[Bug 1797647] Re: imagemagick policy.xml typo for EPS files in bionic security update (8:6.9.7.4+dfsg-16ubuntu6.4)
Launchpad Bug Tracker
1797647 at bugs.launchpad.net
Tue Jun 25 11:21:16 UTC 2019
This bug was fixed in the package imagemagick - 8:6.9.7.4+dfsg-
16ubuntu6.7
---------------
imagemagick (8:6.9.7.4+dfsg-16ubuntu6.7) bionic-security; urgency=medium
[ Steve Beattie ]
* SECURITY UPDATE: previous update did not correctly block
encapsulated postscript (EPS) documents by default (LP: #1797647)
- debian/patches/200-disable-ghostscript-formats.patch: correctly
disable EPS files by default in policy.xml
[ Marc Deslauriers ]
* SECURITY UPDATE: multiple security issues
- debian/patches/CVE-*.patch: backport multiple upstream commits.
- CVE-2017-12805, CVE-2017-12806, CVE-2018-16412, CVE-2018-16413,
CVE-2018-17965, CVE-2018-17966, CVE-2018-18016, CVE-2018-18024,
CVE-2018-18025, CVE-2018-18544, CVE-2018-20467, CVE-2019-7175,
CVE-2019-7395, CVE-2019-7396, CVE-2019-7397, CVE-2019-7398,
CVE-2019-9956, CVE-2019-10131, CVE-2019-10650, CVE-2019-11470,
CVE-2019-11472, CVE-2019-11597, CVE-2019-11598
* debian/tests/rose-*: remove pdf tests.
-- Marc Deslauriers <marc.deslauriers at ubuntu.com> Thu, 20 Jun 2019
13:38:05 -0400
** Changed in: imagemagick (Ubuntu)
Status: New => Fix Released
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-12805
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-12806
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-16412
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-16413
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-17965
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-17966
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-18016
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-18024
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-18025
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-18544
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-20467
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-10131
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-10650
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-11470
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-11472
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-11597
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-11598
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-7175
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-7395
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-7396
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-7397
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-7398
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-9956
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to imagemagick in Ubuntu.
https://bugs.launchpad.net/bugs/1797647
Title:
imagemagick policy.xml typo for EPS files in bionic security update
(8:6.9.7.4+dfsg-16ubuntu6.4)
Status in imagemagick package in Ubuntu:
Fix Released
Bug description:
The update for imagemagick in bionic (8:6.9.7.4+dfsg-16ubuntu6.4)
covered by https://usn.ubuntu.com/3785-1/ did not correctly block
encapsulated postscript (EPS) file types.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1797647/+subscriptions
More information about the foundations-bugs
mailing list