You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Because ImageMagick is used to process images it is feasibly possible for hackers to create images that contain invalid data to attempt to exploit these bugs. Because of this we recommend the following:
Do not run Imagick in a server that is directly accessible from outside your network. It is better to either use it as a background task using something like SupervisorD or to run it in a separate server that is not directly access on the internet.
The text was updated successfully, but these errors were encountered:
If I read this correctly, the recommendations would be enough for the short term, but I think this solution from @LukasReschke is also to make the overall system less prone to these sorts of problems in the long run.
Transferred from an older security tracker ticket to make it public. Ref https://github.com/owncloud/security-tracker/issues/156
Industry standard, pointed out already at https://github.com/owncloud/security-tracker/issues/85 in the general considerations.
This is even advised upstream, see: https://github.com/mkoppanen/imagick/tree/131c1238140aacb82883d8808cc33402dd1b70a3#security:
The text was updated successfully, but these errors were encountered: