ELA-253-1 imagemagick security update

denial-of-service

2020-07-30
Packageimagemagick
Version8:6.8.9.9-5+deb8u20
Related CVEs CVE-2017-12805 CVE-2017-17681 CVE-2017-18252 CVE-2018-7443 CVE-2018-8804 CVE-2018-8960 CVE-2018-9133 CVE-2018-10177 CVE-2018-18024 CVE-2018-20467 CVE-2019-10131 CVE-2019-11472 CVE-2019-12977 CVE-2019-12978 CVE-2019-12979 CVE-2019-13300 CVE-2019-13307 CVE-2019-13454

Multiple security vulnerabilities were fixed in Imagemagick. Various memory handling problems and cases of missing or incomplete input sanitising may result in denial of service and memory or CPU exhaustion.

For Debian 8 jessie, these problems have been fixed in version 8:6.8.9.9-5+deb8u20.

We recommend that you upgrade your imagemagick packages.

Further information about Extended LTS security advisories can be found at: https://deb.freexian.com/extended-lts/