- ---------------------------------------------------------------------                   Red Hat Security Advisory

Synopsis:          Moderate: ImageMagick security update
Advisory ID:       RHSA-2005:070-01
Advisory URL:      https://access.redhat.com/errata/RHSA-2005:070.html
Issue date:        2005-03-23
Updated on:        2005-03-23
Product:           Red Hat Enterprise Linux
CVE Names:         CAN-2005-0005 CAN-2005-0397 CAN-2005-0759 CAN-2005-0760 CAN-2005-0761 CAN-2005-0762
- ---------------------------------------------------------------------1. Summary:

Updated ImageMagick packages that fix a heap based buffer overflow are now
available.

This update has been rated as having moderate security impact by the Red
Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64
Red Hat Linux Advanced Workstation 2.1 - ia64
Red Hat Enterprise Linux ES version 2.1 - i386
Red Hat Enterprise Linux WS version 2.1 - i386
Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Desktop version 3 - i386, x86_64
Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64

3. Problem description:

ImageMagick is an image display and manipulation tool for the X Window
System.

Andrei Nigmatulin discovered a heap based buffer overflow flaw in the
ImageMagick image handler. An attacker could create a carefully crafted
Photoshop Document (PSD) image in such a way that it would cause
ImageMagick to execute arbitrary code when processing the image. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name
CAN-2005-0005 to this issue.

A format string bug was found in the way ImageMagick handles filenames. An
attacker could execute arbitrary code on a victim's machine if they were
able to trick the victim into opening a file with a specially crafted name.
 The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CAN-2005-0397 to this issue.

A bug was found in the way ImageMagick handles TIFF tags. It is possible
that a TIFF image file with an invalid tag could cause ImageMagick to
crash. The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CAN-2005-0759 to this issue.

A bug was found in ImageMagick's TIFF decoder. It is possible that a
specially crafted TIFF image file could cause ImageMagick to crash. The
Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned
the name CAN-2005-0760 to this issue.

A bug was found in the way ImageMagick parses PSD files. It is possible
that a specially crafted PSD file could cause ImageMagick to crash. The
Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned
the name CAN-2005-0761 to this issue.

A heap overflow bug was found in ImageMagick's SGI parser.  It is possible
that an attacker could execute arbitrary code by tricking a user into
opening a specially crafted SGI image file. The Common Vulnerabilities and
Exposures project (cve.mitre.org) has assigned the name CAN-2005-0762 to
this issue.

Users of ImageMagick should upgrade to these updated packages, which
contain backported patches, and are not vulnerable to these issues.

4. Solution:

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.  Use Red Hat
Network to download and update your packages.  To launch the Red Hat
Update Agent, use the following command:

    up2date

For information on how to install packages manually, refer to the
following Web page for the System Administration or Customization
guide specific to your system:

    http://www.redhat.com/docs/manuals/enterprise/

5. Bug IDs fixed (http://bugzilla.redhat.com/):

145111 - CAN-2005-0005 buffer overflow in ImageMagick
150185 - CAN-2005-0397 ImageMagick format string flaw
150312 - CAN-2005-0759 Denial of Service in .tiff images with invalid TAG
150315 - CAN-2005-0760 Accessing memory outside of image during decoding of TIFF
150323 - CAN-2005-0761 Bug in parsing PSD files
150327 - CAN-2005-0762 Buffer overflow in SGI parser

6. RPMs required:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1:

SRPMS:
7ea876dd7ef145131e227b93c9477c3c  ImageMagick-5.3.8-10.src.rpm

i386:
e79b17a0964f3242afe48ea977cba811  ImageMagick-5.3.8-10.i386.rpm
e613edc5a641b2826a17a014d23b561d  ImageMagick-c++-5.3.8-10.i386.rpm
73699f8ab694fc27c901dd4b24c9bbd6  ImageMagick-c++-devel-5.3.8-10.i386.rpm
208653fea7be46c37dedb8f335d9bd29  ImageMagick-devel-5.3.8-10.i386.rpm
dfef04e0cc1b1e411a79e67b03b905ac  ImageMagick-perl-5.3.8-10.i386.rpm

ia64:
de0ab5db6c53da4abc76ef97fd0983ec  ImageMagick-5.3.8-10.ia64.rpm
dc987dc03c1aba45a59051c59db887e0  ImageMagick-c++-5.3.8-10.ia64.rpm
313eab6adc60421b639c2cf76714f55a  ImageMagick-c++-devel-5.3.8-10.ia64.rpm
e964030f316ac822f1749352fa38a225  ImageMagick-devel-5.3.8-10.ia64.rpm
12124b283bc60518963483d957f71fb1  ImageMagick-perl-5.3.8-10.ia64.rpm

