lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-Id: <E1fJijI-0005hK-Sq@seger.debian.org> Date: Fri, 18 May 2018 16:59:44 +0000 From: Sebastien Delafond <seb@...ian.org> To: bugtraq@...urityfocus.com Subject: [SECURITY] [DSA 4204-1] imagemagick security update -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4204-1 security@...ian.org https://www.debian.org/security/ Sebastien Delafond May 18, 2018 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : imagemagick CVE ID : CVE-2017-10995 CVE-2017-11533 CVE-2017-11535 CVE-2017-11639 CVE-2017-13143 CVE-2017-17504 CVE-2017-17879 CVE-2018-5248 Debian Bug : 867748 869827 869834 870012 870065 885125 885340 886588 This update fixes several vulnerabilities in imagemagick, a graphical software suite. Various memory handling problems or issues about incomplete input sanitizing would result in denial of service or memory disclosure. For the oldstable distribution (jessie), these problems have been fixed in version 8:6.8.9.9-5+deb8u12. We recommend that you upgrade your imagemagick packages. For the detailed security status of imagemagick please refer to its security tracker page at: https://security-tracker.debian.org/tracker/imagemagick Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@...ts.debian.org -----BEGIN PGP SIGNATURE----- iQEzBAEBCgAdFiEEAqSkbVtrXP4xJMh3EL6Jg/PVnWQFAlr/BU8ACgkQEL6Jg/PV nWTEIQf/YirH/RXDrvF4CRNZS3jPHCaNEmxXvvgs1tGTs04fQMPNdrEP2gZFfUnk hu83t7GjUE+J1DAjjgtZQ9PQYPGhXidOaKHR6kTcUTENySl5V8PLkdF1EFK1M2Tn CAd1TH4L5Q/2SFZnfBsu3KzpYOHWHSYl5BlJwwDznruGt7yAhHIGHP/RLRnlxJCx uYUhM3PyU41CATeLCMX/owea3ND7Ro+ZpEKHy7KDcdx0WLx29yBU1wNN2+kxGsEc ScHWGMFUMmTVeKtpfGF1rw5+8r6wgKiQoEzBPgSiXYLIDptTBTiS1rrBoy6hysXv hi8jcwjII6qmrEqwTGjN1yMAnx/CWQ== =UKUX -----END PGP SIGNATURE-----
Powered by blists - more mailing lists