Debian 10261 Published by

An imagemagick security update has been released for Debian GNU/Linux 8 Extended LTS to address a potential denial-of-service issue.



ELA-419-1 imagemagick security update

Package imagemagick
Version 8:6.8.9.9-5+deb8u24
Related CVEs CVE-2021-20312

A flaw was found in ImageMagick, where an integer overflow in WriteTHUMBNAILImage of coders/thumbnail.c may trigger undefined behavior via a crafted image file that is submitted by an attacker and processed by an application using ImageMagick. This could lead to a denial-of-service.

For Debian 8 jessie, these problems have been fixed in version 8:6.8.9.9-5+deb8u24.

We recommend that you upgrade your imagemagick packages.

Further information about Extended LTS security advisories can be found at: https://deb.freexian.com/extended-lts/

  ELA-419-1 imagemagick security update