Red Hat Linux Advanced Workstation 2.1:

SRPMS:
7ea876dd7ef145131e227b93c9477c3c  ImageMagick-5.3.8-10.src.rpm

ia64:
de0ab5db6c53da4abc76ef97fd0983ec  ImageMagick-5.3.8-10.ia64.rpm
dc987dc03c1aba45a59051c59db887e0  ImageMagick-c++-5.3.8-10.ia64.rpm
313eab6adc60421b639c2cf76714f55a  ImageMagick-c++-devel-5.3.8-10.ia64.rpm
e964030f316ac822f1749352fa38a225  ImageMagick-devel-5.3.8-10.ia64.rpm
12124b283bc60518963483d957f71fb1  ImageMagick-perl-5.3.8-10.ia64.rpm

Red Hat Enterprise Linux ES version 2.1:

SRPMS:
7ea876dd7ef145131e227b93c9477c3c  ImageMagick-5.3.8-10.src.rpm

i386:
e79b17a0964f3242afe48ea977cba811  ImageMagick-5.3.8-10.i386.rpm
e613edc5a641b2826a17a014d23b561d  ImageMagick-c++-5.3.8-10.i386.rpm
73699f8ab694fc27c901dd4b24c9bbd6  ImageMagick-c++-devel-5.3.8-10.i386.rpm
208653fea7be46c37dedb8f335d9bd29  ImageMagick-devel-5.3.8-10.i386.rpm
dfef04e0cc1b1e411a79e67b03b905ac  ImageMagick-perl-5.3.8-10.i386.rpm

Red Hat Enterprise Linux WS version 2.1:

SRPMS:
7ea876dd7ef145131e227b93c9477c3c  ImageMagick-5.3.8-10.src.rpm

i386:
e79b17a0964f3242afe48ea977cba811  ImageMagick-5.3.8-10.i386.rpm
e613edc5a641b2826a17a014d23b561d  ImageMagick-c++-5.3.8-10.i386.rpm
73699f8ab694fc27c901dd4b24c9bbd6  ImageMagick-c++-devel-5.3.8-10.i386.rpm
208653fea7be46c37dedb8f335d9bd29  ImageMagick-devel-5.3.8-10.i386.rpm
dfef04e0cc1b1e411a79e67b03b905ac  ImageMagick-perl-5.3.8-10.i386.rpm

Red Hat Enterprise Linux AS version 3:

SRPMS:
c9df74ebf9e921c9a254015e9a60da68  ImageMagick-5.5.6-13.src.rpm

i386:
e96c043b59ad808214398d62765884b3  ImageMagick-5.5.6-13.i386.rpm
ca5a5de88dbce63e4b68d0813dd0aa0b  ImageMagick-c++-5.5.6-13.i386.rpm
571d4b8252cd09388e811dab7b7d420a  ImageMagick-c++-devel-5.5.6-13.i386.rpm
d52da9fea241e7069834e43870d6e305  ImageMagick-devel-5.5.6-13.i386.rpm
0c410c10953a8641a2c58cdd79590318  ImageMagick-perl-5.5.6-13.i386.rpm

ia64:
57266d92716e2e72c4758df06c7078b1  ImageMagick-5.5.6-13.ia64.rpm
e96c043b59ad808214398d62765884b3  ImageMagick-5.5.6-13.i386.rpm
97caf495f60b7d27b2da35e17d91b806  ImageMagick-c++-5.5.6-13.ia64.rpm
ca5a5de88dbce63e4b68d0813dd0aa0b  ImageMagick-c++-5.5.6-13.i386.rpm
439e8b7a4c60e7a8d3f21438aa400667  ImageMagick-c++-devel-5.5.6-13.ia64.rpm
50f8e9f478f5888153ddc4a5542250b0  ImageMagick-devel-5.5.6-13.ia64.rpm
99c88878747e363fcb12ba1edb15bb76  ImageMagick-perl-5.5.6-13.ia64.rpm

ppc:
f5c8817d0a4c7cfc309ffc91f88536cf  ImageMagick-5.5.6-13.ppc.rpm
9d50784dc7ba6f7442d91d19d4ced50d  ImageMagick-5.5.6-13.ppc64.rpm
6ec612e90b6a29e49fc9dad40632e05b  ImageMagick-c++-5.5.6-13.ppc.rpm
4307b341167d18b89ec07477044da9cf  ImageMagick-c++-5.5.6-13.ppc64.rpm
2a110d90ccf8fe7de4f7c21c95076d8a  ImageMagick-c++-devel-5.5.6-13.ppc.rpm
b7497b642ca0781a97ada5078d8c82d3  ImageMagick-devel-5.5.6-13.ppc.rpm
f50e182783d0fe2a316e44f77813501f  ImageMagick-perl-5.5.6-13.ppc.rpm

