Hello Yanan,
According to the bug report for that ImageMagick security issue, it looks
like this issue has been fixed
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3714
On the page above, I see a notice that says it only affected "ImageMagick
before 6.9.3-10 and 7.x before 7.0.1-1"
S
Kia ora,
At Lincoln University (NZ), we are planning to install ImageMagick
Thumbnails for our dspace instance. We are currently on Dspace v5.6. If we
install the latest version of ImageMagick ie.,
ImageMagick-7.0.7-22-Q16-x64 https://www.imagemagick.org/script/download.php,
does anyone know i
Hi,
This vulnerability appears in ImageMagick and doesn't actually appear
anywhere in the DSpace code itself. However, if you are using the
ImageMagick Thumbnails, then you would be affected by these
vulnerabilities. This is because you will have had to install
ImageMagick on your server in o
Thanks for the announcement of this vulnerability, Tim.
I found the plugin addition in dspace.cfg
under plugin.named.org.dspace.app.mediafilter.FormatFilter = ...
org.dspace.app.mediafilter.ImageMagickImageThumbnailFilter = ImageMagick
Image Thumbnail, \
org.dspace.app.mediafilter.ImageMagi
I tried to report this vulnerability to this group on 4 May 2016, but
struggled to join until I realized today that I needed a Google Account and
could sign up with a non-Gmail address...
Anyway, at this point, you might want to take a look at your operating
system's updates. OpenSUSE 13.2 has