[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ale] Imagemagick exploit

Somebody panicked?

Posting about something is not the same as panicking about it.    I?m pretty sure neither Boris nor I wrote anything like ?lock up your wives and daughters while you drop everything to work on ImageMagick?.

Discussions about a FOSS utility used by many on Linux seem more relevant to this list than the discussions of where to get vacuum tubes that appear occasionally.


From: ale-bounces at ale.org [mailto:ale-bounces at ale.org] On Behalf Of Boris Borisov
Sent: Thursday, May 05, 2016 10:14 AM
To: jimkinney at gmail.com; Atlanta Linux Enthusiasts
Subject: Re: [ale] Imagemagick exploit


I'm not pro in web but I think a lot of web sites rely on imagemagick tools for resize/convert files.
On May 5, 2016 10:10 AM, "Jim Kinney" <jim.kinney at gmail.com<mailto:jim.kinney at gmail.com>> wrote:

Yea. Using it as a thumbnail creator for a public web application is a threat vector that needs the patching.

Using it on the desktop to modify/mangle images from the command line is not a cause for panic.
On May 5, 2016 10:04 AM, "DJ-Pfulio" <DJPfulio at jdpfu.com<mailto:DJPfulio at jdpfu.com>> wrote:
Not worried at all.
I don't run any services that allow unknown uploaded files to be run
through ImageMagick.

I use ImageMagick a few times a week.

Before going crazy about this stuff ... look at the required attack vector.

On 05/05/16 09:46, Lightner, Jeff wrote:
> Not on RHEL5.  You?d have to do ?yum? rather than ?dnf?.
>
> Completely wiping your hard drive would also probably work but seems a bit extreme.  :p
>
> One assumes the reason you?re doing mitigation is because you have a reason to use ImageMagick (and an OS).
>
>
> From: ale-bounces at ale.org<mailto:ale-bounces at ale.org> [mailto:ale-bounces at ale.org<mailto:ale-bounces at ale.org>] On Behalf Of Pete Hardie
> Sent: Thursday, May 05, 2016 9:36 AM
> To: Atlanta Linux Enthusiasts
> Subject: Re: [ale] Imagemagick exploit
>
>
> sudo dnf remove ImageMagick probably works.....
>
> On Thu, May 5, 2016 at 9:21 AM, Lightner, Jeff <JLightner at dsservices.com<mailto:JLightner at dsservices.com><mailto:JLightner at dsservices.com<mailto:JLightner at dsservices.com>>> wrote:
> Looking this morning I see both the ImageMagick and the RedHat links have been updated with suggested mitigations for RHEL5.   I haven?t tried them yet.
>

_______________________________________________
Ale mailing list
Ale at ale.org<mailto:Ale at ale.org>
http://mail.ale.org/mailman/listinfo/ale
See JOBS, ANNOUNCE and SCHOOLS lists at
http://mail.ale.org/mailman/listinfo

_______________________________________________
Ale mailing list
Ale at ale.org<mailto:Ale at ale.org>
http://mail.ale.org/mailman/listinfo/ale
See JOBS, ANNOUNCE and SCHOOLS lists at
http://mail.ale.org/mailman/listinfo
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.ale.org/pipermail/ale/attachments/20160505/8ad14e90/attachment.html>