ALAS-2014-420

Amazon Linux 1 Security Advisory: ALAS-2014-420
Advisory Release Date: 2014-10-01 16:28 Pacific
Advisory Updated Date: 2014-10-01 18:51 Pacific

Severity: Medium

References: CVE-2014-1947
FAQs regarding Amazon Linux ALAS/CVE Severity

Issue Overview:

A buffer overflow flaw affecting ImageMagick and GraphicsMagic when handling PSD images was reported.

Affected Packages:

GraphicsMagick

Issue Correction:
Run yum update GraphicsMagick to update your system.

New Packages:

i686:
    GraphicsMagick-debuginfo-1.3.20-3.5.amzn1.i686
    GraphicsMagick-1.3.20-3.5.amzn1.i686
    GraphicsMagick-devel-1.3.20-3.5.amzn1.i686
    GraphicsMagick-c++-1.3.20-3.5.amzn1.i686
    GraphicsMagick-c++-devel-1.3.20-3.5.amzn1.i686
    GraphicsMagick-perl-1.3.20-3.5.amzn1.i686

noarch:
    GraphicsMagick-doc-1.3.20-3.5.amzn1.noarch

src:
    GraphicsMagick-1.3.20-3.5.amzn1.src

x86_64:
    GraphicsMagick-devel-1.3.20-3.5.amzn1.x86_64
    GraphicsMagick-c++-1.3.20-3.5.amzn1.x86_64
    GraphicsMagick-1.3.20-3.5.amzn1.x86_64
    GraphicsMagick-c++-devel-1.3.20-3.5.amzn1.x86_64
    GraphicsMagick-perl-1.3.20-3.5.amzn1.x86_64
    GraphicsMagick-debuginfo-1.3.20-3.5.amzn1.x86_64

Additional References

Red Hat: CVE-2014-1947

Mitre: CVE-2014-1947