Debian alert DLA-1755-1 (graphicsmagick)
| From: | Markus Koschany <apo@debian.org> | |
| To: | debian-lts-announce@lists.debian.org | |
| Subject: | [SECURITY] [DLA 1755-1] graphicsmagick security update | |
| Date: | Sun, 14 Apr 2019 00:13:02 +0200 | |
| Message-ID: | <b4a00f02-ff62-8dbc-0740-3981e7d82045@debian.org> |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Package : graphicsmagick Version : 1.3.20-3+deb8u6 CVE ID : CVE-2017-10799 CVE-2019-11006 CVE-2019-11007 CVE-2019-11008 CVE-2019-11009 CVE-2019-11010 Debian Bug : 927029 Several security vulnerabilities were discovered in Graphicsmagick, a collection of image processing tools. Heap-based buffer over-reads and a memory leak may lead to a denial-of-service or information disclosure. For Debian 8 "Jessie", these problems have been fixed in version 1.3.20-3+deb8u6. We recommend that you upgrade your graphicsmagick packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAlyyXu5fFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7 UeQhag//WMr7/cNY2NvHlJuMni6GoCeFEAGgNX/RAuzhwg1nhsQoVKn/AnYYWLBs 2WM93lYyBZGiCT2D9q2VQ6ucf9ESP189je7IyYsRYkbCjLebxZJBRNbBpJ/8kaZl aEwmhgAbDSl2dZfLCtGeANhyfrlGqR6cJ08OXXNa1ZZ70UC+wygwFeNiex53d9iA xhYu1hmoAA9gpcu/c0bwrjXRykd2KZWQ/gupmkPTphVPA5I/9wv0UZrA5BgCI7sI YUvmgUFKyGRLPXS7OXuwm8fVZzfQre55pFH6IdiTiNvaWIB9vbpIkG9ofAUmNceM 11y/k8bLuoHn4dGwn4Y3PT6/3+fIwZjH8bDL8ljRDV51E705b6a0jymp9HbnN/D2 RNL2IlDQtOjurVH7jPRc5watjw+Qkeg5CkU/qRtWdjJom7Sp+9LGk7W5aFgxf7uN oSImhe309PeRn8kpLyTG90CKgcMmsmycOBbGKKRKro7fl2eZ6C40nHRg1dVWOGsO JgTH7dtJds4k64YPTbuBKrQqGmPDDE7KMcj5UDD/XEUwvyva0Ev5WlRHjByVDwTH L0jSG2O0T3P0XgGgANz3hKaMletKsstDE2/9M/Q4lTIoxqgFgV9ew6EW5ALQE3rP jXbtuPjrM6Ul697Vf6qqAd2nYGIdSW2TyhrzFRnQDxEKBNp20YI= =ud36 -----END PGP SIGNATURE-----