On Fri, Nov 15, 2019 at 10:29:37AM -0500, John wrote:
> Lyx for Windows installer 2.3.3-1 installs ImageMagick 7.0.7-27. This
> version is subject to multiple buffer overflows (stack and heap) and
> several other vulnerabilities, allowing remote code execution if the user
> opens a LyX document in
Lyx for Windows installer 2.3.3-1 installs ImageMagick 7.0.7-27. This
version is subject to multiple buffer overflows (stack and heap) and
several other vulnerabilities, allowing remote code execution if the user
opens a LyX document incorporating a specially-crafted image.
Solution: Upgrade to
