Fedora 26: php-horde-Horde-Image Security Update 2017-28387b61fd
Summary
An Image utility API, with backends for:
* GD
* GIF
* PNG
* SVG
* SWF
* ImageMagick convert command line tool
* Imagick Extension
Optional dependency: php-pecl-imagick
**Horde_Image 2.5.1** * [mjr] SECURITY: Fix more potential places for command
injections. ---- **Horde_Image 2.5.0** * [mjr] **SECURITY**: Prevent DOS
attack by preventing an infinite loop in certain conditions (CVE-2017-9773,
reported by Fariskhi Vidyan). * [mjr] **SECURITY**: Prevent RCE attacks by
properly sanitizing shell arguments (CVE-2017-9774, reported by Fariskhi
Vidyan). * [jan] Add blur effect.
su -c 'dnf upgrade php-horde-Horde-Image' at the command line.
For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
FEDORA-2017-28387b61fd 2017-07-11 18:55:55.742301 Product : Fedora 26 Version : 2.5.1 Release : 1.fc26 URL : http://pear.horde.org Summary : Horde Image API Description : An Image utility API, with backends for: * GD * GIF * PNG * SVG * SWF * ImageMagick convert command line tool * Imagick Extension Optional dependency: php-pecl-imagick **Horde_Image 2.5.1** * [mjr] SECURITY: Fix more potential places for command injections. ---- **Horde_Image 2.5.0** * [mjr] **SECURITY**: Prevent DOS attack by preventing an infinite loop in certain conditions (CVE-2017-9773, reported by Fariskhi Vidyan). * [mjr] **SECURITY**: Prevent RCE attacks by properly sanitizing shell arguments (CVE-2017-9774, reported by Fariskhi Vidyan). * [jan] Add blur effect. su -c 'dnf upgrade php-horde-Horde-Image' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Change Log
References