Cross-References: CVE-2018-14434 CVE-2018-14435 CVE-2018-14436 CVE-2018-14437 Affected Products: SUSE Linux Enterprise Module for Development Tools 15 SUSE Linux Enterprise Module for Desktop Applications 15 ______________________________________________________________________________
An update that solves four vulnerabilities and has one errata is now available.
Description:
This update for ImageMagick fixes the following issues:
Security issues fixed:
* CVE-2018-14434: A memory leak for a colormap in WriteMPCImage incoders/mpc.c was fixed. (bsc#1102003) * CVE-2018-14435: A memory leak in DecodeImage in coders/pcd.c was fixed. (bsc#1102007) * CVE-2018-14436: A memory leak in ReadMIFFImage in coders/miff.c was fixed. (bsc#1102005) * CVE-2018-14437: A memory leak in parse8BIM in coders/meta.c was fixed. (bsc#1102004)
Bug fix:
- bsc#1094741: Fix unexpected result with `convert -compose`.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Module for Development Tools 15:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-2018-1740=1
- SUSE Linux Enterprise Module for Desktop Applications 15:
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-2018-1740=1
Package List:
- SUSE Linux Enterprise Module for Development Tools 15 (aarch64 ppc64le s390x x86_64):