https://imagetragick.com/ As CentOS is often used for web servers, I thought this should be posted here. Bug in ImageMagick allows remote exploit. AFAIK no patch exists yet but defense against the exploit is detailed at the link. CVE-2016?3714
Direct links https://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=29588#p132726 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-3714 Mitigation: As a workaround the /etc/ImageMagick/policy.xml file can be edited to disable processing of MVG, HTTPS, EPHEMERAL and MSL commands within image files, simply add the following lines: <policy domain="coder" rights="none" pattern="EPHEMERAL" /> <policy domain="coder" rights="none" pattern="HTTPS" /> <policy domain="coder" rights="none" pattern="MVG" /> <policy domain="coder" rights="none" pattern="MSL" /> within the policy map stanza: <policymap> ... </policymap> -- Sent from the Delta quadrant using Borg technology! Nux! www.nux.ro ----- Original Message -----> From: "Alice Wonder" <alice at domblogger.net> > To: "CentOS mailing list" <centos at centos.org> > Sent: Tuesday, 3 May, 2016 22:29:19 > Subject: [CentOS] ImageMagick security alert> https://imagetragick.com/ > > As CentOS is often used for web servers, I thought this should be posted > here. > > Bug in ImageMagick allows remote exploit. > > AFAIK no patch exists yet but defense against the exploit is detailed at > the link. > > CVE-2016?3714 > _______________________________________________ > CentOS mailing list > CentOS at centos.org > https://lists.centos.org/mailman/listinfo/centos
On Wed, 4 May 2016, Nux! wrote:> Direct links > > https://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=29588#p132726 > https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-3714 > > Mitigation: > > As a workaround the /etc/ImageMagick/policy.xml file can be edited to disable > processing of MVG, HTTPS, EPHEMERAL and MSL commands within image files, simply > add the following lines: > <policy domain="coder" rights="none" pattern="EPHEMERAL" /> > <policy domain="coder" rights="none" pattern="HTTPS" /> > <policy domain="coder" rights="none" pattern="MVG" /> > <policy domain="coder" rights="none" pattern="MSL" /> > > within the policy map stanza: > > <policymap> > ... > </policymap>This has been extended to: <policy domain="coder" rights="none" pattern="EPHEMERAL" /> <policy domain="coder" rights="none" pattern="HTTPS" /> <policy domain="coder" rights="none" pattern="HTTP" /> <policy domain="coder" rights="none" pattern="URL" /> <policy domain="coder" rights="none" pattern="FTP" /> <policy domain="coder" rights="none" pattern="MVG" /> <policy domain="coder" rights="none" pattern="MSL" /> Policy support not in EL5 AFAIK. jh