Ops One AG

You can subscribe via RSS

Tuesday 16th January 2018

Managed Server Version 4: graphicsmagick and libgraphicsmagick3 update, scheduled 2 years ago

Package: graphicsmagick
Version: 1.3.16-1.1+deb7u17
CVE ID: CVE-2018-5685
Debian Bug: 887158

  • libgraphicsmagick3 1.3.16-1.1+deb7u16 was updated to version libgraphicsmagick3_1.3.16-1.1+deb7u17_amd64.deb.
  • graphicsmagick 1.3.16-1.1+deb7u16 was updated to version graphicsmagick_1.3.16-1.1+deb7u17_amd64.deb.
A vulnerability has been discovered in GraphicsMagick, a collection of
image processing tools, which may result in a denial of service.

    An infinite loop and application hang has been discovered in the
    ReadBMPImage function (coders/bmp.c). Remote attackers could
    leverage this vulnerability to cause a denial of service via an
    image file with a crafted bit-field mask value.