Debian alert DLA-1045-1 (graphicsmagick) [LWN.net]


From:
    	       Markus Koschany <apo@debian.org> 
To:
    	       debian-lts-announce@lists.debian.org 
Subject:
    	       [SECURITY] [DLA 1045-1] graphicsmagick security update 
Date:
    	       Sun, 30 Jul 2017 18:22:23 +0200
Message-ID:
    	       <d956a1d0-44dd-ae54-941a-ba0c03bf1a67@debian.org>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : graphicsmagick
Version        : 1.3.16-1.1+deb7u8
CVE ID         : CVE-2017-10799 CVE-2017-11102 CVE-2017-11140
                 CVE-2017-11403 CVE-2017-11636 CVE-2017-11637
                 CVE-2017-11638 CVE-2017-11641 CVE-2017-11642
                 CVE-2017-11643
Debian Bug     : 867077 867746 870149

Multiple security vulnerabilities, NULL pointer dereferences,
use-after-free and heap based overflows, were discovered in
graphicsmagick that can lead to denial of service by consuming all
available memory or segmentation faults.

For Debian 7 "Wheezy", these problems have been fixed in version
1.3.16-1.1+deb7u8.

We recommend that you upgrade your graphicsmagick packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAll+B75fFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7
UeQnFBAApb73bWMOM0iagnY2UIC4Izs1nMoBkmqI29AagxVmIaZW4x4C09v1AoZ4
10YGLuFXWWrB6XL0OBt0mjyUFbg5DbhRzxj9P39B8cnhuA7PlKPAPjoT2KBICPFU
I50iHmxLT7ERlI6THfT/rB3OePZOfR2XnV2WVb0gbDLT0CzyNjRBV8rzN9Tsl3eC
zTwjadNpix845n27Dj9DpFfmKdsWshuDrJCK4npYXAk1FNVSCNj72RBPZDwgtgmz
NTxBW1Xdsvf+X/HHB/yF8XptPTnb3Jd+vSeG/TJL5dNXDjqbUxzUpfZ2DB4grNPQ
tPYp8Kp70OPHVxOWe2l1aNiKp3D8r3rcb9MMvng7H2BkiCr77JKOjvTIDSbsmTLu
L3wPod6kRy9Q6Z4FKeAyp/gI6Mfput55Kq5Zjw6RAt4V81Sz+CzVo4h4FwzREeTF
KZ7LjheIR5lPMOzipRln9GczAggI+DQ2RJsvaSqpuGhHJ8aq4c5aVDfJJ1wdWiZw
TB+nwZmyIDeT09zn9UevsC/bttys5BV/Qd60W7qNJEelX2H7nwhFy+irsb8Qs2MZ
qgrlrvtbyKEkQA4/22N3z/ruJYcOHvQBT2fbfJoP97SNsI5GPwUkNnh6wMc5gtoe
1fvZK+k2rbXsZk9564lIt50yR+3yfOF3sU+7QqvSZJEvqBRkyEM=
=Ln0W
-----END PGP SIGNATURE-----

From:		Markus Koschany <apo@debian.org>
To:		debian-lts-announce@lists.debian.org
Subject:		[SECURITY] [DLA 1045-1] graphicsmagick security update
Date:		Sun, 30 Jul 2017 18:22:23 +0200
Message-ID:		<d956a1d0-44dd-ae54-941a-ba0c03bf1a67@debian.org>