Alerts This Week
Warning Icon 1 914
Alerts This Week
Warning Icon 1 914

Fedora 27 FEDORA-2017-1136e13b6a Moderate Command Injection Fix

fedora
Calendar Grey September 30, 2017
Dist Fedora Esm H88
Fedora 27 has released a security patch for Horde_Image, addressing vulnerabilities that allowed command injection while also improving the functionalities for image handling.
**Horde_Image 2.5.1** * [mjr] SECURITY: Fix more potential places for command injections.

Summary

An Image utility API, with backends for:

* GD

* GIF

* PNG

* SVG

* SWF

* ImageMagick convert command line tool

* Imagick Extension

Optional dependency: php-pecl-imagick

**Horde_Image 2.5.1** * [mjr] SECURITY: Fix more potential places for command

injections.

su -c 'dnf upgrade php-horde-Horde-Image' at the command line.

For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Topics%20covered

Topics Covered

security advisory moderate Fedora command injection Horde Image

Change Log

References

Update Instructions

Product: Fedora 27
Version: 2.5.2
Release: 1.fc27
URL: http://pear.horde.org
Summary: Horde Image API

Topics%20covered

Topics Covered

security advisory moderate Fedora command injection Horde Image

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here