Alerts This Week
Warning Icon 1 1,003
Alerts This Week
Warning Icon 1 1,003

Ubuntu 14.04 LTS USN-7053-1 critical: ImageMagick buffer overflow

ubuntu
Calendar Grey October 3, 2024
Dist Ubuntu Esm H88
Ubuntu 14.04 LTS has received vital security updates for ImageMagick. Address vulnerabilities to thwart possible exploitation and safeguard sensitive information.
Several security issues were fixed in ImageMagick.

Summary

Several security issues were fixed in ImageMagick.

Software Description:

- imagemagick: Image manipulation programs and library

Details:

It was discovered that ImageMagick incorrectly handled certain malformed

image files. If a user or automated system using ImageMagick were tricked

into opening a specially crafted image, an attacker could exploit this to

cause a denial of service or potentially leak sensitive information.

These vulnerabilities included heap and stack-based buffer overflows,

memory leaks, and improper handling of uninitialized values.

Topics%20covered

Topics Covered

security advisory denial of service buffer overflow Ubuntu security issues image handling ImageMagick

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 14.04 LTS
   imagemagick                     8:6.7.7.10-6ubuntu3.13+esm10
                                   Available with Ubuntu Pro
   libmagick++-dev                 8:6.7.7.10-6ubuntu3.13+esm10
                                   Available with Ubuntu Pro
   libmagick++5                    8:6.7.7.10-6ubuntu3.13+esm10
                                   Available with Ubuntu Pro
   libmagickcore-dev               8:6.7.7.10-6ubuntu3.13+esm10
                                   Available with Ubuntu Pro
   libmagickcore5                  8:6.7.7.10-6ubuntu3.13+esm10
                                   Available with Ubuntu Pro
   libmagickcore5-extra            8:6.7.7.10-6ubuntu3.13+esm10
                                   Available with Ubuntu Pro
   libmagickwand-dev               8:6.7.7.10-6ubuntu3.13+esm10
                                   Available with Ubuntu Pro
   libmagickwand5                  8:6.7.7.10-6ubuntu3.13+esm10
                                   Available with Ubuntu Pro
   perlmagick                      8:6.7.7.10-6ubuntu3.13+esm10
                                   Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-7053-1

  CVE-2019-13135, CVE-2019-13295, CVE-2019-13297, CVE-2019-13300,

  CVE-2019-13301, CVE-2019-13304, CVE-2019-13305, CVE-2019-13306,

  CVE-2019-13307, CVE-2019-13309, CVE-2019-13310, CVE-2019-13311,

  CVE-2019-13454, CVE-2019-15139, CVE-2019-15140, CVE-2019-15141,

  CVE-2019-16708, CVE-2019-16709, CVE-2019-16710, CVE-2019-16711,

  CVE-2019-16712, CVE-2019-16713, CVE-2019-19948, CVE-2019-19949,

  CVE-2019-7175

Severity
critical
Lowest
Low
Medium
High
Critical

Topics%20covered

Topics Covered

security advisory denial of service buffer overflow Ubuntu security issues image handling ImageMagick

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here