[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 1131-1] imagemagick security update



Package        : imagemagick
Version        : 8:6.7.7.10-5+deb7u17
CVE ID         : CVE-2017-12691 CVE-2017-12692 CVE-2017-12693 CVE-2017-12875 
                 CVE-2017-13758 CVE-2017-13768 CVE-2017-13769 CVE-2017-14060 
                 CVE-2017-14172 CVE-2017-14173 CVE-2017-14174 CVE-2017-14175 
                 CVE-2017-14224 CVE-2017-14249 CVE-2017-14341 CVE-2017-14400 
                 CVE-2017-14505 CVE-2017-14607 CVE-2017-14682 CVE-2017-14739 
                 CVE-2017-14741 CVE-2017-14989 CVE-2017-15016 CVE-2017-15017
Debian Bug     : 873871 875338 875339 875341 875352 875502 875503 875504
                 875506 876097 876099 876105 876488


This updates fixes numerous vulnerabilities in imagemagick: Various
memory handling problems and cases of missing or incomplete input
sanitising may result in denial of service, memory disclosure, or the
execution of arbitrary code if malformed XCF, VIFF, BMP, thumbnail, CUT,
PSD, TXT, XBM, PCX, MPC, WPG, TIFF, SVG, font, EMF, PNG, or other types
of files are processed.

For Debian 7 "Wheezy", these problems have been fixed in version
8:6.7.7.10-5+deb7u17.

We recommend that you upgrade your imagemagick packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

Attachment: signature.asc
Description: Digital signature


Reply to: