Hash: SHA512 Package : graphicsmagick Version : 1.3.16-1.1+deb7u7 CVE ID : CVE-2017-9098 Debian Bug : 862967 Chris Evans discovered that graphicsmagick used uninitialized memory in the RLE decoder, allowing an remote attacker to leak sensitive information from process memory space. More information are available at: https://scarybeastsecurity.blogspot.de/2017/05/bleed-continues-18-byte-file-14k-bounty.html For Debian 7 "Wheezy", these problems have been fixed in version 1.3.16-1.1+deb7u7. We recommend that you upgrade your graphicsmagick packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS
Debian LTS: DLA-953-1: graphicsmagick security update
May 26, 2017
Chris Evans discovered that graphicsmagick used uninitialized memory in the RLE decoder, allowing an remote attacker to leak sensitive information from process memory space
Summary
Chris Evans discovered that graphicsmagick used uninitialized memory in the RLE decoder, allowing an remote attacker to leak sensitive information from process memory space. More information are available at: https://scarybeastsecurity.blogspot.de/2017/05/bleed-continues-18-byte-file-14k-bounty.html For Debian 7 "Wheezy", these problems have been fixed in version 1.3.16-1.1+deb7u7. We recommend that you upgrade your graphicsmagick packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS
Hash: SHA512 Version : 1.3.16-1.1+deb7u7
Severity
Package : graphicsmagick
CVE ID : CVE-2017-9098
Debian Bug : 862967
News
HOWTOs
About Us
Powered By
