Debian Security Advisory
DLA-1401-1 graphicsmagick -- LTS security update
- Date Reported:
- 27 Jun 2018
- Affected Packages:
- Security database references:
- In the Debian bugtracking system: Bug 870149, Bug 870157, Bug 872574, Bug 873130, Bug 873129, Bug 873119, Bug 873099, Bug 881524.
In Mitre's CVE dictionary: CVE-2016-3716, CVE-2016-3717, CVE-2016-3718, CVE-2016-5241, CVE-2016-7446, CVE-2016-7447, CVE-2016-7448, CVE-2016-7449, CVE-2017-11636, CVE-2017-11643, CVE-2017-12937, CVE-2017-13063, CVE-2017-13064, CVE-2017-13065, CVE-2017-13134, CVE-2017-14314, CVE-2017-14733, CVE-2017-16353, CVE-2017-16669, CVE-2017-17498, CVE-2017-17500, CVE-2017-17501, CVE-2017-17502, CVE-2017-17503, CVE-2017-17782, CVE-2017-17912, CVE-2017-17915.
- More information:
Various security issues were discovered in Graphicsmagick, a collection of image processing tools. Heap-based buffer overflows or overreads may lead to a denial of service or disclosure of in-memory information or other unspecified impact by processing a malformed image file.
For Debian 8
Jessie, these problems have been fixed in version 1.3.20-3+deb8u3.
We recommend that you upgrade your graphicsmagick packages.
Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS