View previous topic :: View next topic |
Author |
Message |
GLSA Advocate
Joined: 12 May 2004 Posts: 2663
|
Posted: Sat Nov 11, 2017 3:26 pm Post subject: [ GLSA 201711-07 ] ImageMagick |
|
|
Gentoo Linux Security Advisory
Title: ImageMagick: Multiple vulnerabilities (GLSA 201711-07)
Severity: normal
Exploitable: remote
Date: 2017-11-11
Bug(s): #626454, #626906, #627036, #628192, #628490, #628646, #628650, #628700, #628702, #629354, #629482, #629576, #629932, #630256, #630458, #630674, #635200, #635664, #635666
ID: 201711-07
Synopsis
Multiple vulnerabilities have been found in ImageMagick, the worst
of which may allow remote attackers to cause a Denial of Service condition.
Background
A collection of tools and libraries for many image formats.
Affected Packages
Package: media-gfx/imagemagick
Vulnerable: < 6.9.9.20
Unaffected: >= 6.9.9.20
Architectures: All supported architectures
Description
Multiple vulnerabilities have been discovered in ImageMagick. Please
review the referenced CVE identifiers for details.
Impact
Remote attackers, by enticing a user to process a specially crafted
file, could obtain sensitive information, cause a Denial of Service
condition, or have other unspecified impacts.
Workaround
There is no known workaround at this time.
Resolution
All ImageMagick users should upgrade to the latest version: Code: | # emerge --sync
# emerge --ask --oneshot --verbose ">=media-gfx/imagemagick-6.9.9.20"
|
References
CVE-2017-11640
CVE-2017-11724
CVE-2017-12140
CVE-2017-12418
CVE-2017-12427
CVE-2017-12691
CVE-2017-12692
CVE-2017-12693
CVE-2017-12876
CVE-2017-12877
CVE-2017-12983
CVE-2017-13058
CVE-2017-13059
CVE-2017-13060
CVE-2017-13061
CVE-2017-13062
CVE-2017-13131
CVE-2017-13132
CVE-2017-13133
CVE-2017-13134
CVE-2017-13139
CVE-2017-13140
CVE-2017-13141
CVE-2017-13142
CVE-2017-13143
CVE-2017-13144
CVE-2017-13145
CVE-2017-13146
CVE-2017-13758
CVE-2017-13768
CVE-2017-13769
CVE-2017-14060
CVE-2017-14137
CVE-2017-14138
CVE-2017-14139
CVE-2017-14172
CVE-2017-14173
CVE-2017-14174
CVE-2017-14175
CVE-2017-14224
CVE-2017-14248
CVE-2017-14249
CVE-2017-15281
Last edited by GLSA on Mon Jan 15, 2018 4:16 am; edited 1 time in total |
|
Back to top |
|
|
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
|