Legacy ImageMagick Discussions Archive

Use https://github.com/ImageMagick/ImageMagick/discussions instead.
http://www.imagemagick.org/discourse-server/

Remote code execution vulnerability in libmagickwand?

http://www.imagemagick.org/discourse-server/viewtopic.php?t=29718

Page 1 of 1

Remote code execution vulnerability in libmagickwand?

Posted: 2016-05-18T07:54:15-07:00
by chomas
Sorry if this question has already been answered somewhere but my searches have come up empty. We package VIPS with libmagickwand-dev Depends: libmagickwand5 (= 8:6.7.7.10-6ubuntu3), libmagickcore5-extra (= 8:6.7.7.10-6ubuntu3), libmagickcore-dev (= 8:6.7.7.10-6ubuntu3). Could the https://imagetragick.com vulnerability be exposed?

Re: Remote code execution vulnerability in libmagickwand?

Posted: 2016-05-18T07:58:05-07:00
by magick
See https://www.imagemagick.org/discourse-s ... =4&t=29588. Add the suggested policies and you should be safe.
All times are UTC-07:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited