Login
Newsletter
Werbung

Sicherheit: Mehrere Probleme in imagemagick
Aktuelle Meldungen Distributionen
Name: Mehrere Probleme in imagemagick
ID: DSA-4712-1
Distribution: Debian
Plattformen: Debian buster
Datum: Di, 30. Juni 2020, 23:36
Referenzen: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300
Applikationen: ImageMagick

Originalnachricht

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4712-1 security@debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
June 30, 2020 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : imagemagick
CVE ID : CVE-2019-7175 CVE-2019-7395 CVE-2019-7396 CVE-2019-7397
CVE-2019-7398 CVE-2019-10649 CVE-2019-11470 CVE-2019-11472
CVE-2019-11597 CVE-2019-11598 CVE-2019-12974 CVE-2019-12975
CVE-2019-12976 CVE-2019-12977 CVE-2019-12978 CVE-2019-12979
CVE-2019-13135 CVE-2019-13137 CVE-2019-13295 CVE-2019-13297
CVE-2019-13300 CVE-2019-13301 CVE-2019-13304 CVE-2019-13305
CVE-2019-13307 CVE-2019-13308 CVE-2019-13309 CVE-2019-13311
CVE-2019-13454 CVE-2019-14981 CVE-2019-15139 CVE-2019-15140
CVE-2019-16708 CVE-2019-16710 CVE-2019-16711 CVE-2019-16713
CVE-2019-19948 CVE-2019-19949

This update fixes multiple vulnerabilities in Imagemagick: Various memory
handling problems and cases of missing or incomplete input sanitising
may result in denial of service, memory disclosure or potentially the
execution of arbitrary code if malformed image files are processed.

For the stable distribution (buster), these problems have been fixed in
version 8:6.9.10.23+dfsg-2.1+deb10u1.

We recommend that you upgrade your imagemagick packages.

For the detailed security status of imagemagick please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/imagemagick

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAl77hl8ACgkQEMKTtsN8
TjbwshAAp1/JOlprOZfp6+HCFH4cYbIOGwnDlZVn/tIS4KUZCyD0hHpOXzdohze9
ZyLHYw1uym5+Rile6M8tDAFjkwH/ePvsXi5NDJVgNM9MFZWcP+6Ai/3yCe8ZlaHS
Ji652NRQJG3PVwJp3rMVeKJsP0s7JCXxnHQC/5q9vmOLmuKDmLHbl6IMFLmkk3Ey
5IIeyjefq9Kg5CGKh0fFMm1irrUtdVoye+n3M+dPIob6aEq/spdD1iSR7Il5w6Mp
JDB9iqzGnV8gDPWwD6admujoku7kjn6Vorg9Ov/u/1cS0OFCFXXZtoWP3TSHISqH
tAnlnixHuHS7iV6DdDnzkbqJsA8GfsYskcrQ9sD8z2FueEDRchB++suKnayxNtSn
cndJPkbT8CxRdOBgEE+QJNuSsrxAM5aSEdEcQal4FgYP8WLWhsOPu3JAU1+8YLFW
PK7UMuWMh0B/scC79e3rhwrg8DvU0yFpxdRkDcznpz5NJ2hYBdcNXpnKaTOQNNgP
JfNgsn+0t7Yc2XA4Q6jmHJNOKOM4LMiOVI1LRe/6RuGNx94XJMeYw2MOmybM7xbo
s4KtXMXUUL8A0JLLHPHRUu09nerEoTXwDuJ+6lS82vEMT+XpWejcZRcw0RA5Rsud
Q4cHKw+PdAVHN32b8DfQ2uNVgZ9SZcNq24BrqCyihfNLdSxYSYg=
=dz+2
-----END PGP SIGNATURE-----
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten
Werbung