Описание
ELSA-2021-0024: ImageMagick security update (IMPORTANT)
[6.9.10.68-5]
- Adding CTV-2020-29599 fix
Обновленные пакеты
Oracle Linux 7
Oracle Linux aarch64
ImageMagick
6.9.10.68-5.el7_9
ImageMagick-c++
6.9.10.68-5.el7_9
ImageMagick-c++-devel
6.9.10.68-5.el7_9
ImageMagick-devel
6.9.10.68-5.el7_9
ImageMagick-doc
6.9.10.68-5.el7_9
ImageMagick-perl
6.9.10.68-5.el7_9
Oracle Linux x86_64
ImageMagick
6.9.10.68-5.el7_9
ImageMagick-c++
6.9.10.68-5.el7_9
ImageMagick-c++-devel
6.9.10.68-5.el7_9
ImageMagick-devel
6.9.10.68-5.el7_9
ImageMagick-doc
6.9.10.68-5.el7_9
ImageMagick-perl
6.9.10.68-5.el7_9
Связанные CVE
Связанные уязвимости
ImageMagick before 6.9.11-40 and 7.x before 7.0.10-40 mishandles the -authenticate option, which allows setting a password for password-protected PDF files. The user-controlled password was not properly escaped/sanitized and it was therefore possible to inject additional shell commands via coders/pdf.c.
ImageMagick before 6.9.11-40 and 7.x before 7.0.10-40 mishandles the -authenticate option, which allows setting a password for password-protected PDF files. The user-controlled password was not properly escaped/sanitized and it was therefore possible to inject additional shell commands via coders/pdf.c.
ImageMagick before 6.9.11-40 and 7.x before 7.0.10-40 mishandles the -authenticate option, which allows setting a password for password-protected PDF files. The user-controlled password was not properly escaped/sanitized and it was therefore possible to inject additional shell commands via coders/pdf.c.
ImageMagick before 6.9.11-40 and 7.x before 7.0.10-40 mishandles the - ...
ImageMagick before 6.9.11-40 and 7.x before 7.0.10-40 mishandles the -authenticate option, which allows setting a password for password-protected PDF files. The user-controlled password was not properly escaped/sanitized and it was therefore possible to inject additional shell commands via coders/pdf.c.