Updated imagemagick packages fix security vulnerability
Publication date: 06 May 2023Modification date: 06 May 2023
Type: security
Affected Mageia releases : 8
CVE: CVE-2023-1906
Description
A heap-based buffer overflow issue was discovered in ImageMagick's ImportMultiSpectralQuantum() function in MagickCore/quantum-import.c. An attacker could pass specially crafted file to convert, triggering an out-of-bounds read error, allowing an application to crash, resulting in a denial of service. (CVE-2023-1906)
References
SRPMS
8/tainted
- imagemagick-7.1.0.62-1.1.mga8.tainted
8/core
- imagemagick-7.1.0.62-1.1.mga8