Advertisement

Latest News

[ Windows | Linux | Apple ]

· CompatDB Updates 05/22/13
· Removing and Wiping Drivers Guide and more
· Windows Server 2012 Essentials SDK Installer 1.1
· Xbox One hardware and specs: 8-core CPU, 8GB RAM, 500GB hard drive and more
· Tim Cook: US-made Macs will be assembled in Texas
· Microsoft software satisfaction slumps
· Photos of Likely 802.11ac 'Gigabit Wi-Fi' Card From Next-Generation iMac Surface
· Mageia 3 released
· Understanding Email Bounce Messages and more
· How to Prepare for Windows 8 Even Though Its Not Coming to Enterprises

Upcoming News

· PQI Air Drive External Wireless Storage Device Product and Video Review
· PoINT Storage Manager 4.0 now available
· [CentOS-announce] CEEA-2013:0852 CentOS 5 rgmanager Update
· i-Mego Throne Gold Over Ear Headphones Review @ TestFreaks
· Xbox One: Entertainment Hub First, Gaming Console Second -- But Could It Disrupt TV?
· Star Wars: The Old Republic Gaming Mouse Review @ Madshrimps
· Samsung SSD 840 comparison @ Hardwareoverclock.com
· Leawo Total Media Converter Ultimate @ Benchmark Reviews
· Icy Dock FlexCage MB975SP-B 5x3.5" in 3x5.25" HDD Cage Review @ Hi Tech Legion
· Gigabyte Shows Off Upcoming Intel Z87 Motherboards @ Legit Reviews

Linux Compatibility

· Dell Dimension 9100
· CL-CAM50001 UPC=3700284609322
· DFE 520 TX
· nVidia GeForce4 MX 440
· Gore: Ultimate Soldier
· SMC2802W V2 wi-fi 54Mbps PCI card
· Wireless modem router N300
· Dell P780
· ASUS A7V8X
· BricsCAD for Linux

New Forum Topics

· shutdown link ?
by: estirwent
on: 2013-05-11 17:46
18 replies, 6426 views

· Laptop keyboard drank soda
by: Zenn
on: 2013-04-30 00:27
1 replies, 682 views

· connecting to to internet with ubuntu
by: Zenn
on: 2013-04-30 00:26
2 replies, 4542 views

· Need Linux-compatible PS/2 expansion card
by: Zenn
on: 2013-04-30 00:26
1 replies, 752 views

· irql_not_less_or_equal blue screen
by: Zenn
on: 2013-04-30 00:25
2 replies, 1136 views

News Channels

· Drivers
· Guides
· Reviews
· Security
· Software
· Press Release
· Updates
· Interviews
· Linux
· General
· Debian
· Red Hat
· Slackware
· Gentoo
· Mandriva
· White Box
· SUSE
· GNOME
· KDE
· CentOS
· Ubuntu
· MEPIS
· Android

What's New

Login to see an overview of all news stories since your last visit.

Welcome to our website

To take full advantage of all features you need to login or register. Registration is completely free and takes only a few seconds.

DSA 702-1: New ImageMagick packages fix several vulnerabilities

Posted by Philipp Esselbach on: 04/01/2005 09:42 AM [ Print | 0 comment(s) ]

New ImageMagick packages are available for Debian GNU/Linux

---------------------------------------------------------------------------
Debian Security Advisory DSA 702-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
April 1st, 2005 http://www.debian.org/security/faq
---------------------------------------------------------------------------

Package : imagemagick
Vulnerability : several
Problem-Type : local (remote)
Debian-specific: no
CVE IDs : CAN-2005-0397 CAN-2005-0759 CAN-2005-0760 CAN-2005-0762
BugTraq ID : 12875
Debian Bug : 297990

Several vulnerabilities have been discovered in ImageMagick, a commonly used image manipulation library. These problems can be exploited by a carefully crafted graphic image. The Common Vulnerabilities and Exposures project identifies the following problems:

CAN-2005-0397

Tavis Ormandy discovered a format string vulnerability in the filename handling code which allows a remote attacker to cause a denial of service and possibly execute arbitrary code.

