[ubuntu/xenial-security] imagemagick 8:6.8.9.9-7ubuntu5.1 (Accepted)
Marc Deslauriers
marc.deslauriers at canonical.com
Thu Jun 2 12:53:16 UTC 2016
imagemagick (8:6.8.9.9-7ubuntu5.1) xenial-security; urgency=medium
* SECURITY UPDATE: ImageTragick remote code execution
- d/p/0076-Disable-EPHEMERAL-URL-HTTPS-MVG-MSL-TEXT-SHOW-WIN-and-PLT-coders.patch
- d/p/0077-Remove-PLT-Gnuplot-decoder.patch
- d/p/0078-Sanitize-input-filename-for-http-and-https-delegates.patch
- d/p/0079-Indirect-filename-must-be-authorized-by-policy.patch
- d/p/0080-Prevent-indirect-reads-with-label-at.patch
- d/p/0081-Less-secure-coders-require-explicit-reference.patch
- debian/rules: build with --with-rsvg.
- CVE-2016-3714
- CVE-2016-3715
- CVE-2016-3716
- CVE-2016-3717
- CVE-2016-3718
* SECURITY UPDATE: popen() shell vulnerability
- d/p/0082-Disable-MAGICKCORE_HAVE_POPEN.patch
- CVE-2016-5118
Date: 2016-06-01 18:53:13.181481+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/imagemagick/8:6.8.9.9-7ubuntu5.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Xenial-changes
mailing list