Public bug reported:
I have a number of Ubuntu servers (24.04.2 LTS, in AWS) with ImageMagick
installed. They have the most recent version of ImageMagick and related
packages installed, according to a grep of `apt list --installed`:
`imagemagick/noble,now 8:6.9.12.98+dfsg1-5.2build2 amd64 [installed]`
`apt update` followed by `apt list --upgradable` confirms that there are
no newer versions available to me.
Assuming I'm reading the info in the "Code" tab of this site correctly,
that version hasn't been updated in ~18 months. In the intervening
period, a number of security issues have been reported that would seem
to apply, including those in USN-7876-1 and USN-7756-1.
Ubuntu Pro includes backported fixes for these issues, and the USN pages
for these issues direct me to download
`8:6.9.12.98+dfsg1-5.2ubuntu0.1~esm4` -- which isn't available to
standard LTS users. Is there a plan/timeline for backporting the
relevant security fixes to LTS?
** Affects: imagemagick (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2137579
Title:
Security fix for USN-7876-1 not backported to 24.04 LTS
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/2137579/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
