USN-5534-1: ImageMagick vulnerabilities
26 July 2022
Several security issues were fixed in ImageMagick.
Releases
Packages
- imagemagick - Image manipulation programs and library
Details
It was discovered that ImageMagick incorrectly handled certain values.
If a user were tricked into processing a specially crafted image file,
an attacker could possibly exploit this issue to cause a denial of service
or other unspecified impact. (CVE-2022-32545, CVE-2022-32546)
It was discovered that ImageMagick incorrectly handled memory under
certain circumstances. If a user were tricked into processing a specially
crafted image file, an attacker could possibly exploit this issue to cause
a denial of service or other unspecified impact. (CVE-2022-32547)
Update instructions
The problem can be corrected by updating your system to the following package versions:
Ubuntu 16.04
-
imagemagick
-
8:6.8.9.9-7ubuntu5.16+esm4
Available with Ubuntu Pro
-
libimage-magick-q16-perl
-
8:6.8.9.9-7ubuntu5.16+esm4
Available with Ubuntu Pro
-
imagemagick-6.q16
-
8:6.8.9.9-7ubuntu5.16+esm4
Available with Ubuntu Pro
-
libmagick++-6.q16-5v5
-
8:6.8.9.9-7ubuntu5.16+esm4
Available with Ubuntu Pro
-
libmagickcore-6.q16-2-extra
-
8:6.8.9.9-7ubuntu5.16+esm4
Available with Ubuntu Pro
-
libmagickcore-6-headers
-
8:6.8.9.9-7ubuntu5.16+esm4
Available with Ubuntu Pro
-
libmagickwand-6.q16-2
-
8:6.8.9.9-7ubuntu5.16+esm4
Available with Ubuntu Pro
-
libmagickcore-6.q16-2
-
8:6.8.9.9-7ubuntu5.16+esm4
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.