CAN-2005-0759

Andrei Nigmatulin discovered a denial of service condition which can be caused by an invalid tag in a TIFF image.

CAN-2005-0760

Andrei Nigmatulin discovered that the TIFF decoder is vulnerable to accessing memory out of bounds which will result in a segmentation fault.

CAN-2005-0762

Andrei Nigmatulin discovered a buffer overflow in the SGI parser which allows a remote attacker to execute arbitrary code via a specially crafted SGI image file.

For the stable distribution (woody) these problems have been fixed in version 5.4.4.5-1woody6.

For the unstable distribution (sid) these problems have been fixed in version 6.0.6.2-2.2.

We recommend that you upgrade your imagemagick package.

Upgrade Instructions
---------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the footer to the proper configuration.

Debian GNU/Linux 3.0 alias woody
---------------------------------

Source archives:

http://security.debian.org/pool/updates/main/i/imagemagick/imagemagick_5.4.4.5-1woody6.dsc
Size/MD5 checksum: 852 a15c9207799f081dd98137741ea6ff3a
http://security.debian.org/pool/updates/main/i/imagemagick/imagemagick_5.4.4.5-1woody6.diff.gz
Size/MD5 checksum: 16745 4d7ca7465c6ddccf2469daa50708bb10
http://security.debian.org/pool/updates/main/i/imagemagick/imagemagick_5.4.4.5.orig.tar.gz
Size/MD5 checksum: 3901237 f35e356b4ac1ebc58e3cffa7ea7abc07

Alpha architecture:

http://security.debian.org/pool/updates/main/i/imagemagick/imagemagick_5.4.4.5-1woody6_alpha.deb
Size/MD5 checksum: 1309984 ba338db7c136e444624ea1baf4542882
http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5_5.4.4.5-1woody6_alpha.deb
Size/MD5 checksum: 154312 e84ecca66a19e9ab19c5cdccc7b50cf2
http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5-dev_5.4.4.5-1woody6_alpha.deb
Size/MD5 checksum: 56504 97107fda4a8fdab9f94878dc0c64099f
http://security.debian.org/pool/updates/main/i/imagemagick/libmagick5_5.4.4.5-1woody6_alpha.deb
Size/MD5 checksum: 833508 d509ef8f730fbb1859c25e80ed541631
http://security.debian.org/pool/updates/main/i/imagemagick/libmagick5-dev_5.4.4.5-1woody6_alpha.deb
Size/MD5 checksum: 67496 4cea2503f109812d1e9b15c59864a162
http://security.debian.org/pool/updates/main/i/imagemagick/perlmagick_5.4.4.5-1woody6_alpha.deb
Size/MD5 checksum: 114002 c36b4b799a35aafdeea7e15812b9317f

ARM architecture:

http://security.debian.org/pool/updates/main/i/imagemagick/imagemagick_5.4.4.5-1woody6_arm.deb
Size/MD5 checksum: 1297364 311a8c69fe6e5c9fb07cd46a9efe9b6c
http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5_5.4.4.5-1woody6_arm.deb
Size/MD5 checksum: 118998 7a4e8fbf7fc3c4ef0cd7a55a94aedebb
http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5-dev_5.4.4.5-1woody6_arm.deb
Size/MD5 checksum: 56568 6d15686630d656bde0154bc2198737e9
http://security.debian.org/pool/updates/main/i/imagemagick/libmagick5_5.4.4.5-1woody6_arm.deb
Size/MD5 checksum: 898982 99b8e3cd11b6628d5bc8b1ce3631661a
http://security.debian.org/pool/updates/main/i/imagemagick/libmagick5-dev_5.4.4.5-1woody6_arm.deb
Size/MD5 checksum: 67566 64d6832600f49dd5cc521200d6a3aaff
http://security.debian.org/pool/updates/main/i/imagemagick/perlmagick_5.4.4.5-1woody6_arm.deb
Size/MD5 checksum: 110130 a1183bf2e0f132242e12e61ff2709579

