Bugzilla – Bug 1082283
VUL-1: CVE-2017-15017: GraphicsMagick, ImageMagick: NULL pointer dereference vulnerability in ReadOneMNGImage in coders/png.c
Last modified: 2018-04-06 22:38:38 UTC
CVE-2017-15017 ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability in ReadOneMNGImage in coders/png.c. https://github.com/ImageMagick/ImageMagick/issues/723 References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-15017 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15017
All SLES codestreams, both packages
No testcase.
12/ImageMagick: affected 11/ImageMagick: affected 11/GraphicsMagick: affected 42.3/GraphicsMagick: affected HG/GraphicsMagick: affected GraphicsMagick upstream notified.
Will submit for: 12/ImageMagick, 11/ImageMagick, 11/GraphicsMagick and 42.3/GraphicsMagick.
I believe all fixed.
This is an autogenerated message for OBS integration: This bug (1082283) was mentioned in https://build.opensuse.org/request/show/583089 42.3 / GraphicsMagick
This is an autogenerated message for OBS integration: This bug (1082283) was mentioned in https://build.opensuse.org/request/show/583120 42.3 / GraphicsMagick
This is an autogenerated message for OBS integration: This bug (1082283) was mentioned in https://build.opensuse.org/request/show/585295 42.3 / GraphicsMagick
This is an autogenerated message for OBS integration: This bug (1082283) was mentioned in https://build.opensuse.org/request/show/586755 42.3 / GraphicsMagick
openSUSE-SU-2018:0733-1: An update that fixes 9 vulnerabilities is now available. Category: security (moderate) Bug References: 1058630,1059735,1066168,1066170,1082283,1082291,1084060,1084062,1085233 CVE References: CVE-2017-14314,CVE-2017-14505,CVE-2017-15016,CVE-2017-15017,CVE-2017-16352,CVE-2017-16353,CVE-2017-18219,CVE-2017-18220,CVE-2017-18230 Sources used: openSUSE Leap 42.3 (src): GraphicsMagick-1.3.25-79.1
SUSE-SU-2018:0857-1: An update that fixes 17 vulnerabilities is now available. Category: security (moderate) Bug References: 1043290,1050087,1056434,1058630,1059735,1060382,1066168,1066170,1082283,1082291,1082348,1082362,1082792,1082837,1083628,1083634,1086011 CVE References: CVE-2017-11524,CVE-2017-12692,CVE-2017-12693,CVE-2017-13768,CVE-2017-14314,CVE-2017-14505,CVE-2017-14739,CVE-2017-15016,CVE-2017-15017,CVE-2017-16352,CVE-2017-16353,CVE-2017-18209,CVE-2017-18211,CVE-2017-9500,CVE-2018-7443,CVE-2018-7470,CVE-2018-8804 Sources used: SUSE Linux Enterprise Workstation Extension 12-SP3 (src): ImageMagick-6.8.8.1-71.47.1 SUSE Linux Enterprise Workstation Extension 12-SP2 (src): ImageMagick-6.8.8.1-71.47.1 SUSE Linux Enterprise Software Development Kit 12-SP3 (src): ImageMagick-6.8.8.1-71.47.1 SUSE Linux Enterprise Software Development Kit 12-SP2 (src): ImageMagick-6.8.8.1-71.47.1 SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (src): ImageMagick-6.8.8.1-71.47.1 SUSE Linux Enterprise Server 12-SP3 (src): ImageMagick-6.8.8.1-71.47.1 SUSE Linux Enterprise Server 12-SP2 (src): ImageMagick-6.8.8.1-71.47.1 SUSE Linux Enterprise Desktop 12-SP3 (src): ImageMagick-6.8.8.1-71.47.1 SUSE Linux Enterprise Desktop 12-SP2 (src): ImageMagick-6.8.8.1-71.47.1
SUSE-SU-2018:0864-1: An update that fixes 13 vulnerabilities is now available. Category: security (moderate) Bug References: 1050087,1058630,1059735,1066168,1066170,1082283,1082291,1082348,1084060,1084062,1085233 CVE References: CVE-2017-11524,CVE-2017-12691,CVE-2017-12693,CVE-2017-14314,CVE-2017-14343,CVE-2017-14505,CVE-2017-15016,CVE-2017-15017,CVE-2017-16352,CVE-2017-16353,CVE-2017-18219,CVE-2017-18220,CVE-2017-18230 Sources used: SUSE Studio Onsite 1.3 (src): GraphicsMagick-1.2.5-78.44.1 SUSE Linux Enterprise Software Development Kit 11-SP4 (src): GraphicsMagick-1.2.5-78.44.1 SUSE Linux Enterprise Debuginfo 11-SP4 (src): GraphicsMagick-1.2.5-78.44.1
SUSE-SU-2018:0880-1: An update that fixes 16 vulnerabilities is now available. Category: security (moderate) Bug References: 1043290,1050087,1056434,1058630,1059735,1066168,1066170,1082283,1082291,1082348,1082362,1082792,1084060,1086011 CVE References: CVE-2017-11524,CVE-2017-12691,CVE-2017-12692,CVE-2017-12693,CVE-2017-13768,CVE-2017-14314,CVE-2017-14343,CVE-2017-14505,CVE-2017-15016,CVE-2017-15017,CVE-2017-16352,CVE-2017-16353,CVE-2017-18219,CVE-2017-9500,CVE-2018-7443,CVE-2018-8804 Sources used: SUSE Linux Enterprise Software Development Kit 11-SP4 (src): ImageMagick-6.4.3.6-78.40.1 SUSE Linux Enterprise Server 11-SP4 (src): ImageMagick-6.4.3.6-78.40.1 SUSE Linux Enterprise Debuginfo 11-SP4 (src): ImageMagick-6.4.3.6-78.40.1
releasing for Leap, closing as done
openSUSE-SU-2018:0893-1: An update that fixes 17 vulnerabilities is now available. Category: security (moderate) Bug References: 1043290,1050087,1056434,1058630,1059735,1060382,1066168,1066170,1082283,1082291,1082348,1082362,1082792,1082837,1083628,1083634,1086011 CVE References: CVE-2017-11524,CVE-2017-12692,CVE-2017-12693,CVE-2017-13768,CVE-2017-14314,CVE-2017-14505,CVE-2017-14739,CVE-2017-15016,CVE-2017-15017,CVE-2017-16352,CVE-2017-16353,CVE-2017-18209,CVE-2017-18211,CVE-2017-9500,CVE-2018-7443,CVE-2018-7470,CVE-2018-8804 Sources used: openSUSE Leap 42.3 (src): ImageMagick-6.8.8.1-58.1