[SECURITY] [DLA 3625-1] ruby-rmagick security update

To: <debian-lts-announce@lists.debian.org>
Subject: [SECURITY] [DLA 3625-1] ruby-rmagick security update
From: roucaries.bastien@gmail.com
Date: Sun, 22 Oct 2023 12:21:43 +0000
Message-id: <[🔎] cba82608f9acdf13ed2f04ac91310038.no-reply@debian.org>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-3625-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/                   Bastien RoucariÃ¨s
October 22, 2023                              https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : ruby-rmagick
Version        : 2.16.0-6+deb10u1
CVE ID         : CVE-2023-5349

A memory leak was found in ruby-magick an interface between
Ruby and ImageMagick, that could lead to a Deny of Service
(DOS) by memory exhaustion.

For Debian 10 buster, this problem has been fixed in version
2.16.0-6+deb10u1.

We recommend that you upgrade your ruby-rmagick packages.

For the detailed security status of ruby-rmagick please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/ruby-rmagick

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQJFBAEBCgAvFiEEXQGHuUCiRbrXsPVqADoaLapBCF8FAmU1E9cRHHJvdWNhQGRl
Ymlhbi5vcmcACgkQADoaLapBCF928g/9En3B+YDwjIr21V+wMLqF8IBZJa5Ljdpt
21ake6SieVcUKV+4GBqsUcgSF3kNsyUHMPYsNnNuU8nyp4jLLyG/v0Jd4oFmQU2e
qiBhZCPXxpijtqddiZaJ+uvqNLVcGhkTa5Xnyv4FMZIva07GV5g/eSFU5C6IOkXH
hbm40W9knIG2LMVYGRSRcxH9kqSiXYifUQLGBPOulKfEjMYG8HzBbsktS4LGqBFO
JCSNTnyhQ2SKglKq4UN5XsXQ3jMlSyoZzYz9pNw6QhnI5/NKSapCJOP67P80Z0An
7tRbqhKMUoHN0BOA4Dgb1CNj3wRb1lKPGYEdhb3slnJiW0524FuCTkzd6c4Mmanz
dQHqGfUh+SOcEl6+gCUi3R0MZhVcUnj00BDbmXVeVQIfOt8E7g58bTvCEAPtIhqH
T35aiTzlJE53W49mrfqsUCJvcRDI4NMfy1O1QgL31D/GlZqymVVVSg+tbSGGHzkw
SrnL+QFBA/MZiZOEJ5wRTkjmqaGZ9mq9xfYoXlj5yb8SQEPUOfewsmw4EpZuQSch
Xt0VjtIRMTKNdK+3SWS8DHHC9oAZ48TsHFmcXaITXsD1vlfeaZpA4E95WrtM2sj9
mzSYBpTHHSdzinByopsJMGhHx0uVlcZTASk+veEU6zS9fxc+YFuduVxEcAZlzFRc
MAlb7df1o6U=
=XmGm
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 3624-1] zookeeper security update
Next by Date: [SECURITY] [DLA 3626-1] krb5 security update
Previous by thread: [SECURITY] [DLA 3624-1] zookeeper security update
Next by thread: [SECURITY] [DLA 3626-1] krb5 security update
Index(es):
- Date
- Thread