Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in

  FAQ | Search | Memberlist | Usergroups | Statistics | Profile | Log in to check your private messages | Log in | Register

[ GLSA 201711-07 ] ImageMagick
 View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index News & Announcements
View previous topic :: View next topic  
Author Message
GLSA
Advocate
Advocate


Joined: 12 May 2004
Posts: 2663
PostPosted: Sat Nov 11, 2017 3:26 pm    Post subject: [ GLSA 201711-07 ] ImageMagick Reply with quote
Gentoo Linux Security Advisory

Title: ImageMagick: Multiple vulnerabilities (GLSA 201711-07)
Severity: normal
Exploitable: remote
Date: 2017-11-11
Bug(s): #626454, #626906, #627036, #628192, #628490, #628646, #628650, #628700, #628702, #629354, #629482, #629576, #629932, #630256, #630458, #630674, #635200, #635664, #635666
ID: 201711-07

Synopsis

Multiple vulnerabilities have been found in ImageMagick, the worst
of which may allow remote attackers to cause a Denial of Service condition.


Background

A collection of tools and libraries for many image formats.

Affected Packages

Package: media-gfx/imagemagick
Vulnerable: < 6.9.9.20
Unaffected: >= 6.9.9.20
Architectures: All supported architectures


Description

Multiple vulnerabilities have been discovered in ImageMagick. Please
review the referenced CVE identifiers for details.


Impact

Remote attackers, by enticing a user to process a specially crafted
file, could obtain sensitive information, cause a Denial of Service
condition, or have other unspecified impacts.


Workaround

There is no known workaround at this time.

Resolution

All ImageMagick users should upgrade to the latest version:
Code:
# emerge --sync
      # emerge --ask --oneshot --verbose ">=media-gfx/imagemagick-6.9.9.20"
   


References


CVE-2017-11640


CVE-2017-11724


CVE-2017-12140


CVE-2017-12418


CVE-2017-12427


CVE-2017-12691


CVE-2017-12692


CVE-2017-12693


CVE-2017-12876


CVE-2017-12877


CVE-2017-12983


CVE-2017-13058


CVE-2017-13059


CVE-2017-13060


CVE-2017-13061


CVE-2017-13062


CVE-2017-13131


CVE-2017-13132


CVE-2017-13133


CVE-2017-13134


CVE-2017-13139


CVE-2017-13140


CVE-2017-13141


CVE-2017-13142


CVE-2017-13143


CVE-2017-13144


CVE-2017-13145


CVE-2017-13146


CVE-2017-13758


CVE-2017-13768


CVE-2017-13769


CVE-2017-14060


CVE-2017-14137


CVE-2017-14138


CVE-2017-14139


CVE-2017-14172


CVE-2017-14173


CVE-2017-14174


CVE-2017-14175


CVE-2017-14224


CVE-2017-14248


CVE-2017-14249


CVE-2017-15281


Last edited by GLSA on Mon Jan 15, 2018 4:16 am; edited 1 time in total
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index News & Announcements All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



 Links: forums.gentoo.org | www.gentoo.org | bugs.gentoo.org | wiki.gentoo.org | forum-mods@gentoo.org

Copyright 2001-2024 Gentoo Foundation, Inc. Designed by Kyle Manna © 2003; Style derived from original subSilver theme. | Hosting by Gossamer Threads Inc. © | Powered by phpBB 2.0.23-gentoo-p11 © 2001, 2002 phpBB Group
Privacy Policy