s390:
ffdc5754ae7f12c66b1f4dba743678df  ImageMagick-5.5.6-13.s390.rpm
5ab787e7742193fd5ab09d70306afda1  ImageMagick-c++-5.5.6-13.s390.rpm
fa6a3166f01de5e3af7f6dffa4c61378  ImageMagick-c++-devel-5.5.6-13.s390.rpm
a4efd895558315a4b37b977c07e392c2  ImageMagick-devel-5.5.6-13.s390.rpm
8ef03012a946a11d29c8990d782f5160  ImageMagick-perl-5.5.6-13.s390.rpm

s390x:
29cb46983c1f8e6efe0663b0a2b8a6d4  ImageMagick-5.5.6-13.s390x.rpm
ffdc5754ae7f12c66b1f4dba743678df  ImageMagick-5.5.6-13.s390.rpm
68fba7343df00dad18bfd44da9fd86fc  ImageMagick-c++-5.5.6-13.s390x.rpm
5ab787e7742193fd5ab09d70306afda1  ImageMagick-c++-5.5.6-13.s390.rpm
b2856e4eea04fc5113213361ae38e492  ImageMagick-c++-devel-5.5.6-13.s390x.rpm
159972f15e0e249ab2ef742400f7fedd  ImageMagick-devel-5.5.6-13.s390x.rpm
aabd863febeffaafb913d0513f9152c4  ImageMagick-perl-5.5.6-13.s390x.rpm

x86_64:
d4e3cfc3f690b5f0a96660eb8f15857f  ImageMagick-5.5.6-13.x86_64.rpm
e96c043b59ad808214398d62765884b3  ImageMagick-5.5.6-13.i386.rpm
aabcec7ef0e8545b170a86246114bc64  ImageMagick-c++-5.5.6-13.x86_64.rpm
ca5a5de88dbce63e4b68d0813dd0aa0b  ImageMagick-c++-5.5.6-13.i386.rpm
70e707a934f7c674180d144dc54750c7  ImageMagick-c++-devel-5.5.6-13.x86_64.rpm
3a17b125eb8909661f2d0790c788cf4b  ImageMagick-devel-5.5.6-13.x86_64.rpm
9581f193326fb69a826aba2db00c6d98  ImageMagick-perl-5.5.6-13.x86_64.rpm

Red Hat Desktop version 3:

SRPMS:
c9df74ebf9e921c9a254015e9a60da68  ImageMagick-5.5.6-13.src.rpm

i386:
e96c043b59ad808214398d62765884b3  ImageMagick-5.5.6-13.i386.rpm
ca5a5de88dbce63e4b68d0813dd0aa0b  ImageMagick-c++-5.5.6-13.i386.rpm
571d4b8252cd09388e811dab7b7d420a  ImageMagick-c++-devel-5.5.6-13.i386.rpm
d52da9fea241e7069834e43870d6e305  ImageMagick-devel-5.5.6-13.i386.rpm
0c410c10953a8641a2c58cdd79590318  ImageMagick-perl-5.5.6-13.i386.rpm

x86_64:
d4e3cfc3f690b5f0a96660eb8f15857f  ImageMagick-5.5.6-13.x86_64.rpm
e96c043b59ad808214398d62765884b3  ImageMagick-5.5.6-13.i386.rpm
aabcec7ef0e8545b170a86246114bc64  ImageMagick-c++-5.5.6-13.x86_64.rpm
ca5a5de88dbce63e4b68d0813dd0aa0b  ImageMagick-c++-5.5.6-13.i386.rpm
70e707a934f7c674180d144dc54750c7  ImageMagick-c++-devel-5.5.6-13.x86_64.rpm
3a17b125eb8909661f2d0790c788cf4b  ImageMagick-devel-5.5.6-13.x86_64.rpm
9581f193326fb69a826aba2db00c6d98  ImageMagick-perl-5.5.6-13.x86_64.rpm

Red Hat Enterprise Linux ES version 3:

SRPMS:
c9df74ebf9e921c9a254015e9a60da68  ImageMagick-5.5.6-13.src.rpm

i386:
e96c043b59ad808214398d62765884b3  ImageMagick-5.5.6-13.i386.rpm
ca5a5de88dbce63e4b68d0813dd0aa0b  ImageMagick-c++-5.5.6-13.i386.rpm
571d4b8252cd09388e811dab7b7d420a  ImageMagick-c++-devel-5.5.6-13.i386.rpm
d52da9fea241e7069834e43870d6e305  ImageMagick-devel-5.5.6-13.i386.rpm
0c410c10953a8641a2c58cdd79590318  ImageMagick-perl-5.5.6-13.i386.rpm

