FAQ   Search   Memberlist  
Profile    Log in to check your private messages    Register    Log in
[SECURITY] 30k Update 2005-03-30: ImageMagick-

Post new topic   Reply to topic    BLAG Forum Index -> announcements
View previous topic :: View next topic  
Author Message
PostPosted: Thu Mar 31, 2005 6:10 am    Post subject: [SECURITY] 30k Update 2005-03-30: ImageMagick- Reply with quote

Fedora Update Notification

Product : Fedora Core 3
Name : ImageMagick
Version :
Release : 2.fc3
Summary : An X application for displaying and manipulating images.
Description :
ImageMagick(TM) is an image display and manipulation tool for the X
Window System. ImageMagick can read and write JPEG, TIFF, PNM, GIF,
and Photo CD image formats. It can resize, rotate, sharpen, color
reduce, or add special effects to an image, and when finished you can
either save the completed work in the original format or a different
one. ImageMagick also includes command line programs for creating
animated or transparent .gifs, creating composite images, creating
thumbnail images, and more.

ImageMagick is one of your choices if you need a program to manipulate
and dis play images. If you want to develop your own applications
which use ImageMagick code or APIs, you need to install
ImageMagick-devel as well.

Update Information:

Andrei Nigmatulin discovered a heap based buffer overflow flaw in the
ImageMagick image handler. An attacker could create a carefully crafted
Photoshop Document (PSD) image in such a way that it would cause
ImageMagick to execute arbitrary code when processing the image. The
Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CAN-2005-0005 to this issue.

A format string bug was found in the way ImageMagick handles filenames.
An attacker could execute arbitrary code in a victims machine if they
are able to trick the victim into opening a file with a specially
crafted name. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CAN-2005-0397 to this issue.

* Wed Mar 16 2005 -

- Update to 6.2.0 to fix a number of security issues:
- Drop a lot of upstreamed patches

This update can be downloaded from:

dbbd0c32799bc32658214273037f1942 SRPMS/ImageMagick-
39ecc49bcdfda64dd2cfaac13b332f42 x86_64/ImageMagick-
908f8c2f25568cf2340db0a6ae7c5b57 x86_64/ImageMagick-devel-
7f5112e7f05c9d4a448f5edeb42b153c x86_64/ImageMagick-perl-
039af81133349c933d0de1e1f61f3ba1 x86_64/ImageMagick-c++-
455c2286d9f1ed1e778a5c5e905053cb x86_64/ImageMagick-c++-devel-
fe8a3812e6c3fbc8f5016e6eb1d2271a x86_64/debug/ImageMagick-debuginfo-
1f8387ff55eee8116b53309fc93e28db x86_64/ImageMagick-
214aee8a27780dee6e5c4a5b8b58ec0e x86_64/ImageMagick-c++-
1f8387ff55eee8116b53309fc93e28db i386/ImageMagick-
a97fb99dfbcddc4391a351a51d544f14 i386/ImageMagick-devel-
12ceecfa8d7fd51e9e7a0eaf92c2abcf i386/ImageMagick-perl-
214aee8a27780dee6e5c4a5b8b58ec0e i386/ImageMagick-c++-
1ed8f7ca926e4fd31500f7ee8f767e72 i386/ImageMagick-c++-devel-
1f8756e8c6b5405dad07396eb34bf064 i386/debug/ImageMagick-debuginfo-

Display posts from previous:   
Post new topic   Reply to topic    BLAG Forum Index -> announcements
Page 1 of 1

Protected by Anti-Spam ACP