GLSA Advocate
Joined: 12 May 2004 Posts: 2663
|
Posted: Sun Jun 26, 2016 4:26 pm Post subject: [ GLSA 201606-14 ] ImageMagick |
|
|
Gentoo Linux Security Advisory
Title: ImageMagick: Multiple vulnerabilities (GLSA 201606-14)
Severity: normal
Exploitable: remote
Date: June 26, 2016
Bug(s): #534106, #562892
ID: 201606-14
Synopsis
Multiple vulnerabilities have been found in ImageMagick including
overflows and possible Denials of Service.
Background
Imagemagick is a collection of tools and libraries for many image
formats.
Affected Packages
Package: media-gfx/imagemagick
Vulnerable: < 6.9.0.3
Unaffected: >= 6.9.0.3
Architectures: All supported architectures
Description
Multiple vulnerabilities have been discovered in ImageMagick including,
but not limited to, various overflows and potential Denials of Service.
Please visit the references and related bug reports for additional
information.
Impact
Remote attackers could potentially perform buffer overflows or conduct
Denials of Service.
Workaround
There is no known workaround at this time.
Resolution
All ImageMagick users should upgrade to the latest version: Code: | # emerge --sync
# emerge --ask --oneshot --verbose ">=media-gfx/imagemagick-6.9.0.3"
|
References
Double free in coders/pict.c:2000
Double free in coders/tga.c:221
Imagemagick fuzzing bug
Integer and Buffer overflow in coders/icon.c
|
|