ia64:
57266d92716e2e72c4758df06c7078b1  ImageMagick-5.5.6-13.ia64.rpm
e96c043b59ad808214398d62765884b3  ImageMagick-5.5.6-13.i386.rpm
97caf495f60b7d27b2da35e17d91b806  ImageMagick-c++-5.5.6-13.ia64.rpm
ca5a5de88dbce63e4b68d0813dd0aa0b  ImageMagick-c++-5.5.6-13.i386.rpm
439e8b7a4c60e7a8d3f21438aa400667  ImageMagick-c++-devel-5.5.6-13.ia64.rpm
50f8e9f478f5888153ddc4a5542250b0  ImageMagick-devel-5.5.6-13.ia64.rpm
99c88878747e363fcb12ba1edb15bb76  ImageMagick-perl-5.5.6-13.ia64.rpm

x86_64:
d4e3cfc3f690b5f0a96660eb8f15857f  ImageMagick-5.5.6-13.x86_64.rpm
e96c043b59ad808214398d62765884b3  ImageMagick-5.5.6-13.i386.rpm
aabcec7ef0e8545b170a86246114bc64  ImageMagick-c++-5.5.6-13.x86_64.rpm
ca5a5de88dbce63e4b68d0813dd0aa0b  ImageMagick-c++-5.5.6-13.i386.rpm
70e707a934f7c674180d144dc54750c7  ImageMagick-c++-devel-5.5.6-13.x86_64.rpm
3a17b125eb8909661f2d0790c788cf4b  ImageMagick-devel-5.5.6-13.x86_64.rpm
9581f193326fb69a826aba2db00c6d98  ImageMagick-perl-5.5.6-13.x86_64.rpm

Red Hat Enterprise Linux WS version 3:

SRPMS:
c9df74ebf9e921c9a254015e9a60da68  ImageMagick-5.5.6-13.src.rpm

i386:
e96c043b59ad808214398d62765884b3  ImageMagick-5.5.6-13.i386.rpm
ca5a5de88dbce63e4b68d0813dd0aa0b  ImageMagick-c++-5.5.6-13.i386.rpm
571d4b8252cd09388e811dab7b7d420a  ImageMagick-c++-devel-5.5.6-13.i386.rpm
d52da9fea241e7069834e43870d6e305  ImageMagick-devel-5.5.6-13.i386.rpm
0c410c10953a8641a2c58cdd79590318  ImageMagick-perl-5.5.6-13.i386.rpm

ia64:
57266d92716e2e72c4758df06c7078b1  ImageMagick-5.5.6-13.ia64.rpm
e96c043b59ad808214398d62765884b3  ImageMagick-5.5.6-13.i386.rpm
97caf495f60b7d27b2da35e17d91b806  ImageMagick-c++-5.5.6-13.ia64.rpm
ca5a5de88dbce63e4b68d0813dd0aa0b  ImageMagick-c++-5.5.6-13.i386.rpm
439e8b7a4c60e7a8d3f21438aa400667  ImageMagick-c++-devel-5.5.6-13.ia64.rpm
50f8e9f478f5888153ddc4a5542250b0  ImageMagick-devel-5.5.6-13.ia64.rpm
99c88878747e363fcb12ba1edb15bb76  ImageMagick-perl-5.5.6-13.ia64.rpm

x86_64:
d4e3cfc3f690b5f0a96660eb8f15857f  ImageMagick-5.5.6-13.x86_64.rpm
e96c043b59ad808214398d62765884b3  ImageMagick-5.5.6-13.i386.rpm
aabcec7ef0e8545b170a86246114bc64  ImageMagick-c++-5.5.6-13.x86_64.rpm
ca5a5de88dbce63e4b68d0813dd0aa0b  ImageMagick-c++-5.5.6-13.i386.rpm
70e707a934f7c674180d144dc54750c7  ImageMagick-c++-devel-5.5.6-13.x86_64.rpm
3a17b125eb8909661f2d0790c788cf4b  ImageMagick-devel-5.5.6-13.x86_64.rpm
9581f193326fb69a826aba2db00c6d98  ImageMagick-perl-5.5.6-13.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and 
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0005
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0397
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0759
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0760
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0761
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0762

8. Contact:

The Red Hat security contact is .  More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2005 Red Hat, Inc.

RedHat: Moderate: ImageMagick security update

Updated ImageMagick packages that fix a heap based buffer overflow are now available. This update has been rated as having moderate security impact by the Red Hat Security Respo...

