openSUSE Security Update : GraphicsMagick (openSUSE-2016-1229)

critical Nessus Plugin ID 94304

Language:

New! Plugin Severity Now Using CVSS v3

The calculated severity for Plugins has been updated to use CVSS v3 by default. Plugins that do not have a CVSS v3 score will fall back to CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Synopsis

The remote openSUSE host is missing a security update.

Description

This update for GraphicsMagick fixes the following issues :

- security update :

- CVE-2016-8684 [boo#1005123]

- CVE-2016-8682 [boo#1005125]

- CVE-2016-8683 [boo#1005127]

- security update :

- CVE-2016-7529 [boo#1000399]

- CVE-2016-7528 [boo#1000434]

- CVE-2016-7515 [boo#1000689]

- CVE-2016-7446 [boo#999673]

- CVE-2016-7447 [boo#999673]

- CVE-2016-7448 [boo#999673]

- CVE-2016-7449 [boo#999673]

- CVE-2016-7517 [boo#1000693]

- CVE-2016-7519 [boo#1000695]

- CVE-2016-7522 [boo#1000698]

- CVE-2016-7524 [boo#1000700]

- CVE-2016-7531 [boo#1000704]

- CVE-2016-7533 [boo#1000707]

- CVE-2016-7537 [boo#1000711]

- CVE-2016-6823 [boo#1001066]

- CVE-2016-7101 [boo#1001221]

- do not divide by zero in WriteTIFFImage [boo#1002206]

- fix buffer overflow [boo#1002209]

- CVE-2016-7800 [boo#1002422]

- CVE-2016-7996, CVE-2016-7997 [boo#1003629]

Solution

Update the affected GraphicsMagick packages.

See Also

https://bugzilla.opensuse.org/show_bug.cgi?id=1000399

https://bugzilla.opensuse.org/show_bug.cgi?id=1000434

https://bugzilla.opensuse.org/show_bug.cgi?id=1000689

https://bugzilla.opensuse.org/show_bug.cgi?id=1000693

https://bugzilla.opensuse.org/show_bug.cgi?id=1000695

https://bugzilla.opensuse.org/show_bug.cgi?id=1000698

https://bugzilla.opensuse.org/show_bug.cgi?id=1000700

https://bugzilla.opensuse.org/show_bug.cgi?id=1000704

https://bugzilla.opensuse.org/show_bug.cgi?id=1000707

https://bugzilla.opensuse.org/show_bug.cgi?id=1000711

https://bugzilla.opensuse.org/show_bug.cgi?id=1001066

https://bugzilla.opensuse.org/show_bug.cgi?id=1001221

https://bugzilla.opensuse.org/show_bug.cgi?id=1002206

https://bugzilla.opensuse.org/show_bug.cgi?id=1002209

https://bugzilla.opensuse.org/show_bug.cgi?id=1002422

https://bugzilla.opensuse.org/show_bug.cgi?id=1003629

https://bugzilla.opensuse.org/show_bug.cgi?id=1005123

https://bugzilla.opensuse.org/show_bug.cgi?id=1005125

https://bugzilla.opensuse.org/show_bug.cgi?id=1005127

https://bugzilla.opensuse.org/show_bug.cgi?id=999673

Plugin Details

Severity: Critical

ID: 94304

File Name: openSUSE-2016-1229.nasl

Version: 2.9

Type: local

Agent: unix

Published: 10/27/2016

Updated: 1/19/2021

Dependencies: ssh_get_info.nasl

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: High

Base Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Vulnerability Information

CPE: cpe:2.3:o:novell:opensuse:42.1:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:graphicsmagick:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:graphicsmagick-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:graphicsmagick-debugsource:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:graphicsmagick-devel:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libgraphicsmagick-q16-3:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libgraphicsmagick-q16-3-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libgraphicsmagick3-config:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libgraphicsmagickwand-q16-2:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libgraphicsmagickwand-q16-2-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:perl-graphicsmagick:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:perl-graphicsmagick-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libgraphicsmagick\+\+-devel:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libgraphicsmagick\+\+-q16-11:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libgraphicsmagick\+\+-q16-11-debuginfo:*:*:*:*:*:*:*

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Patch Publication Date: 10/26/2016

Reference Information

CVE: CVE-2016-6823, CVE-2016-7101, CVE-2016-7515, CVE-2016-7517, CVE-2016-7519, CVE-2016-7522, CVE-2016-7524, CVE-2016-7528, CVE-2016-7529, CVE-2016-7531, CVE-2016-7533, CVE-2016-7537, CVE-2016-7800, CVE-2016-7996, CVE-2016-7997, CVE-2016-8682, CVE-2016-8683, CVE-2016-8684, CVE-2016-5688, CVE-2016-7446, CVE-2016-7447, CVE-2016-7448, CVE-2016-7449