[SECURITY] [DLA 1229-1] imagemagick security update
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Package : imagemagick
Version : 8:6.7.7.10-5+deb7u20
CVE ID : CVE-2017-1000445, CVE-2017-1000476
Debian Bug : #886281
It was discovered that there were two vulnerabilities in the imagemagick
image manipulation program:
CVE-2017-1000445: A null pointer dereference in the MagickCore
component which could lead to denial of service.
CVE-2017-1000476: A potential denial of service attack via CPU
exhaustion.
For Debian 7 "Wheezy", this issue has been fixed in imagemagick version
8:6.7.7.10-5+deb7u20.
We recommend that you upgrade your imagemagick packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` lamby@debian.org / chris-lamb.co.uk
`-
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAlpN/z0ACgkQHpU+J9Qx
HliM9RAApgqmgbleOFQTq67qwYNNsMclGYzpJJqDkt09C1Dr1CeCt4Q83USoVyXx
MkX/DU/hHCdTgF6u2aum6UO1Vi16Q7xlYVUK3bMXQtZSMnC4gydVd7RhJANYxRgj
zkIVwmAIN71PzrmaZspGAp+REIAQEtDP0o+Nq5P0h5qp+TZkaHBaCRRrzkzWkWX7
7alHVxg4vlZd51PQOQKuWrHMFJogt+PAW7DlyKhzdYWNFsRcaWmabtUvS1MaGdAa
e+e0VeLgVcuJYKxm00r2eOUIy3zr0Ep/Fyj/O+vJIg4/XZFSVlHhhxh70X0PGAsn
bavw6BPRWb+qOuQeuEAw1BD5+BjXhg3/z/cOKY+48KF2ap4fk1LBnjWwDi1eUjSd
2HQAjBJfMwKeT4PmBVKARiVYX6KlxE5ybqwmdcXlUl/la236O8EKidSDhFnhr1Ba
DTE2Nv9tyVHQTaJn2bT0Fsm7Z3GKQyPAp+mFhtdHaz23OXpvADdgmZ4OYTxgAak9
ji80dz8RO4Gy7yNqYXxM9fXXPx5VjCta869RWDYlsv7TX2qGtKVHicuFqMcfw9L0
C7dbLkcBiYMOCMeGOvIJtRWRynKSm0YAtAbOTX0y50K4OFXWREDnAd7AehhbouXI
MLD2d9iuDv4SMT2Ze12QfJRgIrGx+y3a7FYsD/HDr09HMUPRyhw=
=hpG7
-----END PGP SIGNATURE-----
Reply to: