logo
DATABASE RESOURCES PRICING ABOUT US

Updated imagemagick packages fix security vulnerabilities

Description

Updated imagemagick package fixes security vulnerabilities: The OpenBlob function in blob.c in ImageMagick allows remote attackers to execute arbitrary code via a | (pipe) character at the start of a filename (CVE-2016-5118). Integer overflow in MagickCore/profile.c (CVE-2016-5841). Buffer overread in MagickCore/property.c (CVE-2016-5842). Also, several packages have been rebuilt to use the updated Magick++-6.Q16 library. These include converseen, cuneiform-linux, inkscape, k3d, kcm-grub2, kxstitch, performous, perl-Image-SubImageFind, pfstools, pstoedit, pythonmagick, synfig, vdr-plugin-skinelchi, and vdr-plugin-skinenigmang.


Affected Package


OS OS Version Package Name Package Version
Mageia 5 imagemagick 6.9.5.2-1
Mageia 5 converseen 0.8.3-3.1
Mageia 5 cuneiform-linux 1.1.0-6.1
Mageia 5 inkscape 0.91-1.1
Mageia 5 k3d 0.8.0.2-10.1
Mageia 5 kcm-grub2 0.5.8-12.2
Mageia 5 kxstitch 1.2.0-3.1
Mageia 5 performous 0.8.0-0.20141015.2.1
Mageia 5 perl-image-subimagefind 0.30.0-2.1
Mageia 5 pfstools 1.8.5-1.1
Mageia 5 pstoedit 3.62-5.1
Mageia 5 pythonmagick 0.9.12-1
Mageia 5 synfig 0.64.1-6.1
Mageia 5 vdr-plugin-skinelchi 0.2.8-6.1
Mageia 5 vdr-plugin-skinenigmang 0.1.2-8.1

Related