{"affected":[{"ecosystem_specific":{"binaries":[{"ImageMagick":"6.4.3.6-7.37.1","ImageMagick-devel":"6.4.3.6-7.37.1","libMagick++-devel":"6.4.3.6-7.37.1","libMagick++1":"6.4.3.6-7.37.1","libMagickWand1":"6.4.3.6-7.37.1","libMagickWand1-32bit":"6.4.3.6-7.37.1","perl-PerlMagick":"6.4.3.6-7.37.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Software Development Kit 11 SP4","name":"ImageMagick","purl":"pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2011%20SP4"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"6.4.3.6-7.37.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libMagickCore1":"6.4.3.6-7.37.1","libMagickCore1-32bit":"6.4.3.6-7.37.1"}]},"package":{"ecosystem":"SUSE:OpenStack Cloud 5","name":"ImageMagick","purl":"pkg:rpm/suse/ImageMagick&distro=SUSE%20OpenStack%20Cloud%205"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"6.4.3.6-7.37.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libMagickCore1":"6.4.3.6-7.37.1","libMagickCore1-32bit":"6.4.3.6-7.37.1"}]},"package":{"ecosystem":"SUSE:Manager 2.1","name":"ImageMagick","purl":"pkg:rpm/suse/ImageMagick&distro=SUSE%20Manager%202.1"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"6.4.3.6-7.37.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libMagickCore1":"6.4.3.6-7.37.1","libMagickCore1-32bit":"6.4.3.6-7.37.1"}]},"package":{"ecosystem":"SUSE:Manager Proxy 2.1","name":"ImageMagick","purl":"pkg:rpm/suse/ImageMagick&distro=SUSE%20Manager%20Proxy%202.1"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"6.4.3.6-7.37.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libMagickCore1":"6.4.3.6-7.37.1","libMagickCore1-32bit":"6.4.3.6-7.37.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 11 SP2-LTSS","name":"ImageMagick","purl":"pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP2-LTSS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"6.4.3.6-7.37.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libMagickCore1":"6.4.3.6-7.37.1","libMagickCore1-32bit":"6.4.3.6-7.37.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 11 SP3-LTSS","name":"ImageMagick","purl":"pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-LTSS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"6.4.3.6-7.37.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libMagickCore1":"6.4.3.6-7.37.1","libMagickCore1-32bit":"6.4.3.6-7.37.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 11 SP3-TERADATA","name":"ImageMagick","purl":"pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-TERADATA"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"6.4.3.6-7.37.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libMagickCore1":"6.4.3.6-7.37.1","libMagickCore1-32bit":"6.4.3.6-7.37.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 11 SP4","name":"ImageMagick","purl":"pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"6.4.3.6-7.37.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libMagickCore1":"6.4.3.6-7.37.1","libMagickCore1-32bit":"6.4.3.6-7.37.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 11 SP4","name":"ImageMagick","purl":"pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"6.4.3.6-7.37.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for ImageMagick fixes the following issues:\n\n- bsc#978061: A vulnerability in ImageMagick's 'https' module allowed users to\nexecute arbitrary shell commands on the host performing the image conversion.\nThe issue had the potential for remote command injection. This update mitigates\nthe vulnerability by disabling all access to the 'https' module in the\n'delegates.xml' config file. (CVE-2016-3714)\n","id":"SUSE-SU-2016:1301-1","modified":"2016-05-13T14:27:21Z","published":"2016-05-13T14:27:21Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2016/suse-su-20161301-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/978061"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2016-3714"}],"related":["CVE-2016-3714"],"summary":"Security update for ImageMagick","upstream":["CVE-2016-3714"]}