Summary



Summary

ImageMagick is an image display and manipulation tool for the X Window System. Andrei Nigmatulin discovered a heap based buffer overflow flaw in the ImageMagick image handler. An attacker could create a carefully crafted Photoshop Document (PSD) image in such a way that it would cause ImageMagick to execute arbitrary code when processing the image. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0005 to this issue. A format string bug was found in the way ImageMagick handles filenames. An attacker could execute arbitrary code on a victim's machine if they were able to trick the victim into opening a file with a specially crafted name. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0397 to this issue. A bug was found in the way ImageMagick handles TIFF tags. It is possible that a TIFF image file with an invalid tag could cause ImageMagick to crash. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0759 to this issue. A bug was found in ImageMagick's TIFF decoder. It is possible that a specially crafted TIFF image file could cause ImageMagick to crash. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0760 to this issue. A bug was found in the way ImageMagick parses PSD files. It is possible that a specially crafted PSD file could cause ImageMagick to crash. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0761 to this issue. A heap overflow bug was found in ImageMagick's SGI parser. It is possible that an attacker could execute arbitrary code by tricking a user into opening a specially crafted SGI image file. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0762 to this issue. Users of ImageMagick should upgrade to these updated packages, which contain backported patches, and are not vulnerable to these issues.


Solution

Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command:
up2date
For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system:
http://www.redhat.com/docs/manuals/enterprise/
5. Bug IDs fixed (http://bugzilla.redhat.com/):
145111 - CAN-2005-0005 buffer overflow in ImageMagick 150185 - CAN-2005-0397 ImageMagick format string flaw 150312 - CAN-2005-0759 Denial of Service in .tiff images with invalid TAG 150315 - CAN-2005-0760 Accessing memory outside of image during decoding of TIFF 150323 - CAN-2005-0761 Bug in parsing PSD files 150327 - CAN-2005-0762 Buffer overflow in SGI parser
6. RPMs required:
Red Hat Enterprise Linux AS (Advanced Server) version 2.1:
SRPMS: 7ea876dd7ef145131e227b93c9477c3c ImageMagick-5.3.8-10.src.rpm
i386: e79b17a0964f3242afe48ea977cba811 ImageMagick-5.3.8-10.i386.rpm e613edc5a641b2826a17a014d23b561d ImageMagick-c++-5.3.8-10.i386.rpm 73699f8ab694fc27c901dd4b24c9bbd6 ImageMagick-c++-devel-5.3.8-10.i386.rpm 208653fea7be46c37dedb8f335d9bd29 ImageMagick-devel-5.3.8-10.i386.rpm dfef04e0cc1b1e411a79e67b03b905ac ImageMagick-perl-5.3.8-10.i386.rpm
ia64: de0ab5db6c53da4abc76ef97fd0983ec ImageMagick-5.3.8-10.ia64.rpm dc987dc03c1aba45a59051c59db887e0 ImageMagick-c++-5.3.8-10.ia64.rpm 313eab6adc60421b639c2cf76714f55a ImageMagick-c++-devel-5.3.8-10.ia64.rpm e964030f316ac822f1749352fa38a225 ImageMagick-devel-5.3.8-10.ia64.rpm 12124b283bc60518963483d957f71fb1 ImageMagick-perl-5.3.8-10.ia64.rpm
Red Hat Linux Advanced Workstation 2.1:
SRPMS: 7ea876dd7ef145131e227b93c9477c3c ImageMagick-5.3.8-10.src.rpm
ia64: de0ab5db6c53da4abc76ef97fd0983ec ImageMagick-5.3.8-10.ia64.rpm dc987dc03c1aba45a59051c59db887e0 ImageMagick-c++-5.3.8-10.ia64.rpm 313eab6adc60421b639c2cf76714f55a ImageMagick-c++-devel-5.3.8-10.ia64.rpm e964030f316ac822f1749352fa38a225 ImageMagick-devel-5.3.8-10.ia64.rpm 12124b283bc60518963483d957f71fb1 ImageMagick-perl-5.3.8-10.ia64.rpm
Red Hat Enterprise Linux ES version 2.1:
