You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The BBB 1.0 install instructions say at http://docs.bigbluebutton.org/10install.html#imagemagick-security-issues that the version of ImageMagick for Ubuntu 14.04 is vulnerable to CVE-2016-3714 (https://imagetragick.com/). Mitigation appears to be ensuring that all of the specified lines like "<policy domain="coder" rights="none" pattern="EPHEMERAL" />" appear in the <policymap> section of /etc/ImageMagick/policy.xml. The bbb-install script does not do this yet.
The text was updated successfully, but these errors were encountered:
The BBB 1.0 install instructions say at http://docs.bigbluebutton.org/10install.html#imagemagick-security-issues that the version of ImageMagick for Ubuntu 14.04 is vulnerable to CVE-2016-3714 (https://imagetragick.com/). Mitigation appears to be ensuring that all of the specified lines like "<policy domain="coder" rights="none" pattern="EPHEMERAL" />" appear in the <policymap> section of /etc/ImageMagick/policy.xml. The bbb-install script does not do this yet.
The text was updated successfully, but these errors were encountered: