Package : imagemagick Version : 8:6.7.7.10-5+deb7u18 CVE ID : CVE-2017-15277 CVE-2017-15281 Debian Bug : 878578 878579
This update fixes two vulnerabilities in ImageMagick: CVE-2017-15277 An uninitialized data structure could lead to information disclosure when reading a specially crafted GIF file. CVE-2017-15281 An uninitialized value used in a conditional jump could cause a denial of service (application crash) or other unspecified impacts when reading a specially crafted PSD file. For Debian 7 "Wheezy", these problems have been fixed in version 8:6.7.7.10-5+deb7u18. We recommend that you upgrade your imagemagick packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS
signature.asc
Description: Digital signature