UbuntuUpdates.org

Package "libmagickwand-6-headers"

Name: libmagickwand-6-headers

Description:

image manipulation library - headers files

Latest version: 8:6.9.11.60+dfsg-1.3ubuntu0.22.04.3
Release: jammy (22.04)
Level: security
Repository: universe
Head package: imagemagick
Homepage: https://www.imagemagick.org/

Links


Download "libmagickwand-6-headers"


Other versions of "libmagickwand-6-headers" in Jammy

Repository Area Version
base universe 8:6.9.11.60+dfsg-1.3build2
updates universe 8:6.9.11.60+dfsg-1.3ubuntu0.22.04.3

Changelog

Version: 8:6.9.11.60+dfsg-1.3ubuntu0.22.04.3 2023-03-31 14:06:56 UTC

  imagemagick (8:6.9.11.60+dfsg-1.3ubuntu0.22.04.3) jammy-security; urgency=medium

  * SECURITY REGRESSION: Revert additional mitigation.
    - debian/patches/CVE-2022-44267_44268-3.patch: Remove bad mitigation via
      a policy file.

 -- Paulo Flabiano Smorigo <email address hidden> Thu, 30 Mar 2023 12:45:39 -0300

Source diff to previous version
CVE-2022-44267 ImageMagick 7.1.0-49 is vulnerable to Denial of Service. When it parses a PNG image (e.g., for resize), the convert process could be left waiting for

Version: 8:6.9.11.60+dfsg-1.3ubuntu0.22.04.2 2023-03-20 19:06:57 UTC

  imagemagick (8:6.9.11.60+dfsg-1.3ubuntu0.22.04.2) jammy-security; urgency=medium

  * SECURITY UPDATE: Additional fix from previous release
    - debian/patches/CVE-2022-44267_44268-1.patch: Renamed from
      debian/patches/CVE-2022-44267.patch.
    - debian/patches/CVE-2022-44267_44268-2.patch: Renamed from
      debian/patches/CVE-2022-44268.patch.
    - debian/patches/CVE-2022-44267_44268-3.patch: Additional mitigation.
    - CVE-2022-44267
    - CVE-2022-44268

 -- Paulo Flabiano Smorigo <email address hidden> Wed, 15 Mar 2023 12:31:28 -0300

Source diff to previous version
CVE-2022-44267 ImageMagick 7.1.0-49 is vulnerable to Denial of Service. When it parses a PNG image (e.g., for resize), the convert process could be left waiting for
CVE-2022-44268 ImageMagick 7.1.0-49 is vulnerable to Information Disclosure. When it parses a PNG image (e.g., for resize), the resulting image could have embedded

Version: 8:6.9.11.60+dfsg-1.3ubuntu0.22.04.1 2023-02-28 22:06:50 UTC

  imagemagick (8:6.9.11.60+dfsg-1.3ubuntu0.22.04.1) jammy-security; urgency=medium

  * SECURITY UPDATE: Denial of Service
    - debian/patches/CVE-2022-44267.patch: possible DoS @ stdin (OCE-
      2022-70); possible arbitrary file leak (OCE-2022-72) (LP: #2004580)
    - CVE-2022-44267
  * SECURITY UPDATE: Information Disclosure
    - debian/patches/CVE-2022-44268.patch: move -set profile handler to CLI
    - CVE-2022-44268

 -- Paulo Flabiano Smorigo <email address hidden> Fri, 24 Feb 2023 11:40:25 -0300

2004580 Possible arbitrary file leak
CVE-2022-44267 ImageMagick 7.1.0-49 is vulnerable to Denial of Service. When it parses a PNG image (e.g., for resize), the convert process could be left waiting for
CVE-2022-44268 ImageMagick 7.1.0-49 is vulnerable to Information Disclosure. When it parses a PNG image (e.g., for resize), the resulting image could have embedded



About   -   Send Feedback to @ubuntu_updates