Past Incidents

Tuesday 16th January 2018

Managed Server Version 4: graphicsmagick and libgraphicsmagick3 update, scheduled 7 years ago

Package: graphicsmagick
Version: 1.3.16-1.1+deb7u17
CVE ID: CVE-2018-5685
Debian Bug: 887158

libgraphicsmagick3 1.3.16-1.1+deb7u16 was updated to version libgraphicsmagick3_1.3.16-1.1+deb7u17_amd64.deb.
graphicsmagick 1.3.16-1.1+deb7u16 was updated to version graphicsmagick_1.3.16-1.1+deb7u17_amd64.deb.

A vulnerability has been discovered in GraphicsMagick, a collection of
image processing tools, which may result in a denial of service.

CVE-2018-5685
    An infinite loop and application hang has been discovered in the
    ReadBMPImage function (coders/bmp.c). Remote attackers could
    leverage this vulnerability to cause a denial of service via an
    image file with a crafted bit-field mask value.

Managed Server Version 5: gdk-pixbuf update, scheduled 7 years ago

Package: gdk-pixbuf
CVE ID: CVE-2017-1000422

libgdk-pixbuf2.0-0 2.31.1-2+deb8u6 was updated to version 2.31.1-2+deb8u7.
libgdk-pixbuf2.0-common 2.31.1-2+deb8u6 was updated to version 2.31.1-2+deb8u7.

It was discovered that multiple integer overflows in the GIF image loader
in the GDK Pixbuf library may result in denial of service and potentially
the execution of arbitrary code if a malformed image file is opened.

Monday 15th January 2018

Managed Server Version 5: libxml2 update, scheduled 7 years ago

Package: libxml2
CVE ID: CVE-2017-15412
Debian Bug: 883790

libxml2 2.9.1+dfsg1-5+deb8u5 was updated to version 2.9.1+dfsg1-5+deb8u6.

Nick Wellnhofer discovered that certain function calls inside XPath
predicates can lead to use-after-free and double-free errors when
executed by libxml2's XPath engine via an XSLT transformation.

Sunday 14th January 2018

No incidents reported

Saturday 13th January 2018

No incidents reported

Friday 12th January 2018

No incidents reported

Thursday 11th January 2018

No incidents reported

Wednesday 10th January 2018

No incidents reported