UbuntuUpdates.org

Package "libmagick++-6.q16-dev"

Name: libmagick++-6.q16-dev

Description:

C++ interface to ImageMagick - development files (Q16)
Latest version: 8:6.9.11.60+dfsg-1.3ubuntu0.22.04.3
Release: jammy (22.04)
Level: updates
Repository: universe
Head package: imagemagick
Homepage: https://www.imagemagick.org/

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "libmagick++-6.q16-dev"

32-bit deb package
64-bit deb package
APT INSTALL

Other versions of "libmagick++-6.q16-dev" in Jammy

Repository Area Version
base universe 8:6.9.11.60+dfsg-1.3build2
security universe 8:6.9.11.60+dfsg-1.3ubuntu0.22.04.3

Changelog

Version: 8:6.9.11.60+dfsg-1.3ubuntu0.22.04.3 2023-03-31 16:06:55 UTC

  imagemagick (8:6.9.11.60+dfsg-1.3ubuntu0.22.04.3) jammy-security; urgency=medium

  * SECURITY REGRESSION: Revert additional mitigation.
    - debian/patches/CVE-2022-44267_44268-3.patch: Remove bad mitigation via
      a policy file.

 -- Paulo Flabiano Smorigo <email address hidden> Thu, 30 Mar 2023 12:45:39 -0300
Source diff to previous version
CVE-2022-44267 ImageMagick 7.1.0-49 is vulnerable to Denial of Service. When it parses a PNG image (e.g., for resize), the convert process could be left waiting for

Version: 8:6.9.11.60+dfsg-1.3ubuntu0.22.04.2 2023-03-20 21:06:55 UTC

  imagemagick (8:6.9.11.60+dfsg-1.3ubuntu0.22.04.2) jammy-security; urgency=medium

  * SECURITY UPDATE: Additional fix from previous release
    - debian/patches/CVE-2022-44267_44268-1.patch: Renamed from
      debian/patches/CVE-2022-44267.patch.
    - debian/patches/CVE-2022-44267_44268-2.patch: Renamed from
      debian/patches/CVE-2022-44268.patch.
    - debian/patches/CVE-2022-44267_44268-3.patch: Additional mitigation.
    - CVE-2022-44267
    - CVE-2022-44268

 -- Paulo Flabiano Smorigo <email address hidden> Wed, 15 Mar 2023 12:31:28 -0300
Source diff to previous version
CVE-2022-44267 ImageMagick 7.1.0-49 is vulnerable to Denial of Service. When it parses a PNG image (e.g., for resize), the convert process could be left waiting for
CVE-2022-44268 ImageMagick 7.1.0-49 is vulnerable to Information Disclosure. When it parses a PNG image (e.g., for resize), the resulting image could have embedded

Version: 8:6.9.11.60+dfsg-1.3ubuntu0.22.04.1 2023-02-28 23:06:51 UTC

  imagemagick (8:6.9.11.60+dfsg-1.3ubuntu0.22.04.1) jammy-security; urgency=medium

  * SECURITY UPDATE: Denial of Service
    - debian/patches/CVE-2022-44267.patch: possible DoS @ stdin (OCE-
      2022-70); possible arbitrary file leak (OCE-2022-72) (LP: #2004580)
    - CVE-2022-44267
  * SECURITY UPDATE: Information Disclosure
    - debian/patches/CVE-2022-44268.patch: move -set profile handler to CLI
    - CVE-2022-44268

 -- Paulo Flabiano Smorigo <email address hidden> Fri, 24 Feb 2023 11:40:25 -0300
2004580 Possible arbitrary file leak
CVE-2022-44267 ImageMagick 7.1.0-49 is vulnerable to Denial of Service. When it parses a PNG image (e.g., for resize), the convert process could be left waiting for
CVE-2022-44268 ImageMagick 7.1.0-49 is vulnerable to Information Disclosure. When it parses a PNG image (e.g., for resize), the resulting image could have embedded


About   -   Send Feedback to @ubuntu_updates