[USN-4586-1] PHP ImageMagick vulnerability

Paulo Flabiano Smorigo pfsmorigo at canonical.com
Tue Oct 20 17:41:14 UTC 2020

Ubuntu Security Notice USN-4586-1
October 20, 2020

php-imagick vulnerability

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 18.04 LTS


PHP ImageMagick could be made to crash if it received specially crafted

Software Description:
- php-imagick: PHP extension to create and modify images using the ImageMagick API


It was discovered that PHP ImageMagick extension didn't check the address used
by an array. An attacker could use this issue to cause PHP ImageMagick to
crash, resulting in a denial of service.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 18.04 LTS:
  php-imagick                     3.4.3~rc2-2ubuntu4.1

In general, a standard system update will make all the necessary changes.


Package Information:
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <https://lists.ubuntu.com/archives/ubuntu-security-announce/attachments/20201020/fd311756/attachment.sig>

More information about the ubuntu-security-announce mailing list