Login
Newsletter
Werbung
Sicherheit: Denial of Service in ImageMagick
Aktuelle Meldungen Distributionen
Name: Denial of Service in ImageMagick
ID: USN-7440-1
Distribution: Ubuntu
Plattformen: Ubuntu 20.04 LTS
Datum: Mo, 21. April 2025, 22:12
Referenzen: https://www.cve.org/CVERecord?id=CVE-2023-34151
Applikationen: ImageMagick

Originalnachricht

 
==========================================================================
Ubuntu Security Notice USN-7440-1
April 16, 2025

imagemagick regression
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 20.04 LTS

Summary:

USN-6200-2 introduced a regression in ImageMagick.

Software Description:
- imagemagick: Image manipulation programs and library

Details:

USN-6200-2 fixed a vulnerability in ImageMagick. It was discovered that the
fix for CVE-2023-34151 was incomplete. This update fixes the problem.

We apologize for the inconvenience.

Original advisory details:

 It was discovered that ImageMagick incorrectly handled memory under
 certain circumstances. If a user were tricked into opening a specially
 crafted image file, an attacker could possibly exploit this issue to
 cause a denial of service or other unspecified impact. (CVE-2023-34151)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 20.04 LTS
  imagemagick                     8:6.9.10.23+dfsg-2.1ubuntu11.11
  imagemagick-6-common            8:6.9.10.23+dfsg-2.1ubuntu11.11
  imagemagick-6.q16               8:6.9.10.23+dfsg-2.1ubuntu11.11
  imagemagick-6.q16hdri           8:6.9.10.23+dfsg-2.1ubuntu11.11
  imagemagick-common              8:6.9.10.23+dfsg-2.1ubuntu11.11
  libmagick++-6.q16-8             8:6.9.10.23+dfsg-2.1ubuntu11.11
  libmagick++-6.q16hdri-8         8:6.9.10.23+dfsg-2.1ubuntu11.11
  libmagickcore-6.q16-6           8:6.9.10.23+dfsg-2.1ubuntu11.11
  libmagickcore-6.q16hdri-6       8:6.9.10.23+dfsg-2.1ubuntu11.11
  libmagickwand-6.q16-6           8:6.9.10.23+dfsg-2.1ubuntu11.11
  libmagickwand-6.q16hdri-6       8:6.9.10.23+dfsg-2.1ubuntu11.11

In general, a standard system update will make all the necessary changes.

References:
  https://ubuntu.com/security/notices/USN-7440-1
  CVE-2023-34151, https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/2106393

Package Information:
  https://launchpad.net/ubuntu/+source/imagemagick/8:6.9.10.23+dfsg-2.1ubuntu11.11
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten

141
Mach­t's gut!

51
Neue Raspber­ry Pi-Va­ri­an­te mit 8 GB RAM

0
Genode 20.05 frei­ge­ge­ben

9
Sub­ver­si­on 1.14.0-LTS vor­ge­stellt

0
»Hum­ble Ci­ties: Sky­lines Bund­le« vor­ge­stellt

0
End of Life für Co­reOS Con­tai­ner Linux ver­kün­det

32
Elek­tra 0.9.2 er­schie­nen

8
Nex­tDNS ver­lässt die Be­ta-Pha­se

23
Tu­xe­do stellt Ga­mer-Note­book vor

0
Libre Gra­phics Mee­ting be­ginnt als On­li­ne-Va­ri­an­te
 
Werbung