USN-5855-3: ImageMagick regression

Read Time:25 Second

USN-5855-2 fixed vulnerabilities in ImageMagick. Unfortunately an additional
mitigation caused a regression. This update fixes the problem.

We apologize for the inconvenience.

Original advisory details:

It was discovered that ImageMagick incorrectly handled certain PNG images.
If a user or automated system were tricked into opening a specially crafted
PNG file, an attacker could use this issue to cause ImageMagick to stop
responding, resulting in a denial of service, or possibly obtain the
contents of arbitrary files by including them into images.

Read More