logo
DATABASE RESOURCES PRICING ABOUT US

Important: GraphicsMagick

Description

**Issue Overview:** It was discovered that GraphicsMagick did not properly sanitize certain input before using it to invoke processes. A remote attacker could create a specially crafted image that, when processed by an application using GraphicsMagick or an unsuspecting user using the GraphicsMagick utilities, would lead to arbitrary execution of shell commands with the privileges of the user running the application. (CVE-2016-5118) Vulnerabilities in GraphicsMagick's SVG processing code were discovered, resulting in memory corruption and, potentially, execution of arbitrary code, a denial of service, or an application crash. (CVE-2016-2317, CVE-2016-2318, CVE-2016-5118) **Affected Packages:** GraphicsMagick **Issue Correction:** Run _yum update GraphicsMagick_ to update your system. **New Packages:** i686:     GraphicsMagick-1.3.24-1.8.amzn1.i686     GraphicsMagick-c++-devel-1.3.24-1.8.amzn1.i686     GraphicsMagick-devel-1.3.24-1.8.amzn1.i686     GraphicsMagick-debuginfo-1.3.24-1.8.amzn1.i686     GraphicsMagick-perl-1.3.24-1.8.amzn1.i686     GraphicsMagick-c++-1.3.24-1.8.amzn1.i686 noarch:     GraphicsMagick-doc-1.3.24-1.8.amzn1.noarch src:     GraphicsMagick-1.3.24-1.8.amzn1.src x86_64:     GraphicsMagick-debuginfo-1.3.24-1.8.amzn1.x86_64     GraphicsMagick-1.3.24-1.8.amzn1.x86_64     GraphicsMagick-devel-1.3.24-1.8.amzn1.x86_64     GraphicsMagick-c++-1.3.24-1.8.amzn1.x86_64     GraphicsMagick-perl-1.3.24-1.8.amzn1.x86_64     GraphicsMagick-c++-devel-1.3.24-1.8.amzn1.x86_64


Affected Package


OS OS Version Package Name Package Version
Amazon Linux 1 graphicsmagick 1.3.24-1.8.amzn1
Amazon Linux 1 graphicsmagick-c++-devel 1.3.24-1.8.amzn1
Amazon Linux 1 graphicsmagick-devel 1.3.24-1.8.amzn1
Amazon Linux 1 graphicsmagick-debuginfo 1.3.24-1.8.amzn1
Amazon Linux 1 graphicsmagick-perl 1.3.24-1.8.amzn1
Amazon Linux 1 graphicsmagick-c++ 1.3.24-1.8.amzn1
Amazon Linux 1 graphicsmagick-doc 1.3.24-1.8.amzn1
Amazon Linux 1 graphicsmagick 1.3.24-1.8.amzn1
Amazon Linux 1 graphicsmagick-debuginfo 1.3.24-1.8.amzn1
Amazon Linux 1 graphicsmagick 1.3.24-1.8.amzn1
Amazon Linux 1 graphicsmagick-devel 1.3.24-1.8.amzn1
Amazon Linux 1 graphicsmagick-c++ 1.3.24-1.8.amzn1
Amazon Linux 1 graphicsmagick-perl 1.3.24-1.8.amzn1
Amazon Linux 1 graphicsmagick-c++-devel 1.3.24-1.8.amzn1

Related