USN-3131-1 ImageMagick vulnerabilities


Severity

Medium

References
Affected Pivotal Products and Versions

Severity is medium unless otherwise noted.

  • Vulnerable cflinuxfs2 versions listed here.
  • PCF Elastic Runtime:
    • 1.6.x versions prior to 1.6.58
    • 1.7.x versions prior to 1.7.39
    • 1.8.x versions prior to 1.8.20
Mitigation

Users of affected versions should apply the following mitigation:

  • The Cloud Foundry team recommends upgrading to cflinuxfs2 versions listed here.
  • Upgrade Pivotal products using older cflinuxfs2 versions to new versions mentioned above. On the Pivotal Network product page for each release, check the Depends On section and/or Release Notes for this information.
  • Upgrade PCF Elastic Runtime:
    • Upgrade all lower versions of 1.6.x to 1.6.58
    • Upgrade all lower versions of 1.7.x to 1.7.39
    • Upgrade all lower versions of 1.8.x to 1.8.20