1. Forum
  2. Usenet
  3. LINUX.DEBIAN.ANNOUNCE.SEC

  • [SECURITY] [DSA 4576-1] php-imagick security update

    From Salvatore Bonaccorso@1:229/2 to All on Mon Nov 25 16:50:01 2019
    From: [email protected]

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-4576-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso November 25, 2019 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : php-imagick
    CVE ID : CVE-2019-11037
    Debian Bug : 928420

    An out-of-bounds write vulnerability was discovered in php-imagick, a
    PHP extension to create and modify images using the ImageMagick API,
    which could result in denial of service, or potentially the execution of arbitrary code.

    For the oldstable distribution (stretch), this problem has been fixed
    in version 3.4.3~rc2-2+deb9u1.

    We recommend that you upgrade your php-imagick packages.

    For the detailed security status of php-imagick please refer to its
    security tracker page at: https://security-tracker.debian.org/tracker/php-imagick

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: [email protected]
    -----BEGIN PGP SIGNATURE-----

    iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAl3b9nVfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0RztQ//SBNrmvwjUaqVRqcVLBIZoZA+pQj8QrI/WBDJCYx0lLdTdKK18kdH4aRw e9IVnxIDrfv+aL5jBicCt5kFND0dTtAHzBIlg8BdG5BnpemM98zwkahIVMc35bP0 ZumS49335SsHzE+mfrdpzPpC8dNHMLuA80/acDWqmgF1tPhCJuOjtm+113poRpk1 E0vPkXzWS2mnItYBHqppmcVE0BtNqjzYlJU6td2WhfRzhHNB7yNiwt6QIA6rH3jn ApKHCIhHvUHdXJB+HIDm897DpOaemXfnuc3KNE5UlGXm/NO/uPWjjpH9wNZz6LBs jvJ2SG+9fFsVsOMXtNqUmgcUOJR5YCzmzGCJU0HAnMPkCaLEM/9eR7bEB1iQQ/ja DQE+PzGR7QTg6v6eYQGnUmjs5i29bYCdyFJGc/eV1XImQlUoaDK1gxEYajmV2KJa h2r7X2LOC1j7vUgl0eusgZLiYlxdqWiA4WXNoySZ+ghOeLoKQ79mv8XSjizgWS+T 7Yt5BvhDsFc7PwjtOMkELhKazL1wK6F4wTs/e0tvJTk9RGP6Ku7gNUT3QX/UvTaP wHux1seWhMpeo9aCj5tiFJ3pUamU9BMitiQ3mLLleufYDHGWohfpvw07E/fFvr9h Zm/ppFkMiztiKfLDq19fNGPb1HBYETWsgcLRfboFdtzbs+F50jE=
    =w6sZ
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: you cannot sedate... all the things you hate (1:229/2)