Debian Security Advisory
DLA-90-1 imagemagick -- LTS security update
- Date Reported:
- 22 Nov 2014
- Affected Packages:
- imagemagick
- Vulnerable:
- Yes
- Security database references:
- In the Debian bugtracking system: Bug 768494.
In Mitre's CVE dictionary: CVE-2014-8716. - More information:
-
Some special crafted JPEG file could lead to dos due to missing check in embeded EXIF properties (EXIF directory offsets must be greater than 0).
For Debian 6
Squeeze
, these issues have been fixed in imagemagick version 8:6.6.0.4-3+squeeze5