SuSE Local Security Checks : openSUSE: Security Advisory for ImageMagick (openSUSE-SU-2021:0377-1)

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

Test ID: 1.3.6.1.4.1.25623.1.0.853747

Category: SuSE Local Security Checks

Title: openSUSE: Security Advisory for ImageMagick (openSUSE-SU-2021:0377-1)

Summary: The remote host is missing an update for the 'ImageMagick'; package(s) announced via the openSUSE-SU-2021:0377-1 advisory.

Description: Summary:
The remote host is missing an update for the 'ImageMagick'
package(s) announced via the openSUSE-SU-2021:0377-1 advisory.

Vulnerability Insight:
This update for ImageMagick fixes the following issues:

- CVE-2021-20241 [bsc#1182335]: Division by zero in WriteJP2Image() in
coders/jp2.c

- CVE-2021-20243 [bsc#1182336]: Division by zero in GetResizeFilterWeight
in MagickCore/resize.c

- CVE-2021-20244 [bsc#1182325]: Division by zero in ImplodeImage in
MagickCore/visual-effects.c

- CVE-2021-20246 [bsc#1182337]: Division by zero in ScaleResampleFilter in
MagickCore/resample.c

This update was imported from the SUSE:SLE-15-SP2:Update update project.

Affected Software/OS:
'ImageMagick' package(s) on openSUSE Leap 15.2.

Solution:
Please install the updated package(s).

CVSS Score:
7.1

CVSS Vector:
AV:N/AC:M/Au:N/C:N/I:N/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2021-20241
https://bugzilla.redhat.com/show_bug.cgi?id=1928952
https://github.com/ImageMagick/ImageMagick/pull/3177
https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html
https://lists.debian.org/debian-lts-announce/2023/05/msg00020.html
Common Vulnerability Exposure (CVE) ID: CVE-2021-20243
https://bugzilla.redhat.com/show_bug.cgi?id=1928958
https://github.com/ImageMagick/ImageMagick/pull/3193
https://lists.debian.org/debian-lts-announce/2021/06/msg00000.html
Common Vulnerability Exposure (CVE) ID: CVE-2021-20244
https://bugzilla.redhat.com/show_bug.cgi?id=1928959
https://github.com/ImageMagick/ImageMagick/pull/3194
Common Vulnerability Exposure (CVE) ID: CVE-2021-20246
https://bugzilla.redhat.com/show_bug.cgi?id=1928941

Copyright Copyright (C) 2021 Greenbone Networks GmbH

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

Test ID:	1.3.6.1.4.1.25623.1.0.853747
Category:	SuSE Local Security Checks
Title:	openSUSE: Security Advisory for ImageMagick (openSUSE-SU-2021:0377-1)
Summary:	The remote host is missing an update for the 'ImageMagick'; package(s) announced via the openSUSE-SU-2021:0377-1 advisory.
Description:	Summary: The remote host is missing an update for the 'ImageMagick' package(s) announced via the openSUSE-SU-2021:0377-1 advisory. Vulnerability Insight: This update for ImageMagick fixes the following issues: - CVE-2021-20241 [bsc#1182335]: Division by zero in WriteJP2Image() in coders/jp2.c - CVE-2021-20243 [bsc#1182336]: Division by zero in GetResizeFilterWeight in MagickCore/resize.c - CVE-2021-20244 [bsc#1182325]: Division by zero in ImplodeImage in MagickCore/visual-effects.c - CVE-2021-20246 [bsc#1182337]: Division by zero in ScaleResampleFilter in MagickCore/resample.c This update was imported from the SUSE:SLE-15-SP2:Update update project. Affected Software/OS: 'ImageMagick' package(s) on openSUSE Leap 15.2. Solution: Please install the updated package(s). CVSS Score: 7.1 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2021-20241 https://bugzilla.redhat.com/show_bug.cgi?id=1928952 https://github.com/ImageMagick/ImageMagick/pull/3177 https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html https://lists.debian.org/debian-lts-announce/2023/05/msg00020.html Common Vulnerability Exposure (CVE) ID: CVE-2021-20243 https://bugzilla.redhat.com/show_bug.cgi?id=1928958 https://github.com/ImageMagick/ImageMagick/pull/3193 https://lists.debian.org/debian-lts-announce/2021/06/msg00000.html Common Vulnerability Exposure (CVE) ID: CVE-2021-20244 https://bugzilla.redhat.com/show_bug.cgi?id=1928959 https://github.com/ImageMagick/ImageMagick/pull/3194 Common Vulnerability Exposure (CVE) ID: CVE-2021-20246 https://bugzilla.redhat.com/show_bug.cgi?id=1928941
Copyright	Copyright (C) 2021 Greenbone Networks GmbH