Mehrere Probleme in imagemagick
ID: | DSA-4316-1 |
Distribution: | Debian |
Plattformen: | Debian stretch |
Datum: | Sa, 13. Oktober 2018, 00:55 |
Referenzen: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16644
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16645 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16412 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16413 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16642 |
Applikationen: | ImageMagick |
Originalnachricht |
|
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4316-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff October 12, 2018 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : imagemagick CVE ID : CVE-2018-16412 CVE-2018-16413 CVE-2018-16642 CVE-2018-16644 CVE-2018-16645 This update fixes several vulnerabilities in Imagemagick, a graphical software suite. Various memory handling problems or incomplete input sanitising have been found in the coders for BMP, DIB, PICT, DCM, CUT and PSD. For the stable distribution (stretch), these problems have been fixed in version 8:6.9.7.4+dfsg-11+deb9u6. We recommend that you upgrade your imagemagick packages. For the detailed security status of imagemagick please refer to its security tracker page at: https://security-tracker.debian.org/tracker/imagemagick Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlvBBuEACgkQEMKTtsN8 TjZfXg/+LHxSz7Vm9pP1RtdT4HhcBoBr6uIDpAmhxfs65d9NgEiTAMbeTSK36Wpu XalpZuGqsBeLTksJUx3D7A7Spc+qxRkpWCSFHfy3bypricHZGq28g60X0t2EfTYk 4qkV/BJwZY5Mov3xuzLw4fRDIj4iRsZPj7woD6jbXsfIbFHNIisHEyUrI+/Ob2mg +4AQhqo2mbLRu3BRWJfYIBDvNe9kW+u2AlBA0o7tUssxxfURC//2D1zqFvTP40PK BR91PwAuHZtyk8jgnMYIRbCifvDUGD31HvzB9R+BBOgEc/7rLJY2yLe7e/c5U30R Cmh9TibMKsnuaidtIhiKqJxctxu4wf6Dt6VMhb60HDpnbQnqcRCP4LNsaBMBDdlY 03vLoy8WYH9o+2BxGoROTRSQJIpz/do4QoE8zh8R90vTLNXECXFlFkwwTcFLDMv5 X6V84UiN6WuN9/hK00XbMe8272fXk+ndC2wqkIpkj4oxKqQyO9Ztmzezf2MLlTpD aTe8QgJD+otyJ23hDKugaNivr+9VrgiFXm8iDSNl4n+BpRFC2fcMKL3pgeDNNgFp PIyDYv+tDLfBWie+7bjn27oQIdZcxd1IhGwfHjPDILQFuQYDB9ryLsfWvXaT9tDw NK26jD5aRuFhZFpEhPqp612VcD3ezNX4ZXlqtRbwVbcD3R7dimg= =Osgs -----END PGP SIGNATURE----- |