USN-4586-2: PHP ImageMagick vulnerability
24 January 2022
PHP ImageMagick could be made to crash if it received specially crafted input.
Releases
Packages
- php-imagick - PHP extension to create and modify images using the ImageMagick API
Details
USN-4586-1 fixed vulnerabilities in PHP ImageMagick. This update
provides the corresponding update for Ubuntu 16.04 ESM.
Original advisory details:
It was discovered that PHP ImageMagick extension didn't check the address used
by an array. An attacker could use this issue to cause PHP ImageMagick to
crash, resulting in a denial of service.
Update instructions
The problem can be corrected by updating your system to the following package versions:
Ubuntu 16.04
-
php-imagick
-
3.4.0~rc6-1ubuntu3+esm1
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.