SRPMS: 7ea876dd7ef145131e227b93c9477c3c ImageMagick-5.3.8-10.src.rpm
i386: e79b17a0964f3242afe48ea977cba811 ImageMagick-5.3.8-10.i386.rpm e613edc5a641b2826a17a014d23b561d ImageMagick-c++-5.3.8-10.i386.rpm 73699f8ab694fc27c901dd4b24c9bbd6 ImageMagick-c++-devel-5.3.8-10.i386.rpm 208653fea7be46c37dedb8f335d9bd29 ImageMagick-devel-5.3.8-10.i386.rpm dfef04e0cc1b1e411a79e67b03b905ac ImageMagick-perl-5.3.8-10.i386.rpm
Red Hat Enterprise Linux WS version 2.1:
SRPMS: 7ea876dd7ef145131e227b93c9477c3c ImageMagick-5.3.8-10.src.rpm
i386: e79b17a0964f3242afe48ea977cba811 ImageMagick-5.3.8-10.i386.rpm e613edc5a641b2826a17a014d23b561d ImageMagick-c++-5.3.8-10.i386.rpm 73699f8ab694fc27c901dd4b24c9bbd6 ImageMagick-c++-devel-5.3.8-10.i386.rpm 208653fea7be46c37dedb8f335d9bd29 ImageMagick-devel-5.3.8-10.i386.rpm dfef04e0cc1b1e411a79e67b03b905ac ImageMagick-perl-5.3.8-10.i386.rpm
Red Hat Enterprise Linux AS version 3:
SRPMS: c9df74ebf9e921c9a254015e9a60da68 ImageMagick-5.5.6-13.src.rpm
i386: e96c043b59ad808214398d62765884b3 ImageMagick-5.5.6-13.i386.rpm ca5a5de88dbce63e4b68d0813dd0aa0b ImageMagick-c++-5.5.6-13.i386.rpm 571d4b8252cd09388e811dab7b7d420a ImageMagick-c++-devel-5.5.6-13.i386.rpm d52da9fea241e7069834e43870d6e305 ImageMagick-devel-5.5.6-13.i386.rpm 0c410c10953a8641a2c58cdd79590318 ImageMagick-perl-5.5.6-13.i386.rpm
ia64: 57266d92716e2e72c4758df06c7078b1 ImageMagick-5.5.6-13.ia64.rpm e96c043b59ad808214398d62765884b3 ImageMagick-5.5.6-13.i386.rpm 97caf495f60b7d27b2da35e17d91b806 ImageMagick-c++-5.5.6-13.ia64.rpm ca5a5de88dbce63e4b68d0813dd0aa0b ImageMagick-c++-5.5.6-13.i386.rpm 439e8b7a4c60e7a8d3f21438aa400667 ImageMagick-c++-devel-5.5.6-13.ia64.rpm 50f8e9f478f5888153ddc4a5542250b0 ImageMagick-devel-5.5.6-13.ia64.rpm 99c88878747e363fcb12ba1edb15bb76 ImageMagick-perl-5.5.6-13.ia64.rpm
ppc: f5c8817d0a4c7cfc309ffc91f88536cf ImageMagick-5.5.6-13.ppc.rpm 9d50784dc7ba6f7442d91d19d4ced50d ImageMagick-5.5.6-13.ppc64.rpm 6ec612e90b6a29e49fc9dad40632e05b ImageMagick-c++-5.5.6-13.ppc.rpm 4307b341167d18b89ec07477044da9cf ImageMagick-c++-5.5.6-13.ppc64.rpm 2a110d90ccf8fe7de4f7c21c95076d8a ImageMagick-c++-devel-5.5.6-13.ppc.rpm b7497b642ca0781a97ada5078d8c82d3 ImageMagick-devel-5.5.6-13.ppc.rpm f50e182783d0fe2a316e44f77813501f ImageMagick-perl-5.5.6-13.ppc.rpm
s390: ffdc5754ae7f12c66b1f4dba743678df ImageMagick-5.5.6-13.s390.rpm 5ab787e7742193fd5ab09d70306afda1 ImageMagick-c++-5.5.6-13.s390.rpm fa6a3166f01de5e3af7f6dffa4c61378 ImageMagick-c++-devel-5.5.6-13.s390.rpm a4efd895558315a4b37b977c07e392c2 ImageMagick-devel-5.5.6-13.s390.rpm 8ef03012a946a11d29c8990d782f5160 ImageMagick-perl-5.5.6-13.s390.rpm
s390x: 29cb46983c1f8e6efe0663b0a2b8a6d4 ImageMagick-5.5.6-13.s390x.rpm ffdc5754ae7f12c66b1f4dba743678df ImageMagick-5.5.6-13.s390.rpm 68fba7343df00dad18bfd44da9fd86fc ImageMagick-c++-5.5.6-13.s390x.rpm 5ab787e7742193fd5ab09d70306afda1 ImageMagick-c++-5.5.6-13.s390.rpm b2856e4eea04fc5113213361ae38e492 ImageMagick-c++-devel-5.5.6-13.s390x.rpm 159972f15e0e249ab2ef742400f7fedd ImageMagick-devel-5.5.6-13.s390x.rpm aabd863febeffaafb913d0513f9152c4 ImageMagick-perl-5.5.6-13.s390x.rpm
x86_64: d4e3cfc3f690b5f0a96660eb8f15857f ImageMagick-5.5.6-13.x86_64.rpm e96c043b59ad808214398d62765884b3 ImageMagick-5.5.6-13.i386.rpm aabcec7ef0e8545b170a86246114bc64 ImageMagick-c++-5.5.6-13.x86_64.rpm ca5a5de88dbce63e4b68d0813dd0aa0b ImageMagick-c++-5.5.6-13.i386.rpm 70e707a934f7c674180d144dc54750c7 ImageMagick-c++-devel-5.5.6-13.x86_64.rpm 3a17b125eb8909661f2d0790c788cf4b ImageMagick-devel-5.5.6-13.x86_64.rpm 9581f193326fb69a826aba2db00c6d98 ImageMagick-perl-5.5.6-13.x86_64.rpm
Red Hat Desktop version 3:
SRPMS: c9df74ebf9e921c9a254015e9a60da68 ImageMagick-5.5.6-13.src.rpm
