/ Vulnerability in GraphicsMagick & ImageMagick

Date:

Last night a vulnerability was discovered in GraphicsMagick and ImageMagick, commonly used software packages for image processing. Under certain circumstances, this bug enables attackers to remotely execute code on the underlying server. We patched our systems immediately after this discovery.

Given the severity and nature of these remote exploits, we strongly advise users of GraphicsMagick or ImageMagick to take immediate action. You can do so by disabling this software, or by taking other mitigating measures. Please note, disabling this software can cause some features on your website or application to no longer work correctly.

Of course we will keep you informed about further developments.

Update: New security patches available

Security patches have been released by several Linux distributions. Below you can read how the different Linux distributions can be patched.

Debian / Ubuntu

   sudo apt-get update && sudo apt-get upgrade

Gentoo

  emerge --sync

  emerge --update imagemagick graphicsmagick