Intel IA-32 architecture:

http://security.debian.org/pool/updates/main/i/imagemagick/imagemagick_5.4.4.5-1woody6_i386.deb
Size/MD5 checksum: 1294944 68e814230b7f1d9541b6425a308202ad
http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5_5.4.4.5-1woody6_i386.deb
Size/MD5 checksum: 122958 1e8124a2a00f4313f53fed519f597934
http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5-dev_5.4.4.5-1woody6_i386.deb
Size/MD5 checksum: 56520 93d4e5a3fe8b73186144c3c32da1c7a5
http://security.debian.org/pool/updates/main/i/imagemagick/libmagick5_5.4.4.5-1woody6_i386.deb
Size/MD5 checksum: 772790 b7aa7c91e2f0ccc8459659e50d2c3e29
http://security.debian.org/pool/updates/main/i/imagemagick/libmagick5-dev_5.4.4.5-1woody6_i386.deb
Size/MD5 checksum: 67516 bb9f2f32b01674c9251b3384a7ea7ecb
http://security.debian.org/pool/updates/main/i/imagemagick/perlmagick_5.4.4.5-1woody6_i386.deb
Size/MD5 checksum: 107116 62dd2d24f082e40ee99ad34804571732

Intel IA-64 architecture:

http://security.debian.org/pool/updates/main/i/imagemagick/imagemagick_5.4.4.5-1woody6_ia64.deb
Size/MD5 checksum: 1336402 6b3759a5668e38fffbe4d7b42815fce9
http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5_5.4.4.5-1woody6_ia64.deb
Size/MD5 checksum: 137224 d14afd94727d4adc452acff048e6532c
http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5-dev_5.4.4.5-1woody6_ia64.deb
Size/MD5 checksum: 56492 c1449b54caaa5cb44522b4e1bf726100
http://security.debian.org/pool/updates/main/i/imagemagick/libmagick5_5.4.4.5-1woody6_ia64.deb
Size/MD5 checksum: 1360250 f6a07a004cdde46a4ca63e9342c2c263
http://security.debian.org/pool/updates/main/i/imagemagick/libmagick5-dev_5.4.4.5-1woody6_ia64.deb
Size/MD5 checksum: 67496 34645b0a4d2e91a1e3e5be40f79b7831
http://security.debian.org/pool/updates/main/i/imagemagick/perlmagick_5.4.4.5-1woody6_ia64.deb
Size/MD5 checksum: 133128 fc4146c8b9e40d7d1fafc446cfe9f5f9

HP Precision architecture:

http://security.debian.org/pool/updates/main/i/imagemagick/imagemagick_5.4.4.5-1woody6_hppa.deb
Size/MD5 checksum: 1297598 439b7582db0bf3d81ecb07828d0f2193
http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5_5.4.4.5-1woody6_hppa.deb
Size/MD5 checksum: 133080 839a81effa97b63cc94c1d017be5a111
http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5-dev_5.4.4.5-1woody6_hppa.deb
Size/MD5 checksum: 56538 8b3d64f7b275b6b162a3b5ab8c308f87
http://security.debian.org/pool/updates/main/i/imagemagick/libmagick5_5.4.4.5-1woody6_hppa.deb
Size/MD5 checksum: 860082 9b1af5e4b8bbec6e444b4c064eca20db
http://security.debian.org/pool/updates/main/i/imagemagick/libmagick5-dev_5.4.4.5-1woody6_hppa.deb
Size/MD5 checksum: 67536 81ff1905a0cc25a08c7933854c8870b5
http://security.debian.org/pool/updates/main/i/imagemagick/perlmagick_5.4.4.5-1woody6_hppa.deb
Size/MD5 checksum: 117380 4b508a87b1adf0df70b01776ac12ecde

