Security Information / 2018 / Security Information -- DSA-4204-1 imagemagick

Debian Security Advisory

DSA-4204-1 imagemagick -- security update

Date Reported:

18 May 2018

Affected Packages:

imagemagick

Vulnerable:

Yes

Security database references:

In the Debian bugtracking system: Bug 867748, Bug 869827, Bug 869834, Bug 870012, Bug 870065, Bug 885125, Bug 885340, Bug 886588.
In Mitre's CVE dictionary: CVE-2017-10995, CVE-2017-11533, CVE-2017-11535, CVE-2017-11639, CVE-2017-13143, CVE-2017-17504, CVE-2017-17879, CVE-2018-5248.

More information:

This update fixes several vulnerabilities in imagemagick, a graphical software suite. Various memory handling problems or issues about incomplete input sanitizing would result in denial of service or memory disclosure.

For the oldstable distribution (jessie), these problems have been fixed in version 8:6.8.9.9-5+deb8u12.

We recommend that you upgrade your imagemagick packages.

For the detailed security status of imagemagick please refer to its security tracker page at: https://security-tracker.debian.org/tracker/imagemagick