Debian 10228 Published by

An imagemagick security update has been released for Debian GNU/Linux 8 Extended LTS to address multiple security vulnerabilities.



ELA-253-1 imagemagick security update

Package imagemagick
Version 8:6.8.9.9-5+deb8u20
Related CVE CVE-2017-12805 CVE-2017-17681 CVE-2017-18252 CVE-2018-7443 CVE-2018-8804 CVE-2018-8960 CVE-2018-9133 CVE-2018-10177 CVE-2018-18024 CVE-2018-20467 CVE-2019-10131 CVE-2019-11472 CVE-2019-12977 CVE-2019-12978 CVE-2019-12979 CVE-2019-13300 CVE-2019-13307 CVE-2019-13454

Multiple security vulnerabilities were fixed in Imagemagick. Various memory handling problems and cases of missing or incomplete input sanitising may result in denial of service and memory or CPU exhaustion.

For Debian 8 jessie, these problems have been fixed in version 8:6.8.9.9-5+deb8u20.

We recommend that you upgrade your imagemagick packages.

Further information about Extended LTS security advisories can be found at: https://deb.freexian.com/extended-lts/

  ELA-253-1 imagemagick security update