USN-5855-4

Source

https://ubuntu.com/security/notices/USN-5855-4

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/USN-5855-4.json

Related

Published

2023-04-17T11:55:50.407944Z

Modified

2023-04-17T11:55:50.407944Z

Summary

imagemagick vulnerabilities

Details

USN-5855-1 fixed vulnerabilities in ImageMagick. This update provides the corresponding updates for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.

Original advisory details:

It was discovered that ImageMagick incorrectly handled certain PNG images. If a user or automated system were tricked into opening a specially crafted PNG file, an attacker could use this issue to cause ImageMagick to stop responding, resulting in a denial of service, or possibly obtain the contents of arbitrary files by including them into images.

References

Affected packages

Ubuntu:Pro:14.04:LTS / imagemagick

Package

Name: imagemagick

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Fixed

8:6.7.7.10-6ubuntu3.13+esm5

Ecosystem specific

{
    "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
    "binaries": [
        {
            "libmagickcore5-extra": "8:6.7.7.10-6ubuntu3.13+esm5",
            "libmagickcore5": "8:6.7.7.10-6ubuntu3.13+esm5",
            "libmagickcore-dev": "8:6.7.7.10-6ubuntu3.13+esm5",
            "imagemagick-doc": "8:6.7.7.10-6ubuntu3.13+esm5",
            "libmagick++5": "8:6.7.7.10-6ubuntu3.13+esm5",
            "libmagick++-dev": "8:6.7.7.10-6ubuntu3.13+esm5",
            "perlmagick": "8:6.7.7.10-6ubuntu3.13+esm5",
            "imagemagick": "8:6.7.7.10-6ubuntu3.13+esm5",
            "libmagickwand5": "8:6.7.7.10-6ubuntu3.13+esm5",
            "libmagickwand-dev": "8:6.7.7.10-6ubuntu3.13+esm5",
            "imagemagick-common": "8:6.7.7.10-6ubuntu3.13+esm5"
        }
    ]
}

Ubuntu:Pro:16.04:LTS / imagemagick

Package

Name: imagemagick

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Fixed

8:6.8.9.9-7ubuntu5.16+esm7

Ecosystem specific

{
    "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
    "binaries": [
        {
            "libmagickcore-6.q16-2": "8:6.8.9.9-7ubuntu5.16+esm7",
            "imagemagick-common": "8:6.8.9.9-7ubuntu5.16+esm7",
            "libimage-magick-q16-perl": "8:6.8.9.9-7ubuntu5.16+esm7",
            "imagemagick-doc": "8:6.8.9.9-7ubuntu5.16+esm7",
            "libmagick++-6.q16-5v5": "8:6.8.9.9-7ubuntu5.16+esm7",
            "libmagick++-dev": "8:6.8.9.9-7ubuntu5.16+esm7",
            "libmagickwand-6.q16-2": "8:6.8.9.9-7ubuntu5.16+esm7",
            "libimage-magick-perl": "8:6.8.9.9-7ubuntu5.16+esm7",
            "imagemagick": "8:6.8.9.9-7ubuntu5.16+esm7",
            "libmagickwand-6.q16-dev": "8:6.8.9.9-7ubuntu5.16+esm7",
            "libmagickcore-6-arch-config": "8:6.8.9.9-7ubuntu5.16+esm7",
            "libmagickwand-dev": "8:6.8.9.9-7ubuntu5.16+esm7",
            "libmagickcore-6.q16-2-extra": "8:6.8.9.9-7ubuntu5.16+esm7",
            "libmagickcore-6.q16-dev": "8:6.8.9.9-7ubuntu5.16+esm7",
            "imagemagick-6.q16": "8:6.8.9.9-7ubuntu5.16+esm7",
            "libmagick++-6.q16-dev": "8:6.8.9.9-7ubuntu5.16+esm7",
            "perlmagick": "8:6.8.9.9-7ubuntu5.16+esm7",
            "libmagickwand-6-headers": "8:6.8.9.9-7ubuntu5.16+esm7",
            "libmagickcore-6-headers": "8:6.8.9.9-7ubuntu5.16+esm7",
            "libmagick++-6-headers": "8:6.8.9.9-7ubuntu5.16+esm7",
            "libmagickcore-dev": "8:6.8.9.9-7ubuntu5.16+esm7"
        }
    ]
}