[ubuntu/precise-security] imagemagick 8:6.6.9.7-5ubuntu3.4 (Accepted)
Marc Deslauriers
marc.deslauriers at canonical.com
Thu Jun 2 12:53:11 UTC 2016
imagemagick (8:6.6.9.7-5ubuntu3.4) precise-security; urgency=medium
* SECURITY UPDATE: ImageTragick remote code execution
- d/p/0076-Disable-EPHEMERAL-URL-HTTPS-MVG-MSL-TEXT-SHOW-WIN-and-PLT-coders.patch
- d/p/0077-Remove-PLT-Gnuplot-decoder.patch
- d/p/0078-Sanitize-input-filename-for-http-and-https-delegates.patch
- d/p/0079-Indirect-filename-must-be-authorized-by-policy.patch
- d/p/0080-Prevent-indirect-reads-with-label-at.patch
- d/p/0081-Less-secure-coders-require-explicit-reference.patch
- CVE-2016-3714
- CVE-2016-3715
- CVE-2016-3716
- CVE-2016-3717
- CVE-2016-3718
* SECURITY UPDATE: popen() shell vulnerability
- d/p/0082-Disable-MAGICKCORE_HAVE_POPEN.patch
- CVE-2016-5118
Date: 2016-06-01 18:44:17.184155+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/imagemagick/8:6.6.9.7-5ubuntu3.4
-------------- next part --------------
Sorry, changesfile not available.
More information about the Precise-changes
mailing list