Debian Security Advisory
DLA-353-1 imagemagick -- LTS security update
- Date Reported:
- 27 Nov 2015
- Affected Packages:
- Security database references:
- In the Debian bugtracking system: Bug 806441.
- More information:
Submitting specially crafted icons (.ico) or .pict images to ImageMagick can trigger integer overflows that can lead to buffer overflows and memory allocations issues. Depending on the case, this can lead to a denial of service or possibly worse.
For Debian 6 Squeeze, those issues have been fixed in imagemagick 8:18.104.22.168-3+squeeze7. We recommend that you upgrade your packages.