--------------------------------------------------------------------------------Fedora Update Notification
FEDORA-2017-28387b61fd
2017-07-11 18:55:55.742301
--------------------------------------------------------------------------------Name        : php-horde-Horde-Image
Product     : Fedora 26
Version     : 2.5.1
Release     : 1.fc26
URL         : http://pear.horde.org
Summary     : Horde Image API
Description :
An Image utility API, with backends for:
* GD
* GIF
* PNG
* SVG
* SWF
* ImageMagick convert command line tool
* Imagick Extension

Optional dependency: php-pecl-imagick

--------------------------------------------------------------------------------Update Information:

**Horde_Image 2.5.1**  * [mjr] SECURITY: Fix more potential places for command
injections.   ----  **Horde_Image 2.5.0**  * [mjr] **SECURITY**: Prevent DOS
attack by preventing an infinite loop in certain conditions (CVE-2017-9773,
reported by Fariskhi Vidyan). * [mjr] **SECURITY**: Prevent RCE attacks by
properly sanitizing shell arguments (CVE-2017-9774, reported by Fariskhi
Vidyan). * [jan] Add blur effect.
--------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade php-horde-Horde-Image' at the command line.
For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora 26: php-horde-Horde-Image Security Update 2017-28387b61fd

July 11, 2017
**Horde_Image 2.5.1** * [mjr] SECURITY: Fix more potential places for command injections

Summary

An Image utility API, with backends for:

* GD

* GIF

* PNG

* SVG

* SWF

* ImageMagick convert command line tool

* Imagick Extension

Optional dependency: php-pecl-imagick

**Horde_Image 2.5.1** * [mjr] SECURITY: Fix more potential places for command

injections. ---- **Horde_Image 2.5.0** * [mjr] **SECURITY**: Prevent DOS

attack by preventing an infinite loop in certain conditions (CVE-2017-9773,

reported by Fariskhi Vidyan). * [mjr] **SECURITY**: Prevent RCE attacks by

properly sanitizing shell arguments (CVE-2017-9774, reported by Fariskhi

Vidyan). * [jan] Add blur effect.

su -c 'dnf upgrade php-horde-Horde-Image' at the command line.

For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

FEDORA-2017-28387b61fd 2017-07-11 18:55:55.742301 Product : Fedora 26 Version : 2.5.1 Release : 1.fc26 URL : http://pear.horde.org Summary : Horde Image API Description : An Image utility API, with backends for: * GD * GIF * PNG * SVG * SWF * ImageMagick convert command line tool * Imagick Extension Optional dependency: php-pecl-imagick **Horde_Image 2.5.1** * [mjr] SECURITY: Fix more potential places for command injections. ---- **Horde_Image 2.5.0** * [mjr] **SECURITY**: Prevent DOS attack by preventing an infinite loop in certain conditions (CVE-2017-9773, reported by Fariskhi Vidyan). * [mjr] **SECURITY**: Prevent RCE attacks by properly sanitizing shell arguments (CVE-2017-9774, reported by Fariskhi Vidyan). * [jan] Add blur effect. su -c 'dnf upgrade php-horde-Horde-Image' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Change Log

References

Update Instructions

Severity
Product : Fedora 26
Version : 2.5.1
Release : 1.fc26
URL : http://pear.horde.org
Summary : Horde Image API

Related News

4.Lock AbstractDigital Esm H320
1 - 2 min read
Nmap 7.95 introduces myriad enhancements, primarily focusing on OS and service detection signatures. This reflects the dedication of the Nmap
5.ShakingHands Esm H320
3 - 5 min read
There has been a promising shift in the tech industry, with major companies pledging to release products with built-in security features. This
18.WifiCutout Landscape Esm H320
2 - 3 min read
A novel attack called TunnelVision has been discovered. It compromises the security of virtually all VPN apps, rendering their purpose useless. The
21.Globe RadiatingCode Esm H320
2 - 3 min read
The recent discovery of a backdoor in XZ Utils , a widely used Linux tool, raises concerns about the security of the open-source ecosystem. While
13.Lock StylizedMotherboard Esm H320
1 - 2 min read
Spiral Linux is a Debian-based distribution that offers a range of desktop environments, making it stand out from other Linux distributions. In
32.Lock Code Circular Esm H320
2 - 3 min read
Two critical security vulnerabilities were found in pgAdmin, the open-source administration tool for PostgreSQL . The vulnerabilities assigned
1.Penguin Landscape Esm H320
2 - 3 min read
The recent release of AlmaLinux 9.4 , closely aligned with Red Hat Enterprise Linux (RHEL) 9.4 , presents Linux admins and infosec professionals
11.Locks IsometricPattern Esm H320
2 - 3 min read
The upcoming release of Linux Mint 22 will introduce significant changes, particularly in handling XApp , GNOME applications, and the Software

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved