[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 1282-1] graphicsmagick security update



Package        : graphicsmagick
Version        : 1.3.16-1.1+deb7u18
CVE ID         : CVE-2018-6799


A denial of service vulnerability has been discovered in graphicsmagick,
 a collection of image processing tools and associated libraries.

A specially crafted file can be used to produce a denial of service
(heap overwrite) or possible other unspecified impact by exploiting a
defect related to unused pixel staging area in the AcquireCacheNexus
function in magick/pixel_cache.c.

For Debian 7 "Wheezy", these problems have been fixed in version
1.3.16-1.1+deb7u18.

We recommend that you upgrade your graphicsmagick packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

Attachment: signature.asc
Description: PGP signature


Reply to: