Date: Thu, 19 May 2016 17:18:36 +0000 From: Jeremy Stanley <fungi@...goth.org> To: oss-security@...ts.openwall.com Subject: Re: ImageMagick Is On Fire -- CVE-2016-3714 On 2016-05-19 12:07:16 -0500 (-0500), Bob Friesenhahn wrote: > I find it very disturbing that there seems to be very little > response from popular OS distributions to this issue. Most do not > appear to have issued any package updates to close the shell > exploit. [...] > As an example Ubuntu 14.04.4 LTS (which is supposed to be getting > security updates) has not provided ImageMagick or GraphicsMagick > package updates in 3 years. [...] Seems to be in progress? https://launchpad.net/bugs/1578398 -- Jeremy Stanley
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