[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 1139-1] imagemagick security update

Package        : imagemagick
Version        : 8:
CVE ID         : CVE-2017-15277 CVE-2017-15281
Debian Bug     : 878578 878579

This update fixes two vulnerabilities in ImageMagick:


    An uninitialized data structure could lead to information disclosure
    when reading a specially crafted GIF file.


    An uninitialized value used in a conditional jump could cause a
    denial of service (application crash) or other unspecified impacts
    when reading a specially crafted PSD file.

For Debian 7 "Wheezy", these problems have been fixed in version

We recommend that you upgrade your imagemagick packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

Attachment: signature.asc
Description: Digital signature

Reply to: