ASA-202006-14 log generated external raw

[ASA-202006-14] imagemagick: information disclosure
Arch Linux Security Advisory ASA-202006-14 ========================================== Severity: Medium Date : 2020-06-28 CVE-ID : CVE-2020-13902 Package : imagemagick Type : information disclosure Remote : Yes Link : Summary ======= The package imagemagick before version is vulnerable to information disclosure. Resolution ========== Upgrade to # pacman -Syu "imagemagick>=" The problem has been fixed upstream in version Workaround ========== None. Description =========== An out-of-bounds read has been found in the TIFF image decoding part of imagemagick <= 7.0.10-17, in BlobToStringInfo in MagickCore/string.c. Impact ====== A remote attacker might be able to access sensitive information or crash the application via a crafted TIFF file. References ==========