Motorola 680x0 architecture:

http://security.debian.org/pool/updates/main/i/imagemagick/imagemagick_5.4.4.5-1woody6_m68k.deb
Size/MD5 checksum: 1292754 200fcc0ede095f3664278142a3616826
http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5_5.4.4.5-1woody6_m68k.deb
Size/MD5 checksum: 134232 6d630d0cf31bca101414eaf85bfad676
http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5-dev_5.4.4.5-1woody6_m68k.deb
Size/MD5 checksum: 56568 8d36f2552a7a243830d686b341475ac5
http://security.debian.org/pool/updates/main/i/imagemagick/libmagick5_5.4.4.5-1woody6_m68k.deb
Size/MD5 checksum: 752122 a20851d31e0414e0f711483f7c0880b5
http://security.debian.org/pool/updates/main/i/imagemagick/libmagick5-dev_5.4.4.5-1woody6_m68k.deb
Size/MD5 checksum: 67548 6d4d8d54045d3536382813636c772ddb
http://security.debian.org/pool/updates/main/i/imagemagick/perlmagick_5.4.4.5-1woody6_m68k.deb
Size/MD5 checksum: 107638 fa7e7f41400e0d1e6ab1a023f0b3680a

Big endian MIPS architecture:

http://security.debian.org/pool/updates/main/i/imagemagick/imagemagick_5.4.4.5-1woody6_mips.deb
Size/MD5 checksum: 1295080 7c56fcf5c91d7e150f5ffdd918a59f0d
http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5_5.4.4.5-1woody6_mips.deb
Size/MD5 checksum: 120514 0acf33b18ed3d13cb91123470ea119e3
http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5-dev_5.4.4.5-1woody6_mips.deb
Size/MD5 checksum: 56542 f4059130ba28f7b5aaee65eb8b309034
http://security.debian.org/pool/updates/main/i/imagemagick/libmagick5_5.4.4.5-1woody6_mips.deb
Size/MD5 checksum: 733268 72e09e1882693c1ce23b1e4af7bff832
http://security.debian.org/pool/updates/main/i/imagemagick/libmagick5-dev_5.4.4.5-1woody6_mips.deb
Size/MD5 checksum: 67536 5d8b6d466b1d196958fdb4af25aceac1
http://security.debian.org/pool/updates/main/i/imagemagick/perlmagick_5.4.4.5-1woody6_mips.deb
Size/MD5 checksum: 103552 bedac29cebdb07de2cfcaacc74f2cd95

Little endian MIPS architecture:

http://security.debian.org/pool/updates/main/i/imagemagick/imagemagick_5.4.4.5-1woody6_mipsel.deb
Size/MD5 checksum: 1294986 d019d898ebf34e294d22de0961766cb1
http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5_5.4.4.5-1woody6_mipsel.deb
Size/MD5 checksum: 114194 a0938f3c642123d54eed414849c6a208
http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5-dev_5.4.4.5-1woody6_mipsel.deb
Size/MD5 checksum: 56540 96a61a77e9f4586f376e426e9fd38f60
http://security.debian.org/pool/updates/main/i/imagemagick/libmagick5_5.4.4.5-1woody6_mipsel.deb
Size/MD5 checksum: 721260 0d391b1dacecfe583be7475839b60f44
http://security.debian.org/pool/updates/main/i/imagemagick/libmagick5-dev_5.4.4.5-1woody6_mipsel.deb
Size/MD5 checksum: 67532 185ed4d1909ce47b330c2dcccf556cfa
http://security.debian.org/pool/updates/main/i/imagemagick/perlmagick_5.4.4.5-1woody6_mipsel.deb
Size/MD5 checksum: 103082 71995a7aa491caf5934372dcbe5a0f25

