ALAS2023-2023-121

ImageMagick 7.1.0-49 is vulnerable to Denial of Service. When it parses a PNG image (e.g., for resize), the convert process could be left waiting for stdin input. (CVE-2022-44267)

ImageMagick 7.1.0-49 is vulnerable to Information Disclosure. When it parses a PNG image (e.g., for resize), the resulting image could have embedded the content of an arbitrary. file (if the magick binary has permissions to read it). (CVE-2022-44268)

aarch64:
    ImageMagick-perl-6.9.12.77-1.amzn2023.0.1.aarch64
    ImageMagick-c++-devel-6.9.12.77-1.amzn2023.0.1.aarch64
    ImageMagick-c++-debuginfo-6.9.12.77-1.amzn2023.0.1.aarch64
    ImageMagick-perl-debuginfo-6.9.12.77-1.amzn2023.0.1.aarch64
    ImageMagick-c++-6.9.12.77-1.amzn2023.0.1.aarch64
    ImageMagick-6.9.12.77-1.amzn2023.0.1.aarch64
    ImageMagick-debuginfo-6.9.12.77-1.amzn2023.0.1.aarch64
    ImageMagick-debugsource-6.9.12.77-1.amzn2023.0.1.aarch64
    ImageMagick-devel-6.9.12.77-1.amzn2023.0.1.aarch64
    ImageMagick-doc-6.9.12.77-1.amzn2023.0.1.aarch64
    ImageMagick-libs-debuginfo-6.9.12.77-1.amzn2023.0.1.aarch64
    ImageMagick-libs-6.9.12.77-1.amzn2023.0.1.aarch64

src:
    ImageMagick-6.9.12.77-1.amzn2023.0.1.src

x86_64:
    ImageMagick-c++-devel-6.9.12.77-1.amzn2023.0.1.x86_64
    ImageMagick-perl-debuginfo-6.9.12.77-1.amzn2023.0.1.x86_64
    ImageMagick-c++-debuginfo-6.9.12.77-1.amzn2023.0.1.x86_64
    ImageMagick-6.9.12.77-1.amzn2023.0.1.x86_64
    ImageMagick-perl-6.9.12.77-1.amzn2023.0.1.x86_64
    ImageMagick-debugsource-6.9.12.77-1.amzn2023.0.1.x86_64
    ImageMagick-doc-6.9.12.77-1.amzn2023.0.1.x86_64
    ImageMagick-c++-6.9.12.77-1.amzn2023.0.1.x86_64
    ImageMagick-debuginfo-6.9.12.77-1.amzn2023.0.1.x86_64
    ImageMagick-devel-6.9.12.77-1.amzn2023.0.1.x86_64
    ImageMagick-libs-debuginfo-6.9.12.77-1.amzn2023.0.1.x86_64
    ImageMagick-libs-6.9.12.77-1.amzn2023.0.1.x86_64