[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 1227-1] imagemagick security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : imagemagick
Version        : 8:6.7.7.10-5+deb7u19
CVE ID         : CVE-2017-17504 CVE-2017-17682 CVE-2017-17879
                 CVE-2017-17914
Debian Bug     : 885340 885942 885125

Several security vulnerabilities were discovered in ImageMagick, an
image manipulation program, that allow remote attackers to cause a
denial of service (CPU exhaustion via an infinite loop), heap-based
buffer overreads or possibly other unspecified impact via a crafted
image file.

For Debian 7 "Wheezy", these problems have been fixed in version
8:6.7.7.10-5+deb7u19.

We recommend that you upgrade your imagemagick packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAlpKjQJfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7
UeQbTQ/7Bj1vNxM45l4kUHSNkCGId5U7LiFMKWKdlH1Fx7dQw02Ss7GPTHduE6DE
MHvJ1ZUGGKwt/0GkHXUoAgl/nji1nIBoSOlrMxp83a8TvTWjE6sKD6avUioptuFT
+qpWnqtDF3YQQ5KjMWmzTKT/r+5Q6nqTaWAV3WsJY3+fS7nPzht2aR5OhLR2NDDN
M/0mDalNS2Kyenorl3M2juHrMMFRHv2JGKEAbZUDRnjcw4haYrNQKriRS9i9mqEy
x1Ju+yV9Rxf7JgHRb6nuZa868HEHTRqULlav/isOXDiAoGLv7vEvQ0jgkeW0PVr0
bB0q2p5ugw37OtMhvcxjoopWehwH50sCqony1zarUiP5Iyr5lwXC+RZ7E84f/iJK
2LNskZ+7AzbOiNxxuRMku1mU4W/mpY6EhZb2efcBU4TOCcd5mORdlNyz9F2Hhpo0
337XEG8mJBPYeR/WIebdmeVwEBo2Mc4iUqV4zllFhxSX1yHGhzu/zEJi+/WbsSgz
yjixpOZpO0m3mX8VTB68dgwnFf9qcF0qL48HhwlHGAykLVQwghPOrA3bNG/hDm0d
cAo/iAKEfzMEjsXn69qrclWuQqrYSS9gyOqGNVO7xBcj0R4zK+bbJMyuYnOegBG9
3a4/HCkMsICydlaDMESvnnqaOyFyZ0hUNST9/X6Xe3zD7jmVMis=
=2Jhw
-----END PGP SIGNATURE-----


Reply to: