[SECURITY] [DLA 90-1] imagemagick security update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 90-1] imagemagick security update
From: Thorsten Alteholz <debian@alteholz.de>
Date: Sat, 22 Nov 2014 22:56:15 +0100 (CET)
Message-id: <[🔎] alpine.DEB.2.02.1411222252270.6384@jupiter.server.alteholz.net>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : imagemagick
Version        : 8:6.6.0.4-3+squeeze5
CVE ID         : CVE-2014-8716
Debian Bug     : 768494

Some special crafted JPEG file could lead to dos due to missing check in
embeded EXIF properties (EXIF directory offsets must be greater than 0).

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQJ8BAEBCgBmBQJUcQZ/XxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ2MjAxRkJGRkRCQkRFMDc4MjJFQUJCOTY5
NkZDQUMwRDM4N0I1ODQ3AAoJEJb8rA04e1hH++cQAJCjYK6LUBTAH8sTsL1v+1/l
RrTUyT15tP10ngr3YCkX8aa/4cYtsoRHSAe6pSuYOSmzrwQzenL+aE51YbGgrGAK
cL5MHTTzHK4u1qlaCI/ECABIrBKBGT7gf1NF6PF74+HSb4SasXJlmkgyXJPE93WG
uklQ620nht1GmW8CxqLk9XmyuMy5wP0vYKhV2qMryHo0rq7/kKzltGgSFI63tCFT
5M5EBi4CeGLZvpeF8Bj0rawIfUaTgbf20H+yrO+FYgWwP98BsTlvibFhB+GsEZQi
FwHxj9HjbgYaxTPM3+xm8liN0ZSE0Se+gT+Ebt3SEXQX52oV1SqqYaRkXFWXioCt
Ia7YsaptjuJzo9uvJbwA7hRansHn+4ERD/R9scSGWG1xtY5yudxT4sN+LXu5loHu
U7+va48ogh+nrDe2RAqKH+qodznLusUNh897e321VsLCJxJUYj6EbcB9oePC04vh
zWsumUf9HPDrfrBinhcO5tNjfolrYODzmYfR8Va05aIW5p1bAkJpSqXDTnl8b75t
lp7qox0TbaPftxShyDjzyVtTJAQWeOzqaWQQiESZX42Qy67W4FT+Io+kPq9vc3w2
FR4CupvdPRW9o8kghaIkaMVFBug16a5P92IAJO+IqVhjIhvJq/A1ek//8dcygPKG
0Vj+wHS72P/SrslsCQph
=+X0i
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 89-1] nss security update
Next by Date: [SECURITY] [DLA 91-1] tomcat6 security update
Previous by thread: [SECURITY] [DLA 89-1] nss security update
Next by thread: [SECURITY] [DLA 91-1] tomcat6 security update
Index(es):
- Date
- Thread