i386: e96c043b59ad808214398d62765884b3 ImageMagick-5.5.6-13.i386.rpm ca5a5de88dbce63e4b68d0813dd0aa0b ImageMagick-c++-5.5.6-13.i386.rpm 571d4b8252cd09388e811dab7b7d420a ImageMagick-c++-devel-5.5.6-13.i386.rpm d52da9fea241e7069834e43870d6e305 ImageMagick-devel-5.5.6-13.i386.rpm 0c410c10953a8641a2c58cdd79590318 ImageMagick-perl-5.5.6-13.i386.rpm
x86_64: d4e3cfc3f690b5f0a96660eb8f15857f ImageMagick-5.5.6-13.x86_64.rpm e96c043b59ad808214398d62765884b3 ImageMagick-5.5.6-13.i386.rpm aabcec7ef0e8545b170a86246114bc64 ImageMagick-c++-5.5.6-13.x86_64.rpm ca5a5de88dbce63e4b68d0813dd0aa0b ImageMagick-c++-5.5.6-13.i386.rpm 70e707a934f7c674180d144dc54750c7 ImageMagick-c++-devel-5.5.6-13.x86_64.rpm 3a17b125eb8909661f2d0790c788cf4b ImageMagick-devel-5.5.6-13.x86_64.rpm 9581f193326fb69a826aba2db00c6d98 ImageMagick-perl-5.5.6-13.x86_64.rpm
Red Hat Enterprise Linux ES version 3:
SRPMS: c9df74ebf9e921c9a254015e9a60da68 ImageMagick-5.5.6-13.src.rpm
i386: e96c043b59ad808214398d62765884b3 ImageMagick-5.5.6-13.i386.rpm ca5a5de88dbce63e4b68d0813dd0aa0b ImageMagick-c++-5.5.6-13.i386.rpm 571d4b8252cd09388e811dab7b7d420a ImageMagick-c++-devel-5.5.6-13.i386.rpm d52da9fea241e7069834e43870d6e305 ImageMagick-devel-5.5.6-13.i386.rpm 0c410c10953a8641a2c58cdd79590318 ImageMagick-perl-5.5.6-13.i386.rpm
ia64: 57266d92716e2e72c4758df06c7078b1 ImageMagick-5.5.6-13.ia64.rpm e96c043b59ad808214398d62765884b3 ImageMagick-5.5.6-13.i386.rpm 97caf495f60b7d27b2da35e17d91b806 ImageMagick-c++-5.5.6-13.ia64.rpm ca5a5de88dbce63e4b68d0813dd0aa0b ImageMagick-c++-5.5.6-13.i386.rpm 439e8b7a4c60e7a8d3f21438aa400667 ImageMagick-c++-devel-5.5.6-13.ia64.rpm 50f8e9f478f5888153ddc4a5542250b0 ImageMagick-devel-5.5.6-13.ia64.rpm 99c88878747e363fcb12ba1edb15bb76 ImageMagick-perl-5.5.6-13.ia64.rpm
x86_64: d4e3cfc3f690b5f0a96660eb8f15857f ImageMagick-5.5.6-13.x86_64.rpm e96c043b59ad808214398d62765884b3 ImageMagick-5.5.6-13.i386.rpm aabcec7ef0e8545b170a86246114bc64 ImageMagick-c++-5.5.6-13.x86_64.rpm ca5a5de88dbce63e4b68d0813dd0aa0b ImageMagick-c++-5.5.6-13.i386.rpm 70e707a934f7c674180d144dc54750c7 ImageMagick-c++-devel-5.5.6-13.x86_64.rpm 3a17b125eb8909661f2d0790c788cf4b ImageMagick-devel-5.5.6-13.x86_64.rpm 9581f193326fb69a826aba2db00c6d98 ImageMagick-perl-5.5.6-13.x86_64.rpm
Red Hat Enterprise Linux WS version 3:
SRPMS: c9df74ebf9e921c9a254015e9a60da68 ImageMagick-5.5.6-13.src.rpm
i386: e96c043b59ad808214398d62765884b3 ImageMagick-5.5.6-13.i386.rpm ca5a5de88dbce63e4b68d0813dd0aa0b ImageMagick-c++-5.5.6-13.i386.rpm 571d4b8252cd09388e811dab7b7d420a ImageMagick-c++-devel-5.5.6-13.i386.rpm d52da9fea241e7069834e43870d6e305 ImageMagick-devel-5.5.6-13.i386.rpm 0c410c10953a8641a2c58cdd79590318 ImageMagick-perl-5.5.6-13.i386.rpm
ia64: 57266d92716e2e72c4758df06c7078b1 ImageMagick-5.5.6-13.ia64.rpm e96c043b59ad808214398d62765884b3 ImageMagick-5.5.6-13.i386.rpm 97caf495f60b7d27b2da35e17d91b806 ImageMagick-c++-5.5.6-13.ia64.rpm ca5a5de88dbce63e4b68d0813dd0aa0b ImageMagick-c++-5.5.6-13.i386.rpm 439e8b7a4c60e7a8d3f21438aa400667 ImageMagick-c++-devel-5.5.6-13.ia64.rpm 50f8e9f478f5888153ddc4a5542250b0 ImageMagick-devel-5.5.6-13.ia64.rpm 99c88878747e363fcb12ba1edb15bb76 ImageMagick-perl-5.5.6-13.ia64.rpm
x86_64: d4e3cfc3f690b5f0a96660eb8f15857f ImageMagick-5.5.6-13.x86_64.rpm e96c043b59ad808214398d62765884b3 ImageMagick-5.5.6-13.i386.rpm aabcec7ef0e8545b170a86246114bc64 ImageMagick-c++-5.5.6-13.x86_64.rpm ca5a5de88dbce63e4b68d0813dd0aa0b ImageMagick-c++-5.5.6-13.i386.rpm 70e707a934f7c674180d144dc54750c7 ImageMagick-c++-devel-5.5.6-13.x86_64.rpm 3a17b125eb8909661f2d0790c788cf4b ImageMagick-devel-5.5.6-13.x86_64.rpm 9581f193326fb69a826aba2db00c6d98 ImageMagick-perl-5.5.6-13.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package

