[SECURITY] [DLA 1231-1] graphicsmagick security update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 1231-1] graphicsmagick security update
From: Markus Koschany <apo@debian.org>
Date: Mon, 8 Jan 2018 14:31:31 +0100
Message-id: <[🔎] 5fddd0c5-1940-e076-dae5-875cb14d9089@debian.org>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : graphicsmagick
Version        : 1.3.16-1.1+deb7u16
CVE ID         : CVE-2017-17498 CVE-2017-17500 CVE-2017-17501
                 CVE-2017-17502 CVE-2017-17503 CVE-2017-17782
                 CVE-2017-17912 CVE-2017-17915
Debian Bug     : 884905

The NSFocus Security Team discovered multiple security issues in
Graphicsmagick, a collection of image processing tools. Several
heap-based buffer over-reads may lead to a denial-of-service
(application crash) or possibly have other unspecified impact when
processing a crafted file.

For Debian 7 "Wheezy", these problems have been fixed in version
1.3.16-1.1+deb7u16.

We recommend that you upgrade your graphicsmagick packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAlpTcrJfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7
UeTmThAAqvZL7E4WMdgaxF8EZqRNkCDKWiBu1oDFNihzxOc0bZQRF7f0MLUmpyl7
L9YnpQD9BqlpriiwMxPDvYjkAxVUcAfpj25d7/2HrfhCPgSWyUX0gI+CtPiptamP
TEL4c0DhWm+tIz1kwmaCw08jIcF63cyrvpaUGpgJALED6kjRpPc9IOBwk0z7OQJu
O7B3W++v5dsMuerut/0Mz/bRUx/tZKThQIZAXqZkdi+qKeSQu4DJFWP7H2rXWeF6
L+jGr0PUhrN1URbUszQg7tmPf9s7D+7mzZIvqxuwNGKmCSZcOn9DAGZV2O+iy3lX
vQQL/X7i1yGNv0PCK1QKRh4IyKVHHwfcj16pNGnb59DwSbIT6K3fRB8XewoeBsfu
rIvShtfKFKTeK49ytGA2pFUQ9ddfI5+CES+VPfF1nPLMO/mWduoI3by9z04mx0Cg
MMVp5kRTKdmu5S7cDpgkMVEfwh/FWmxIhtZgLmzYrH6IeIOTisJ5eZF5OQOFN6Bs
/UBCoEN+htOszxHSJwb7thh34a8p+BBDfSKueMyW3S2DmNv+C0jWgAliJhm/QgJN
w2kKP5MqJ6P3QJ6PZEc37AaybFmAN/IsVWa8jAkTzGbIh8Br298IO4Vhu5FV1VQc
n/oyugOJQn579nAo83SbE5XBaqY/N2BZanxhrTSQwew6sVXcUfE=
=I9tN
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 1232-1] linux security update
Next by Date: [SECURITY] [DLA 1233-1] gifsicle security update
Previous by thread: [SECURITY] [DLA 1232-1] linux security update
Next by thread: [SECURITY] [DLA 1233-1] gifsicle security update
Index(es):
- Date
- Thread