========================================================================== Ubuntu Security Notice USN-5855-4 April 17, 2023 imagemagick vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 16.04 ESM - Ubuntu 14.04 ESM Summary: Several security issues were fixed in ImageMagick. Software Description: - imagemagick: Image manipulation programs and library Details: USN-5855-1 fixed vulnerabilities in ImageMagick. This update provides the corresponding updates for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: It was discovered that ImageMagick incorrectly handled certain PNG images. If a user or automated system were tricked into opening a specially crafted PNG file, an attacker could use this issue to cause ImageMagick to stop responding, resulting in a denial of service, or possibly obtain the contents of arbitrary files by including them into images. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 ESM: imagemagick 8:6.8.9.9-7ubuntu5.16+esm7 imagemagick-6.q16 8:6.8.9.9-7ubuntu5.16+esm7 libmagick++-6.q16-5v5 8:6.8.9.9-7ubuntu5.16+esm7 libmagickcore-6.q16-2 8:6.8.9.9-7ubuntu5.16+esm7 libmagickcore-6.q16-2-extra 8:6.8.9.9-7ubuntu5.16+esm7 Ubuntu 14.04 ESM: imagemagick 8:6.7.7.10-6ubuntu3.13+esm5 libmagick++5 8:6.7.7.10-6ubuntu3.13+esm5 libmagickcore5 8:6.7.7.10-6ubuntu3.13+esm5 libmagickcore5-extra 8:6.7.7.10-6ubuntu3.13+esm5 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-5855-4 https://ubuntu.com/security/notices/USN-5855-1 CVE-2022-44267, CVE-2022-44268
Ubuntu 5855-4: ImageMagick vulnerabilities
April 17, 2023
Several security issues were fixed in ImageMagick.
Summary
A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 16.04 ESM - Ubuntu 14.04 ESM Summary: Several security issues were fixed in ImageMagick. Software Description: - imagemagick: Image manipulation programs and library Details: USN-5855-1 fixed vulnerabilities in ImageMagick. This update provides the corresponding updates for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: It was discovered that ImageMagick incorrectly handled certain PNG images. If a user or automated system were tricked into opening a specially crafted PNG file, an attacker could use this issue to cause ImageMagick to stop responding, resulting in a denial of service, or possibly obtain the contents of arbitrary files by including them into images.
Update Instructions
The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 ESM: imagemagick 8:6.8.9.9-7ubuntu5.16+esm7 imagemagick-6.q16 8:6.8.9.9-7ubuntu5.16+esm7 libmagick++-6.q16-5v5 8:6.8.9.9-7ubuntu5.16+esm7 libmagickcore-6.q16-2 8:6.8.9.9-7ubuntu5.16+esm7 libmagickcore-6.q16-2-extra 8:6.8.9.9-7ubuntu5.16+esm7 Ubuntu 14.04 ESM: imagemagick 8:6.7.7.10-6ubuntu3.13+esm5 libmagick++5 8:6.7.7.10-6ubuntu3.13+esm5 libmagickcore5 8:6.7.7.10-6ubuntu3.13+esm5 libmagickcore5-extra 8:6.7.7.10-6ubuntu3.13+esm5 In general, a standard system update will make all the necessary changes.
References
https://ubuntu.com/security/notices/USN-5855-4
https://ubuntu.com/security/notices/USN-5855-1
CVE-2022-44267, CVE-2022-44268
Severity
Package Information
News
HOWTOs
About Us
Powered By
