USN-3681-1: ImageMagick vulnerabilities

12 June 2018

Several security issues were fixed in ImageMagick.

Reduce your security exposure

Ubuntu Pro provides ten-year security coverage to 25,000+ packages in Main and Universe repositories, and it is free for up to five machines.

Learn more about Ubuntu Pro

Releases

Packages

imagemagick - Image manipulation programs and library

Details

It was discovered that ImageMagick incorrectly handled certain malformed
image files. If a user or automated system using ImageMagick were tricked
into opening a specially crafted image, an attacker could exploit this to
cause a denial of service or possibly execute code with the privileges of
the user invoking the program.

Reduce your security exposure

Ubuntu Pro provides ten-year security coverage to 25,000+ packages in Main and Universe repositories, and it is free for up to five machines.

Learn more about Ubuntu Pro

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 18.04

Ubuntu 17.10

Ubuntu 16.04

Ubuntu 14.04

In general, a standard system update will make all the necessary changes.

References

CVE-2017-1000445
CVE-2017-1000476
CVE-2017-10995
CVE-2017-11352
CVE-2017-11533
CVE-2017-11535
CVE-2017-11537
CVE-2017-11639
CVE-2017-11640
CVE-2017-12140
CVE-2017-12418
CVE-2017-12429
CVE-2017-12430
CVE-2017-12431
CVE-2017-12432
CVE-2017-12433
CVE-2017-12435
CVE-2017-12563
CVE-2017-12587
CVE-2017-12640
CVE-2017-12643
CVE-2017-12644
CVE-2017-12670
CVE-2017-12674
CVE-2017-12691
CVE-2017-12692
CVE-2017-12693
CVE-2017-12875
CVE-2017-12877
CVE-2017-12983
CVE-2017-13058
CVE-2017-13059
CVE-2017-13060
CVE-2017-13061
CVE-2017-13062
CVE-2017-13131
CVE-2017-13134
CVE-2017-13139
CVE-2017-13142
CVE-2017-13143
CVE-2017-13144
CVE-2017-13145
CVE-2017-13758
CVE-2017-13768
CVE-2017-13769
CVE-2017-14060
CVE-2017-14172
CVE-2017-14173
CVE-2017-14174
CVE-2017-14175
CVE-2017-14224
CVE-2017-14249
CVE-2017-14325
CVE-2017-14326
CVE-2017-14341
CVE-2017-14342
CVE-2017-14343
CVE-2017-14400
CVE-2017-14505
CVE-2017-14531
CVE-2017-14532
CVE-2017-14533
CVE-2017-14607
CVE-2017-14624
CVE-2017-14625
CVE-2017-14626
CVE-2017-14682
CVE-2017-14684
CVE-2017-14739
CVE-2017-14741
CVE-2017-14989
CVE-2017-15015
CVE-2017-15016
CVE-2017-15017
CVE-2017-15032
CVE-2017-15033
CVE-2017-15217
CVE-2017-15218
CVE-2017-15277
CVE-2017-15281
CVE-2017-16546
CVE-2017-17499
CVE-2017-17504
CVE-2017-17680
CVE-2017-17681
CVE-2017-17682
CVE-2017-17879
CVE-2017-17881
CVE-2017-17882
CVE-2017-17884
CVE-2017-17885
CVE-2017-17886
CVE-2017-17887
CVE-2017-17914
CVE-2017-17934
CVE-2017-18008
CVE-2017-18022
CVE-2017-18027
CVE-2017-18028
CVE-2017-18029
CVE-2017-18209
CVE-2017-18211
CVE-2017-18251
CVE-2017-18252
CVE-2017-18254
CVE-2017-18271
CVE-2017-18273
CVE-2018-10177
CVE-2018-10804
CVE-2018-10805
CVE-2018-11251
CVE-2018-11625
CVE-2018-11655
CVE-2018-11656
CVE-2018-5246
CVE-2018-5247
CVE-2018-5248
CVE-2018-5357
CVE-2018-5358
CVE-2018-6405
CVE-2018-7443
CVE-2018-8804
CVE-2018-8960
CVE-2018-9133

Related notices

USN-3363-1: libmagickcore-6-arch-config, libmagick++-dev, libmagickcore-6.q16-dev, libmagickwand5, imagemagick-doc, libmagickwand-6.q16-2, libmagickwand-6-headers, imagemagick-common, imagemagick, libmagickcore-6-headers, libmagick++5, libmagickwand-6.q16-dev, libmagick++-6-headers, libmagick++-6.q16-5v5, libimage-magick-q16-perl, libmagickcore-dev, libimage-magick-perl, libmagickwand-dev, imagemagick-6.q16, libmagickcore-6.q16-2-extra, libmagick++-6.q16-dev, libmagickcore5, libmagickcore5-extra, libmagickcore-6.q16-3, perlmagick, libmagick++-6.q16-7, libmagickcore-6.q16-2
USN-4222-1: graphicsmagick-imagemagick-compat, libgraphicsmagick++1-dev, graphicsmagick, libgraphics-magick-perl, libgraphicsmagick1-dev, libgraphicsmagick-q16-3, libgraphicsmagick++-q16-12, graphicsmagick-libmagick-dev-compat
USN-5335-1: libmagickcore-6-arch-config, libmagick++-dev, libmagickcore-6.q16-dev, imagemagick-doc, libmagickwand-6.q16-2, libmagickwand-6-headers, imagemagick-common, imagemagick, libmagickcore-6-headers, libmagickwand-6.q16-dev, libmagick++-6-headers, libmagick++-6.q16-5v5, libimage-magick-q16-perl, libmagickcore-dev, libimage-magick-perl, libmagickwand-dev, imagemagick-6.q16, libmagickcore-6.q16-2-extra, libmagick++-6.q16-dev, perlmagick, libmagickcore-6.q16-2
USN-4232-1: graphicsmagick-imagemagick-compat, libgraphicsmagick++1-dev, graphicsmagick, libgraphics-magick-perl, libgraphicsmagick1-dev, libgraphicsmagick-q16-3, libgraphicsmagick++-q16-12, graphicsmagick-libmagick-dev-compat

Join the discussion

Need help with your security needs?

Ubuntu Pro provides up to ten-year security coverage for over 23,000 open-source packages within the Ubuntu Main and Universe repositories.

Talk to an expert to find out what would work best for you

Security

USN-3681-1: ImageMagick vulnerabilities

Reduce your security exposure

Releases

Packages

Details

Reduce your security exposure

Update instructions

Ubuntu 18.04

Ubuntu 17.10

Ubuntu 16.04

Ubuntu 14.04

References

Related notices

Join the discussion

Need help with your security needs?

Further reading