Detections
Analytics

Debian DSA-3675-1 : imagemagick - security update

high Nessus Plugin ID 93693

Language:

Synopsis

The remote Debian host is missing a security-related update.

Description

This updates fixes several vulnerabilities in imagemagick: Various memory handling problems and cases of missing or incomplete input sanitising may result in denial of service or the execution of arbitrary code if malformed SIXEL, PDB, MAP, SGI, TIFF and CALS files are processed.

Solution

Upgrade the imagemagick packages.

For the stable distribution (jessie), these problems have been fixed in version 8:6.8.9.9-5+deb8u5.

See Also

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=836776

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=836172

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=836171

https://packages.debian.org/source/jessie/imagemagick

https://www.debian.org/security/2016/dsa-3675

Plugin Details

Severity: High

ID: 93693

File Name: debian_DSA-3675.nasl

Version: 2.8

Type: local

Agent: unix

Published: 9/26/2016

Updated: 1/11/2021

Supported Sensors: Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus

Vulnerability Information

CPE: p-cpe:/a:debian:debian_linux:imagemagick, cpe:/o:debian:debian_linux:8.0

Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l

Patch Publication Date: 9/23/2016

Reference Information

DSA: 3675