GLSA-201606-14 : ImageMagick: Multiple vulnerabilities

medium Nessus Plugin ID 91845

Synopsis

The remote Gentoo host is missing one or more security-related patches.

Description

The remote host is affected by the vulnerability described in GLSA-201606-14 (ImageMagick: Multiple vulnerabilities)

Multiple vulnerabilities have been discovered in ImageMagick including, but not limited to, various overflows and potential Denials of Service.
Please visit the references and related bug reports for additional information.
Impact :

Remote attackers could potentially perform buffer overflows or conduct Denials of Service.
Workaround :

There is no known workaround at this time.

Solution

All ImageMagick users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose '>=media-gfx/imagemagick-6.9.0.3'

See Also

https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1448803

https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1490362

https://www.openwall.com/lists/oss-security/2014/12/24/1

https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1459747

https://security.gentoo.org/glsa/201606-14

Plugin Details

Severity: Medium

ID: 91845

File Name: gentoo_GLSA-201606-14.nasl

Version: 2.3

Type: local

Published: 6/27/2016

Updated: 1/11/2021

Supported Sensors: Nessus

Vulnerability Information

CPE: p-cpe:/a:gentoo:linux:imagemagick, cpe:/o:gentoo:linux

Required KB Items: Host/local_checks_enabled, Host/Gentoo/release, Host/Gentoo/qpkg-list

Patch Publication Date: 6/26/2016

Reference Information

GLSA: 201606-14