Alerts This Week
Warning Icon 1 916
Alerts This Week
Warning Icon 1 916

Fedora 37: 2023-8dd1a1a2e6 Critical: Rubygem-Rmagick Memory Leak

fedora
Calendar Grey November 9, 2023
Dist Fedora Esm H88
Python package Pillow has been revised to address significant memory allocation concerns. Safeguard your environments with this vital update to ensure stability.
A security flaw was found on rubygem-rmagick that Magick::Draw causes memleak

Summary

RMagick is an interface between Ruby and ImageMagick.

Update Information:

A security flaw was found on rubygem-rmagick that Magick::Draw causes memleak. This issue is assigned as CVE-2023-5349. This new rpm fixes this issue.

Topics%20covered

Topics Covered

security advisory update critical Fedora software fix memory leak rubygem-rmagick

Change Log

* Tue Oct 31 2023 Mamoru TASAKA - 5.2.0-2 - Backport upstream patch for Magick::Draw memleak (CVE-2023-5349)

References


[ 1 ] Bug #2247065 - CVE-2023-5349 rubygem-rmagick: Memory leak by Magick::Draw while calling GetDrawInfo() [fedora-37] https://bugzilla.redhat.com/show_bug.cgi?id=2247065

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-8dd1a1a2e6' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html

Severity
critical
Lowest
Low
Medium
High
Critical

Name: rubygem-rmagick
Product: Fedora 37
Version: 5.2.0
Release: 2.fc37
URL: https://github.com/rmagick/rmagick
Summary: Ruby binding to ImageMagick

Topics%20covered

Topics Covered

security advisory update critical Fedora software fix memory leak rubygem-rmagick

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here