USN-5855-3: ImageMagick regression
USN-5855-2 fixed vulnerabilities in ImageMagick. Unfortunately an additional
mitigation caused a regression. This update fixes the problem.
We apologize for the inconvenience.
Original advisory details:
It was discovered that ImageMagick incorrectly handled certain PNG images.
If a user or automated system were tricked into opening a specially crafted
PNG file, an attacker could use this issue to cause ImageMagick to stop
responding, resulting in a denial of service, or possibly obtain the
contents of arbitrary files by including them into images.
Source: USN-5855-3: ImageMagick regression
Leave a Reply