Page 1 of 1

ImageMagick Vulnerability Handled?

Posted: 2019-07-28T22:07:51-07:00
by sathishsbcmca10
Hi all
Can i know whether the latest version of ImageMagick-7.0.8-57-Q16-x64-dll.exe handled all the latest vulnerabilities to load the files safely ?

If it is handled,may i know the standards followed to handle the vulnerabilities?

Your response is much appreciated.. :)

Thanks in Advance..

Re: ImageMagick Vulnerability Handled?

Posted: 2019-07-28T22:37:39-07:00
by fmw42
Your question is way too broad! What vulnerabilities specifically have you concerned.

Have you looked at the policy.xml file and set those to restrict anything that concerns you? The policy.xml file is there for you to avoid any vulnerabilities. It is typically set very strict. See https://imagemagick.org/script/resources.php

Re: ImageMagick Vulnerability Handled?

Posted: 2019-07-29T03:55:58-07:00
by magick
We receive vulnerability reports from the Bugs forum, Git issues, and OSS-fuzz which continuously tries to trigger potential vulnerabilities and we actively repair any vulnerabilities we confirm. In addition, we release often to ensure the user community has access to the latest security patches. Finally, ImageMagick best practices strongly encourages you to configure a security policy that suits your local environment.
See https://imagemagick.org/script/security-policy.php.