==========================================================================
Ubuntu Security Notice USN-4586-1
October 20, 2020
php-imagick vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
– Ubuntu 18.04 LTS
Summary:
PHP ImageMagick could be made to crash if it received specially crafted
input.
Software Description:
– php-imagick: PHP extension to create and modify images using the ImageMagick API
Details:
It was discovered that PHP ImageMagick extension didn’t check the address used
by an array. An attacker could use this issue to cause PHP ImageMagick to
crash, resulting in a denial of service.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 18.04 LTS:
php-imagick 3.4.3~rc2-2ubuntu4.1
In general, a standard system update will make all the necessary changes.
References:
https://usn.ubuntu.com/4586-1
CVE-2019-11037
Package Information:
https://launchpad.net/ubuntu/+source/php-imagick/3.4.3~rc2-2ubuntu4.1
—–BEGIN PGP SIGNATURE—–
iQIzBAABCgAdFiEEkCdEQ5T6DutSveCybUp5kL3izGYFAl+PIS4ACgkQbUp5kL3i
zGbAaA/+OC46pMQ1XGmSZrlCdUGLmOxj+Xvcwcy1cuWhVj01l1Cv9OstFlfSoCSr
SDp2uEVg56xaMUl36di8MNEjqc00FIsSTm15fhxrlnc5Yl/hgX/Uicgvg1eDpai+
kNVwDkPwd0jjiRL9+ndG9Wx/5xS4noCjXnUKXqxkpwkOzCmCmgGSENM4Vn6QsqLe
56VsWuxE0tRfpVXmyFGAA6PFEtlkXzQgH5zrhWWCGNQ3Msis46tKLvGIFokyj95t
FrH3xl/xe520ovPD0XNPT7m0YHdBbTPajRJBBndxjZHkQSKt0oiePaASFH1FsiYE
+NOU2kJHSt/b9DYS3f9Wgid8S10GscR1wy64ggede/ukUZQKBwmRu/7eeQRJEdqY
+qbo08Zb1CfislQcZdfFYggC8kDb5JuuY72nBgi7MtwR8iExDzecbp99TW6w3GTT
5Jp7Q71L1jGgPKunEBJ3HBx3mxhxdS0JZOMqNPYn/no9pJwK8IYAgtpkoJk7VRvU
vk9NQJoo5zJC3dO9hQDkh+Nh+K/tKD0Pygth6deZMhTz9ofMmbdYUXwHT9FuuoeX
vk00dp5oHmkaZoTgVNWDZY6vIsoFDU+Ovqs4QqK2OwSMJApDC9rGtZkZ09RhJAwH
65oo3NHeJUU4xum7RD8kmRo3qGBowoEYN3nkvesS+FSPhZaw7e8=
=k4cJ
—–END PGP SIGNATURE—–
—