[ale] Imagemagick exploit
DJ-Pfulio
DJPfulio at jdpfu.com
Thu May 5 10:01:37 EDT 2016
Not worried at all.
I don't run any services that allow unknown uploaded files to be run
through ImageMagick.
I use ImageMagick a few times a week.
Before going crazy about this stuff ... look at the required attack vector.
On 05/05/16 09:46, Lightner, Jeff wrote:
> Not on RHEL5. You’d have to do “yum” rather than “dnf”.
>
> Completely wiping your hard drive would also probably work but seems a bit extreme. :p
>
> One assumes the reason you’re doing mitigation is because you have a reason to use ImageMagick (and an OS).
>
>
> From: ale-bounces at ale.org [mailto:ale-bounces at ale.org] On Behalf Of Pete Hardie
> Sent: Thursday, May 05, 2016 9:36 AM
> To: Atlanta Linux Enthusiasts
> Subject: Re: [ale] Imagemagick exploit
>
>
> sudo dnf remove ImageMagick probably works.....
>
> On Thu, May 5, 2016 at 9:21 AM, Lightner, Jeff <JLightner at dsservices.com<mailto:JLightner at dsservices.com>> wrote:
> Looking this morning I see both the ImageMagick and the RedHat links have been updated with suggested mitigations for RHEL5. I haven’t tried them yet.
>
More information about the Ale
mailing list