Ubuntu 5855-1: ImageMagick vulnerabilities | LinuxSecurity.com

What Are You Looking For?

Popular Tags

Contribute
==========================================================================
Ubuntu Security Notice USN-5855-1
February 09, 2023

imagemagick vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 18.04 LTS

Summary:

Several security issues were fixed in ImageMagick.

Software Description:
- imagemagick: Image manipulation programs and library

Details:

It was discovered that ImageMagick incorrectly handled certain PNG images.
If a user or automated system were tricked into opening a specially crafted
PNG file, an attacker could use this issue to cause ImageMagick to stop
responding, resulting in a denial of service, or possibly obtain the
contents of arbitrary files by including them into images.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 18.04 LTS:
   imagemagick                     8:6.9.7.4+dfsg-16ubuntu6.15
   imagemagick-6.q16               8:6.9.7.4+dfsg-16ubuntu6.15
   libmagick++-6.q16-7             8:6.9.7.4+dfsg-16ubuntu6.15
   libmagickcore-6.q16-3           8:6.9.7.4+dfsg-16ubuntu6.15
   libmagickcore-6.q16-3-extra     8:6.9.7.4+dfsg-16ubuntu6.15

In general, a standard system update will make all the necessary changes.

References:
   https://ubuntu.com/security/notices/USN-5855-1
   CVE-2022-44267, CVE-2022-44268

Package Information:
   https://launchpad.net/ubuntu/+source/imagemagick/8:6.9.7.4+dfsg-16ubuntu6.15

Ubuntu 5855-1: ImageMagick vulnerabilities

February 9, 2023
Several security issues were fixed in ImageMagick.

Summary

A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 18.04 LTS Summary: Several security issues were fixed in ImageMagick. Software Description: - imagemagick: Image manipulation programs and library Details: It was discovered that ImageMagick incorrectly handled certain PNG images. If a user or automated system were tricked into opening a specially crafted PNG file, an attacker could use this issue to cause ImageMagick to stop responding, resulting in a denial of service, or possibly obtain the contents of arbitrary files by including them into images.

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 18.04 LTS: imagemagick 8:6.9.7.4+dfsg-16ubuntu6.15 imagemagick-6.q16 8:6.9.7.4+dfsg-16ubuntu6.15 libmagick++-6.q16-7 8:6.9.7.4+dfsg-16ubuntu6.15 libmagickcore-6.q16-3 8:6.9.7.4+dfsg-16ubuntu6.15 libmagickcore-6.q16-3-extra 8:6.9.7.4+dfsg-16ubuntu6.15 In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-5855-1

CVE-2022-44267, CVE-2022-44268

Severity
Ubuntu Security Notice USN-5855-1

Package Information

https://launchpad.net/ubuntu/+source/imagemagick/8:6.9.7.4+dfsg-16ubuntu6.15

Related News

Google Discloses CentOS Linux Kernel Vulnerabilities Following Failure to Issue Timely Fixes

Kali Linux 2023.1 Introduces 'Purple' Distro for Defensive Security

Companies Can’t Stop Using Open Source

8 Reasons Why Kali Linux is the Ultimate Operating System for Hackers

News

Advisories

HOWTOs

Features

Interview with Guardian Digital CEO Dave Wreski: Open Source Utilization in Email Security Solutions & More
Verifying Linux Server Security: What Every Admin Needs to Know
What Linux, Windows & Mac OS Users Need to Know About VPNs
Complete Guide to Vulnerability Basics
How To Get Live Updates on Critical Linux Security Advisories

About Us

Powered By

Footer Logo

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy. 

Learn More About Our Cookie Policy