PowerPC architecture:

http://security.debian.org/pool/updates/main/i/imagemagick/imagemagick_5.4.4.5-1woody6_powerpc.deb
Size/MD5 checksum: 1291654 8668dc869e092374cf065577efe0299c
http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5_5.4.4.5-1woody6_powerpc.deb
Size/MD5 checksum: 136166 3e82b082adb87fcac9d7de985c1e5569
http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5-dev_5.4.4.5-1woody6_powerpc.deb
Size/MD5 checksum: 56530 477261d1d2ba7e708489e421f16f9169
http://security.debian.org/pool/updates/main/i/imagemagick/libmagick5_5.4.4.5-1woody6_powerpc.deb
Size/MD5 checksum: 786508 94134153d2197af796b361570c0eabc8
http://security.debian.org/pool/updates/main/i/imagemagick/libmagick5-dev_5.4.4.5-1woody6_powerpc.deb
Size/MD5 checksum: 67524 d98810b21696d04234de762965538249
http://security.debian.org/pool/updates/main/i/imagemagick/perlmagick_5.4.4.5-1woody6_powerpc.deb
Size/MD5 checksum: 112134 934550e0901466a6cde901ae495a3a22

IBM S/390 architecture:

http://security.debian.org/pool/updates/main/i/imagemagick/imagemagick_5.4.4.5-1woody6_s390.deb
Size/MD5 checksum: 1292328 718d9b153f4ef476c87d5edd7a49e17b
http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5_5.4.4.5-1woody6_s390.deb
Size/MD5 checksum: 132222 9884c69ac67a3bbdc816c3fa99754da7
http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5-dev_5.4.4.5-1woody6_s390.deb
Size/MD5 checksum: 56522 4d78d6cf4bf65450c96a3b790253bfbe
http://security.debian.org/pool/updates/main/i/imagemagick/libmagick5_5.4.4.5-1woody6_s390.deb
Size/MD5 checksum: 778350 8d9559caafcf89f5a3ac7ca176590868
http://security.debian.org/pool/updates/main/i/imagemagick/libmagick5-dev_5.4.4.5-1woody6_s390.deb
Size/MD5 checksum: 67526 bcc3415a9a8713de9090a02574619519
http://security.debian.org/pool/updates/main/i/imagemagick/perlmagick_5.4.4.5-1woody6_s390.deb
Size/MD5 checksum: 109200 cd42c80bc62007d844e968cbbcdd552c

Sun Sparc architecture:

http://security.debian.org/pool/updates/main/i/imagemagick/imagemagick_5.4.4.5-1woody6_sparc.deb
Size/MD5 checksum: 1295418 d4856270abcdd7f13edeb936b6fef130
http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5_5.4.4.5-1woody6_sparc.deb
Size/MD5 checksum: 124058 398f89e2b26f3de378c8637a7918295d
http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5-dev_5.4.4.5-1woody6_sparc.deb
Size/MD5 checksum: 56536 401e2418f5e0467a873cc085c97f5cd6
http://security.debian.org/pool/updates/main/i/imagemagick/libmagick5_5.4.4.5-1woody6_sparc.deb
Size/MD5 checksum: 802868 058c06b4bba2b2a5349ff75444eaa236
http://security.debian.org/pool/updates/main/i/imagemagick/libmagick5-dev_5.4.4.5-1woody6_sparc.deb
Size/MD5 checksum: 67526 bf83c12f85bfe35bcaefa60c8d2054d4
http://security.debian.org/pool/updates/main/i/imagemagick/perlmagick_5.4.4.5-1woody6_sparc.deb
Size/MD5 checksum: 113100 94154ee3f7695ecdaebb0a39548f4908

These files will probably be moved into the stable distribution on its next update.

All products mentioned are registered trademarks or trademarks of their respective owners.
© 2002-2013 Esselbach Internet Solutions - All Rights Reserved. Terms and privacy policy
Powered by Contentteller® Business Edition