Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 433
Alerts This Week
Warning Icon 1 433

Ubuntu 16.04 ESM USN-5534-1 High: ImageMagick DoS Threats

ubuntu
Calendar Grey July 26, 2022
Dist Ubuntu Esm H88
Uncover vulnerabilities addressed in ImageMagick via Ubuntu Security Notice USN-5534-1, impacting particular versions.
Several security issues were fixed in ImageMagick.

Summary

Several security issues were fixed in ImageMagick.

Software Description:

- imagemagick: Image manipulation programs and library

Details:

It was discovered that ImageMagick incorrectly handled certain values.

If a user were tricked into processing a specially crafted image file,

an attacker could possibly exploit this issue to cause a denial of

service or other unspecified impact. (CVE-2022-32545, CVE-2022-32546)

It was discovered that ImageMagick incorrectly handled memory under

certain circumstances. If a user were tricked into processing a

specially crafted image file, an attacker could possibly exploit this

issue to cause a denial of service or other unspecified impact.

(CVE-2022-32547)

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.04 ESM:
   imagemagick                           8:6.8.9.9-7ubuntu5.16+esm4
   imagemagick-6.q16                 8:6.8.9.9-7ubuntu5.16+esm4
   libimage-magick-q16-perl        8:6.8.9.9-7ubuntu5.16+esm4
   libmagick++-6.q16-5v5            8:6.8.9.9-7ubuntu5.16+esm4
   libmagickcore-6-headers         8:6.8.9.9-7ubuntu5.16+esm4
   libmagickcore-6.q16-2             8:6.8.9.9-7ubuntu5.16+esm4
   libmagickcore-6.q16-2-extra    8:6.8.9.9-7ubuntu5.16+esm4
   libmagickwand-6.q16-2           8:6.8.9.9-7ubuntu5.16+esm4

In general, a standard system update will make all the necessary changes.

References

CVE-2022-32545, CVE-2022-32546, CVE-2022-32547

July 26, 2022

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.