[ubuntu/bionic-updates] imagemagick 8:6.9.7.4+dfsg-16ubuntu6.12 (Accepted)

Ubuntu Archive Robot ubuntu-archive-robot at lists.canonical.com
Mon Nov 29 07:58:27 UTC 2021


imagemagick (8:6.9.7.4+dfsg-16ubuntu6.12) bionic-security; urgency=medium

  * SECURITY UPDATE: Multiple divide by zero issues in imagemagick allow a
    remote attacker to cause a denial of service via a crafted image file
    - debian/patches/CVE-2021-20244.patch: Avoid division by zero in
      magick/fx.c
    - debian/patches/CVE-2021-20309.patch: Avoid division by zero in
      magick/fx.c
    - debian/patches/CVE-2021-20246.patch: Avoid division by zero in
      magick/resample.c
    - CVE-2021-20244, CVE-2021-20309, CVE-2021-20246
  * SECURITY UPDATE: Integer overflow, divide by zero and memory leak in
    imagemagick allow a remote attacker to cause a denial of service or
    possible leak of cryptographic information via a crafted image file
    - debian/patches/CVE-2021-20312.patch: Avoid integer overflow in
      coders/thumbnail.c, division by zero in magick/colorspace.c and
      a potential cipher leak in magick/memory.c
    - CVE-2021-20312, CVE-2021-20313

Date: 2021-11-22 10:05:10.441777+00:00
Changed-By: Ray Veldkamp <ray.veldkamp at canonical.com>
Signed-By: Ubuntu Archive Robot <ubuntu-archive-robot at lists.canonical.com>
https://launchpad.net/ubuntu/+source/imagemagick/8:6.9.7.4+dfsg-16ubuntu6.12
-------------- next part --------------
Sorry, changesfile not available.


More information about the Bionic-changes mailing list