References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0005 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0397 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0759 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0760 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0761 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0762

Package List


Severity
Advisory ID: RHSA-2005:070-01
Advisory URL: https://access.redhat.com/errata/RHSA-2005:070.html
Issued Date: : 2005-03-23
Updated on: 2005-03-23
Product: Red Hat Enterprise Linux
CVE Names: CAN-2005-0005 CAN-2005-0397 CAN-2005-0759 CAN-2005-0760 CAN-2005-0761 CAN-2005-0762 Updated ImageMagick packages that fix a heap based buffer overflow are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team.

Topic


Topic


 

Relevant Releases Architectures

Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64

Red Hat Linux Advanced Workstation 2.1 - ia64

Red Hat Enterprise Linux ES version 2.1 - i386

Red Hat Enterprise Linux WS version 2.1 - i386

Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64

Red Hat Desktop version 3 - i386, x86_64

Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64

Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64


Bugs Fixed


Related News

28.Lock Globe Esm H320
1 - 2 min read
A resurgence of cyberattacks targeting Linux systems in Asian campaigns through the utilization of the Pupy Remote Access Trojan (RAT) has been
27.Tablet Connections Blocks Lock Esm H320
2 - 4 min read
Canonical has recently announced the Beta release of Ubuntu Linux 24.04 LTS , codenamed "Noble Numbat." This release aims to continue Ubuntu's
21.Globe RadiatingCode Esm H320
2 - 3 min read
The open-source movement has come a long way, from its origins in the 1960s and 1970s to becoming an integral part of organizations worldwide.
13.Lock StylizedMotherboard Esm H320
2 - 3 min read
The Rust-based Edera project demonstrates a unique approach to container security that addresses cloud-native computing challenges. Let's examine
8.Locks HexConnections CodeGlobe Esm H320
2 - 3 min read
Canonical has launched Ubuntu Pro for Devices , a comprehensive offering emphasizing security and compliance for IoT device deployments. This
2.Motherboard Esm H320
2 - 3 min read
The recently uncovered "Native Branch History Injection (BHI)" exploit against the Linux kernel marks a significant milestone in the ongoing battle
1.Penguin Landscape Esm H320
1 - 2 min read
There are compelling arguments in favor of Linux over Windows for desktop usage. Let's explore some advantages of choosing Linux over Windows for
4.Lock AbstractDigital Esm H320
2 - 3 min read
Canonical , the company behind Ubuntu , has introduced Netplan 1.0 , a network configuration tool that simplifies networking configuration on Linux

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved