ImageMagick-6.7.8.9-13.el7
エラータID: AXSA:2016-233:02
ImageMagick is an image display and manipulation tool for the X
Window System. ImageMagick can read and write JPEG, TIFF, PNM, GIF,
and Photo CD image formats. It can resize, rotate, sharpen, color
reduce, or add special effects to an image, and when finished you can
either save the completed work in the original format or a different
one. ImageMagick also includes command line programs for creating
animated or transparent .gifs, creating composite images, creating
thumbnail images, and more.
ImageMagick is one of your choices if you need a program to manipulate
and display images. If you want to develop your own applications
which use ImageMagick code or APIs, you need to install
ImageMagick-devel as well.
Security issues fixed with this release:
CVE-2016-3714
The (1) EPHEMERAL, (2) HTTPS, (3) MVG, (4) MSL, (5) TEXT, (6) SHOW,
(7) WIN, and (8) PLT coders in ImageMagick before 6.9.3-10 and 7.x
before 7.0.1-1 allow remote attackers to execute arbitrary code via
shell metacharacters in a crafted image, aka "ImageTragick."
CVE-2016-3715
The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before
7.0.1-1 allows remote attackers to delete arbitrary files via a
crafted image.
CVE-2016-3716
The MSL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1
allows remote attackers to move arbitrary files via a crafted image.
CVE-2016-3717
The LABEL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1
allows remote attackers to read arbitrary files via a crafted image.
CVE-2016-3718
The (1) HTTP and (2) FTP coders in ImageMagick before 6.9.3-10 and 7.x
before 7.0.1-1 allow remote attackers to conduct server-side request
forgery (SSRF) attacks via a crafted image.
Update packages.
The (1) EPHEMERAL, (2) HTTPS, (3) MVG, (4) MSL, (5) TEXT, (6) SHOW, (7) WIN, and (8) PLT coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to execute arbitrary code via shell metacharacters in a crafted image, aka "ImageTragick."
The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to delete arbitrary files via a crafted image.
The MSL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to move arbitrary files via a crafted image.
The LABEL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to read arbitrary files via a crafted image.
The (1) HTTP and (2) FTP coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to conduct server-side request forgery (SSRF) attacks via a crafted image.
N/A
SRPMS
- ImageMagick-6.7.8.9-13.el7.src.rpm
MD5: da42d9cd0f542effd4480d64a0922498
SHA-256: 15c6e91f89cd594b86646b508dd8611c21c91e20ab90859eaf4d45fae6f78106
Size: 7.51 MB
Asianux Server 7 for x86_64
- ImageMagick-6.7.8.9-13.el7.x86_64.rpm
MD5: f03b444da731d68fa53667d605f66079
SHA-256: fcd6172a1193796a78d5cb3095fcf38f1e4257b1ef6130683523b91d8b6a8c8f
Size: 2.12 MB - ImageMagick-c++-6.7.8.9-13.el7.x86_64.rpm
MD5: fa28205483c7d086b665f23603718da8
SHA-256: 45fb2761800281e9b3e158b54f765b76aa5a37ca4b7b572974d031de9cfcdace
Size: 144.41 kB - ImageMagick-perl-6.7.8.9-13.el7.x86_64.rpm
MD5: 58d360150590394536a16d48ec83dc0c
SHA-256: 46ba817dd12a07fc8ae02f2d52ec38c790212f3879d94d9ccbe6b8d05dc90dce
Size: 146.39 kB - ImageMagick-6.7.8.9-13.el7.i686.rpm
MD5: e120c232e8f70433164b137a0cca5f24
SHA-256: 8954c064efe23b84f661f740b22995799e8a938ae428972ea624da045b7a66f8
Size: 2.05 MB - ImageMagick-c++-6.7.8.9-13.el7.i686.rpm
MD5: ff63b3e268bd4558b382ae7e2ed89dc9
SHA-256: df18448236ae47b1911bff234851235c3e2dc30d8ac2bfe11c042dc77e4a620b
Size: 151.34 kB