You are here
Home > Preporuke > Sigurnosni nedostaci programskog paketa imagemagick

Sigurnosni nedostaci programskog paketa imagemagick

==========================================================================
Ubuntu Security Notice USN-4549-1
September 28, 2020

imagemagick vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 20.04 LTS

Summary:

ImageMagick could be made to crash if it opened a specially crafted
file.

Software Description:
– imagemagick: Image manipulation programs and library

Details:

It was discovered that ImageMagick incorrectly handled certain specially
crafted image files. If a user or automated system using ImageMagick were
tricked into opening a specially crafted image, an attacker could exploit
this to cause a denial of service or other unspecified impact.
(CVE-2019-19948, CVE-2019-19949)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 20.04 LTS:
imagemagick 8:6.9.10.23+dfsg-2.1ubuntu11.1
imagemagick-6.q16 8:6.9.10.23+dfsg-2.1ubuntu11.1
libmagick++-6.q16-8 8:6.9.10.23+dfsg-2.1ubuntu11.1
libmagickcore-6.q16-6 8:6.9.10.23+dfsg-2.1ubuntu11.1

In general, a standard system update will make all the necessary changes.

References:
https://usn.ubuntu.com/4549-1
CVE-2019-19948, CVE-2019-19949

Package Information:
https://launchpad.net/ubuntu/+source/imagemagick/8:6.9.10.23+dfsg-2.1ubuntu11.1
—–BEGIN PGP SIGNATURE—–

iQIzBAEBCgAdFiEECtyyz6azUy6AZBzSkGeI6zGnN/8FAl9yB8oACgkQkGeI6zGn
N//k8BAAhATEBJuMSs4i7nharaGew0FUdsiEJvWbj0X89nN9CMqmEIT1ky0fCVjX
iOfK2mme6zNyAA5CIwHuG21/gVFLmmhPDN3IgfIWtlN4JxzQRKQoZL3+JtotD1LN
daJe7aFhga5Zja6nEBVcjIQKGFkpr2Koqz2FM+phXy8i9CMsIM7N88r1uI3nB73K
lYUJoafhbx3xfnVlMRlWvexH4FnfK05QksuINi3g1x2n0vy/TMyI4QiTpoW5MigF
5RZVeSf6QWIEmakOH9F4LCHjwLIuKx8XFKnsIpoUlqGqmTtlJDKbvSO2U3/+MQVM
mKfYZ9aDOl3YglmWvR6urNCaZXXxnU7MmO9H0UObO++x/ldN9RZWjvqhyBeePuMg
zlNU98zcjJFo7D8Z0NdurEty1NtT6wOOl0KXllf1AV167k1F1Koz1jK5/nraSqns
03YPaEbIUIF10Y3tyPkPmTucsfsbLuXP0JQ1KaLs4rUG7u3Xoca07IDwtnSOiNTT
cGbyjyccnQUU8ALSUhPhkCcVCo0ruTtaOTxfy7bxyjD2et8kznvX6zY7W91R+dOp
6EXiVt3HdYZMFo5iPxfEYT34gx+fUfY42UqujVrC5fFe6HyX24Lbicvzm/nTg6kJ
NzRNixUQJ5ELUTgH9x1NgaDDHh4/O16dTLMKX8zhc7KtI1Elwjw=
=oj6P
—–END PGP SIGNATURE—–

Top
More in Preporuke
Sigurnosni nedostaci programskog paketa sudo

Otkriveni su sigurnosni nedostaci u programskom paketu sudo za operacijski sustav Ubuntu. Otkriveni nedostaci potencijalnim napadačima omogućuju izvršavanje proizvoljnog programskog...

Close