 12-SP2 (src):    ImageMagick-6.8.8.1-59.1
SUSE Linux Enterprise Desktop 12-SP1 (src):    ImageMagick-6.8.8.1-59.1
Comment 11 Swamp Workflow Management 2017-03-01 20:09:52 UTC
SUSE-SU-2017:0586-1: An update that fixes 21 vulnerabilities is now available.

Category: security (moderate)
Bug References: 1017308,1017310,1017311,1017312,1017313,1017314,1017318,1017319,1017320,1017321,1017322,1017324,1017326,1017421,1020433,1020435,1020436,1020439,1020441,1020443,1020448
CVE References: CVE-2016-10046,CVE-2016-10048,CVE-2016-10049,CVE-2016-10050,CVE-2016-10051,CVE-2016-10052,CVE-2016-10059,CVE-2016-10060,CVE-2016-10063,CVE-2016-10064,CVE-2016-10065,CVE-2016-10068,CVE-2016-10070,CVE-2016-10071,CVE-2016-10144,CVE-2016-10145,CVE-2016-10146,CVE-2017-5506,CVE-2017-5507,CVE-2017-5508,CVE-2017-5511
Sources used:
SUSE Linux Enterprise Software Development Kit 11-SP4 (src):    ImageMagick-6.4.3.6-7.65.1
SUSE Linux Enterprise Server 11-SP4 (src):    ImageMagick-6.4.3.6-7.65.1
SUSE Linux Enterprise Debuginfo 11-SP4 (src):    ImageMagick-6.4.3.6-7.65.1
Comment 12 Swamp Workflow Management 2017-03-02 14:08:36 UTC
openSUSE-SU-2017:0587-1: An update that fixes 25 vulnerabilities is now available.

Category: security (moderate)
Bug References: 1017308,1017310,1017311,1017312,1017313,1017314,1017318,1017319,1017320,1017321,1017322,1017324,1017325,1017326,1017421,1020433,1020435,1020436,1020439,1020441,1020443,1020446,1020448
CVE References: CVE-2016-10046,CVE-2016-10048,CVE-2016-10049,CVE-2016-10050,CVE-2016-10051,CVE-2016-10052,CVE-2016-10059,CVE-2016-10060,CVE-2016-10061,CVE-2016-10062,CVE-2016-10063,CVE-2016-10064,CVE-2016-10065,CVE-2016-10068,CVE-2016-10069,CVE-2016-10070,CVE-2016-10071,CVE-2016-10144,CVE-2016-10145,CVE-2016-10146,CVE-2017-5506,CVE-2017-5507,CVE-2017-5508,CVE-2017-5510,CVE-2017-5511
Sources used:
openSUSE Leap 42.2 (src):    ImageMagick-6.8.8.1-28.1
openSUSE Leap 42.1 (src):    ImageMagick-6.8.8.1-30.1
Comment 13 Matthias Gerstner 2017-03-06 09:38:46 UTC
All codestreams released. openSUSE comes from SLE. closing.