Debian 8: DSA-3863-1 Moderate: Imagemagick Memory Flaws and DoS
debian
May 25, 2017
This update fixes several vulnerabilities in imagemagick: Various memory handling problems and cases of missing or incomplete input sanitising may result in denial of service, memo...
Topics Covered
Summary
This update fixes several vulnerabilities in imagemagick: Various memory
handling problems and cases of missing or incomplete input sanitising
may result in denial of service, memory disclosure or the execution of
arbitrary code if malformed RLE, ART, JNG, DDS, BMP, ICO, EPT, SUN, MTV,
PICT, XWD, PCD, SFW, MAT, EXR, DCM, MNG, PCX or SVG files are processed.
For the stable distribution (jessie), these problems have been fixed in
version 8:6.8.9.9-5+deb8u9.
For the upcoming stable distribution (stretch), these problems have been
fixed in version 8:6.9.7.4+dfsg-8.
For the unstable distribution (sid), these problems have been fixed in
version 8:6.9.7.4+dfsg-8.
We recommend that you upgrade your imagemagick packages.
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Package: imagemagick
CVE ID: CVE-2017-7606 CVE-2017-7619 CVE-2017-7941 CVE-2017-7943
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!