[ale] Imagemagick exploit

DJ-Pfulio DJPfulio at jdpfu.com
Thu May 5 10:01:37 EDT 2016


Not worried at all.
I don't run any services that allow unknown uploaded files to be run
through ImageMagick.

I use ImageMagick a few times a week.

Before going crazy about this stuff ... look at the required attack vector.

On 05/05/16 09:46, Lightner, Jeff wrote:
> Not on RHEL5.  You’d have to do “yum” rather than “dnf”.
> 
> Completely wiping your hard drive would also probably work but seems a bit extreme.  :p
> 
> One assumes the reason you’re doing mitigation is because you have a reason to use ImageMagick (and an OS).
> 
> 
> From: ale-bounces at ale.org [mailto:ale-bounces at ale.org] On Behalf Of Pete Hardie
> Sent: Thursday, May 05, 2016 9:36 AM
> To: Atlanta Linux Enthusiasts
> Subject: Re: [ale] Imagemagick exploit
> 
> 
> sudo dnf remove ImageMagick probably works.....
> 
> On Thu, May 5, 2016 at 9:21 AM, Lightner, Jeff <JLightner at dsservices.com<mailto:JLightner at dsservices.com>> wrote:
> Looking this morning I see both the ImageMagick and the RedHat links have been updated with suggested mitigations for RHEL5.   I haven’t tried them yet.
> 



More information about the Ale mailing list