Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 19 May 2016 17:18:36 +0000
From: Jeremy Stanley <fungi@...goth.org>
To: oss-security@...ts.openwall.com
Subject: Re: ImageMagick Is On Fire -- CVE-2016-3714

On 2016-05-19 12:07:16 -0500 (-0500), Bob Friesenhahn wrote:
> I find it very disturbing that there seems to be very little
> response from popular OS distributions to this issue. Most do not
> appear to have issued any package updates to close the shell
> exploit.
[...]
> As an example Ubuntu 14.04.4 LTS (which is supposed to be getting
> security updates) has not provided ImageMagick or GraphicsMagick
> package updates in 3 years.
[...]

Seems to be in progress? https://launchpad.net/bugs/1578398
-- 
Jeremy Stanley

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