Univention Bugzilla – Bug 48133
imagemagick: Multiple issues (4.2)
Last modified: 2018-11-14 14:59:01 CET
New Debian imagemagick 8:6.8.9.9-5+deb8u15 fixes: This update addresses the following issue: * heap-based buffer over-read in the EncodeImage function of coders/pict.c (CVE-2018-18025)
--- mirror/ftp/4.2/unmaintained/component/4.2-5-errata/source/imagemagick_6.8.9.9-5+deb8u14.dsc +++ apt/ucs_4.2-0-errata4.2-5/source/imagemagick_6.8.9.9-5+deb8u15.dsc @@ -1,3 +1,10 @@ +8:6.8.9.9-5+deb8u15 [Sun, 11 Nov 2018 17:03:02 +0100] Thorsten Alteholz <debian@alteholz.de>: + + * Non-maintainer upload by the LTS Team. + * CVE-2018-18025 + Fix for heap-based buffer over-read which can result in a denial of + service via a crafted file. + 8:6.8.9.9-5+deb8u14 [Wed, 03 Oct 2018 08:08:36 -0400] Roberto C. Sanchez <roberto@debian.org>: * Non-maintainer upload. <http://10.200.17.11/4.2-5/#745573269298572159>
OK: yaml OK: announce_errata OK: patch OK: piuparts [4.2-5] 67afd510a1 Bug #48133: imagemagick 8:6.8.9.9-5+deb8u15 doc/errata/staging/imagemagick.yaml | 13 +++++++++++++ 1 file changed, 13 insertions(+)
<http://errata.software-univention.de/ucs/4.2/545.html>