openSUSE-SU-2020:0014-1

See a problem?
Import Source
https://ftp.suse.com/pub/projects/security/osv/openSUSE-SU-2020:0014-1.json
JSON Data
https://api.test.osv.dev/v1/vulns/openSUSE-SU-2020:0014-1
Related
Published
2020-01-13T15:17:00Z
Modified
2020-01-13T15:17:00Z
Summary
Security update for php7-imagick
Details

This update for php7-imagick fixes the following issues:

Upgrade to version 3.4.4:

Added:

  • function Imagick::optimizeImageTransparency()
  • METRICSTRUCTURALSIMILARITY_ERROR
  • METRICSTRUCTURALDISSIMILARITY_ERROR
  • COMPRESSION_ZSTD - https://github.com/facebook/zstd
  • COMPRESSION_WEBP
  • CHANNELCOMPOSITEMASK
  • FILTERCUBICSPLINE - 'Define the lobes with the -define filter:lobes={2,3,4} (reference https://imagemagick.org/discourse-server/viewtopic.php?f=2&t=32506).'
  • Imagick now explicitly conflicts with the Gmagick extension.

Fixes:

  • Correct version check to make RemoveAlphaChannel and FlattenAlphaChannel be available when using Imagick with ImageMagick version 6.7.8-x
  • Bug 77128 - Imagick::setImageInterpolateMethod() not available on Windows
  • Prevent memory leak when ImagickPixel::__construct called after object instantiation.
  • Prevent segfault when ImagickPixel internal constructor not called.
  • Imagick::setResourceLimit support for values larger than 2GB (2^31) on 32bit platforms.
  • Corrected memory overwrite in Imagick::colorDecisionListImage()
  • Bug 77791 - ImagickKernel::fromMatrix() out of bounds write. Fixes CVE-2019-11037, boo#1135418

The following functions have been deprecated:

  • ImagickDraw, matte
  • Imagick::averageimages
  • Imagick::colorfloodfillimage
  • Imagick::filter
  • Imagick::flattenimages
  • Imagick::getimageattribute
  • Imagick::getimagechannelextrema
  • Imagick::getimageclipmask
  • Imagick::getimageextrema
  • Imagick::getimageindex
  • Imagick::getimagematte
  • Imagick::getimagemattecolor
  • Imagick::getimagesize
  • Imagick::mapimage
  • Imagick::mattefloodfillimage
  • Imagick::medianfilterimage
  • Imagick::mosaicimages
  • Imagick::orderedposterizeimage
  • Imagick::paintfloodfillimage
  • Imagick::paintopaqueimage
  • Imagick::painttransparentimage
  • Imagick::radialblurimage
  • Imagick::recolorimage
  • Imagick::reducenoiseimage
  • Imagick::roundcornersimage
  • Imagick::roundcorners
  • Imagick::setimageattribute
  • Imagick::setimagebias
  • Imagick::setimageclipmask
  • Imagick::setimageindex
  • Imagick::setimagemattecolor
  • Imagick::setimagebiasquantum
  • Imagick::setimageopacity
  • Imagick::transformimage
References

Affected packages

SUSE:Package Hub 12 / php7-imagick

Package

Name
php7-imagick
Purl
pkg:rpm/suse/php7-imagick&distro=SUSE%20Package%20Hub%2012

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.4.4-bp151.2.3.1

Ecosystem specific 

{
    "binaries": [
        {
            "php7-imagick": "3.4.4-bp151.2.3.1"
        }
    ]
}

SUSE:Package Hub 15 SP1 / php7-imagick

Package

Name
php7-imagick
Purl
pkg:rpm/suse/php7-imagick&distro=SUSE%20Package%20Hub%2015%20SP1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.4.4-bp151.2.3.1

Ecosystem specific 

{
    "binaries": [
        {
            "php7-imagick": "3.4.4-bp151.2.3.1"
        }
    ]
}

openSUSE:Leap 15.1 / php7-imagick

Package

Name
php7-imagick
Purl
pkg:rpm/opensuse/php7-imagick&distro=openSUSE%20Leap%2015.1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.4.4-bp151.2.3.1

Ecosystem specific 

{
    "binaries": [
        {
            "php7-imagick": "3.4.4-bp151.2.3.1"
        }
    ]
}