SUSE-SU-2025:02511-1
- Source
- https://www.suse.com/support/update/announcement/2025/suse-su-202502511-1/
- Import Source
- https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2025:02511-1.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/SUSE-SU-2025:02511-1
- Upstream
- Related
- Published
- 2025-07-24T09:10:14Z
- Modified
- 2025-07-25T20:48:08.511819Z
- Summary
- Security update for ImageMagick
- Details
-
This update for ImageMagick fixes the following issues:
- CVE-2025-53014: Fixed an off-by-one error may cause an out-of-bounds memory access (bsc#1246530)
- CVE-2025-53015: Fixed specific XMP file conversion may cause an infinite loop (bsc#1246531)
- CVE-2025-53019: Fixed format specifiers in a filename template may cause a memory leak (bsc#1246534)
- CVE-2025-53101: Fixed input manipulation may lead to an out-of-bound write (bsc#1246529)
Changed policies:
* allow ImageMagick to read it's own files again (bsc#1246065) - References
-
- https://www.suse.com/support/update/announcement/2025/suse-su-202502511-1/
- https://bugzilla.suse.com/1246065
- https://bugzilla.suse.com/1246529
- https://bugzilla.suse.com/1246530
- https://bugzilla.suse.com/1246531
- https://bugzilla.suse.com/1246534
- https://www.suse.com/security/cve/CVE-2025-53014
- https://www.suse.com/security/cve/CVE-2025-53015
- https://www.suse.com/security/cve/CVE-2025-53019
- https://www.suse.com/security/cve/CVE-2025-53101
Affected packages
SUSE:Linux Enterprise Module for Desktop Applications 15 SP6 / ImageMagick
Package
- Name
- ImageMagick
- Purl
- pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP6
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed7.1.1.21-150600.3.13.1
Ecosystem specific
{
"binaries": [
{
"libMagickCore-7_Q16HDRI10": "7.1.1.21-150600.3.13.1",
"ImageMagick-config-7-upstream-open": "7.1.1.21-150600.3.13.1",
"libMagickWand-7_Q16HDRI10": "7.1.1.21-150600.3.13.1",
"ImageMagick-config-7-SUSE": "7.1.1.21-150600.3.13.1",
"ImageMagick-devel": "7.1.1.21-150600.3.13.1",
"ImageMagick-config-7-upstream-secure": "7.1.1.21-150600.3.13.1",
"ImageMagick-config-7-upstream-websafe": "7.1.1.21-150600.3.13.1",
"libMagick++-7_Q16HDRI5": "7.1.1.21-150600.3.13.1",
"ImageMagick": "7.1.1.21-150600.3.13.1",
"ImageMagick-config-7-upstream-limited": "7.1.1.21-150600.3.13.1",
"libMagick++-devel": "7.1.1.21-150600.3.13.1"
}
]
}
SUSE:Linux Enterprise Module for Development Tools 15 SP6 / ImageMagick
Package
- Name
- ImageMagick
- Purl
- pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP6
openSUSE:Leap 15.6 / ImageMagick
Package
- Name
- ImageMagick
- Purl
- pkg:rpm/opensuse/ImageMagick&distro=openSUSE%20Leap%2015.6
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed7.1.1.21-150600.3.13.1
Ecosystem specific
{
"binaries": [
{
"libMagickWand-7_Q16HDRI10": "7.1.1.21-150600.3.13.1",
"ImageMagick-config-7-SUSE": "7.1.1.21-150600.3.13.1",
"libMagickWand-7_Q16HDRI10-32bit": "7.1.1.21-150600.3.13.1",
"ImageMagick-config-7-upstream-secure": "7.1.1.21-150600.3.13.1",
"ImageMagick-extra": "7.1.1.21-150600.3.13.1",
"libMagickCore-7_Q16HDRI10-32bit": "7.1.1.21-150600.3.13.1",
"ImageMagick-config-7-upstream-limited": "7.1.1.21-150600.3.13.1",
"libMagick++-7_Q16HDRI5-32bit": "7.1.1.21-150600.3.13.1",
"libMagick++-devel": "7.1.1.21-150600.3.13.1",
"libMagick++-devel-32bit": "7.1.1.21-150600.3.13.1",
"ImageMagick-config-7-upstream-open": "7.1.1.21-150600.3.13.1",
"libMagickCore-7_Q16HDRI10": "7.1.1.21-150600.3.13.1",
"ImageMagick-doc": "7.1.1.21-150600.3.13.1",
"ImageMagick-devel": "7.1.1.21-150600.3.13.1",
"ImageMagick-config-7-upstream-websafe": "7.1.1.21-150600.3.13.1",
"ImageMagick-devel-32bit": "7.1.1.21-150600.3.13.1",
"libMagick++-7_Q16HDRI5": "7.1.1.21-150600.3.13.1",
"ImageMagick": "7.1.1.21-150600.3.13.1",
"perl-PerlMagick": "7.1.1.21-150600.3.13.1"
}
]
}