Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

openSUSE-SU-2016:1326-1

Опубликовано: 18 мая 2016
Источник: suse-cvrf

Описание

Security update for GraphicsMagick

This update for GraphicsMagick fixes the following issues:

Security issues fixed:

  • Multiple security issues in GraphicsMagick/ImageMagick [boo#978061] (CVE-2016-3714, CVE-2016-3718, CVE-2016-3715, CVE-2016-3717)

Список пакетов

openSUSE Leap 42.1
GraphicsMagick-1.3.21-5.1
GraphicsMagick-devel-1.3.21-5.1
libGraphicsMagick++-Q16-11-1.3.21-5.1
libGraphicsMagick++-devel-1.3.21-5.1
libGraphicsMagick-Q16-3-1.3.21-5.1
libGraphicsMagick3-config-1.3.21-5.1
libGraphicsMagickWand-Q16-2-1.3.21-5.1
perl-GraphicsMagick-1.3.21-5.1

Ссылки

Описание

The (1) EPHEMERAL, (2) HTTPS, (3) MVG, (4) MSL, (5) TEXT, (6) SHOW, (7) WIN, and (8) PLT coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to execute arbitrary code via shell metacharacters in a crafted image, aka "ImageTragick."

Затронутые продукты
openSUSE Leap 42.1:GraphicsMagick-1.3.21-5.1
openSUSE Leap 42.1:GraphicsMagick-devel-1.3.21-5.1
openSUSE Leap 42.1:libGraphicsMagick++-Q16-11-1.3.21-5.1
openSUSE Leap 42.1:libGraphicsMagick++-devel-1.3.21-5.1
Ссылки

Описание

The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to delete arbitrary files via a crafted image.

Затронутые продукты
openSUSE Leap 42.1:GraphicsMagick-1.3.21-5.1
openSUSE Leap 42.1:GraphicsMagick-devel-1.3.21-5.1
openSUSE Leap 42.1:libGraphicsMagick++-Q16-11-1.3.21-5.1
openSUSE Leap 42.1:libGraphicsMagick++-devel-1.3.21-5.1
Ссылки

Описание

The LABEL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to read arbitrary files via a crafted image.

Затронутые продукты
openSUSE Leap 42.1:GraphicsMagick-1.3.21-5.1
openSUSE Leap 42.1:GraphicsMagick-devel-1.3.21-5.1
openSUSE Leap 42.1:libGraphicsMagick++-Q16-11-1.3.21-5.1
openSUSE Leap 42.1:libGraphicsMagick++-devel-1.3.21-5.1
Ссылки

Описание

The (1) HTTP and (2) FTP coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to conduct server-side request forgery (SSRF) attacks via a crafted image.

Затронутые продукты
openSUSE Leap 42.1:GraphicsMagick-1.3.21-5.1
openSUSE Leap 42.1:GraphicsMagick-devel-1.3.21-5.1
openSUSE Leap 42.1:libGraphicsMagick++-Q16-11-1.3.21-5.1
openSUSE Leap 42.1:libGraphicsMagick++-devel-1.3.21-5.1
Ссылки
Уязвимость openSUSE-SU-2016:1326-1