Updated imagemagick packages fix security vulnerabilities
Publication date: 22 Nov 2014Modification date: 22 Nov 2014
Type: security
Affected Mageia releases : 3 , 4
CVE: CVE-2014-8354 , CVE-2014-8355 , CVE-2014-8562 , CVE-2014-8716
Description
ImageMagick is vulnerable to a denial of service due to out-of-bounds memory accesses in the resize code (CVE-2014-8354), PCX parser (CVE-2014-8355), DCM decoder (CVE-2014-8562), and JPEG decoder (CVE-2014-8716).
References
- https://bugs.mageia.org/show_bug.cgi?id=14526
- http://lists.opensuse.org/opensuse-updates/2014-11/msg00036.html
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8354
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8355
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8562
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8716
SRPMS
3/core
- imagemagick-6.8.1.1-2.3.mga3
4/core
- imagemagick-6.8.7.0-2.3.mga4