---------------------------------------------------------------------Fedora Update Notification
FEDORA-2005-235
2005-03-30
---------------------------------------------------------------------Product     : Fedora Core 3
Name        : ImageMagick
Version     : 6.2.0.7                      
Release     : 2.fc3                  
Summary     : An X application for displaying and manipulating images.
Description :
ImageMagick(TM) is an image display and manipulation tool for the X
Window System. ImageMagick can read and write JPEG, TIFF, PNM, GIF,
and Photo CD image formats. It can resize, rotate, sharpen, color
reduce, or add special effects to an image, and when finished you can
either save the completed work in the original format or a different
one. ImageMagick also includes command line programs for creating
animated or transparent .gifs, creating composite images, creating
thumbnail images, and more.

ImageMagick is one of your choices if you need a program to manipulate
and dis play images. If you want to develop your own applications
which use ImageMagick code or APIs, you need to install
ImageMagick-devel as well.

---------------------------------------------------------------------Update Information:

Andrei Nigmatulin discovered a heap based buffer overflow flaw in the
ImageMagick image handler. An attacker could create a carefully crafted
Photoshop Document (PSD) image in such a way that it would cause
ImageMagick to execute arbitrary code when processing the image. The
Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CAN-2005-0005 to this issue.

A format string bug was found in the way ImageMagick handles filenames.
An attacker could execute arbitrary code in a victims machine if they
are able to trick the victim into opening a file with a specially
crafted name. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CAN-2005-0397 to this issue.

---------------------------------------------------------------------* Wed Mar 16 2005  - 6.2.0.7-2.fc3

- Update to 6.2.0 to fix a number of security issues:
  - Drop a lot of upstreamed patches


---------------------------------------------------------------------This update can be downloaded from:
  
dbbd0c32799bc32658214273037f1942
SRPMS/ImageMagick-6.2.0.7-2.fc3.src.rpm
39ecc49bcdfda64dd2cfaac13b332f42
x86_64/ImageMagick-6.2.0.7-2.fc3.x86_64.rpm
908f8c2f25568cf2340db0a6ae7c5b57  x86_64/ImageMagick-devel-6.2.0.7-2.fc3.x86_64.rpm
7f5112e7f05c9d4a448f5edeb42b153c  x86_64/ImageMagick-perl-6.2.0.7-2.fc3.x86_64.rpm
039af81133349c933d0de1e1f61f3ba1  x86_64/ImageMagick-c+
+-6.2.0.7-2.fc3.x86_64.rpm
455c2286d9f1ed1e778a5c5e905053cb  x86_64/ImageMagick-c++-devel-6.2.0.7-2.fc3.x86_64.rpm
fe8a3812e6c3fbc8f5016e6eb1d2271a  x86_64/debug/ImageMagick-debuginfo-6.2.0.7-2.fc3.x86_64.rpm
1f8387ff55eee8116b53309fc93e28db
x86_64/ImageMagick-6.2.0.7-2.fc3.i386.rpm
214aee8a27780dee6e5c4a5b8b58ec0e  x86_64/ImageMagick-c+
+-6.2.0.7-2.fc3.i386.rpm
1f8387ff55eee8116b53309fc93e28db
i386/ImageMagick-6.2.0.7-2.fc3.i386.rpm
a97fb99dfbcddc4391a351a51d544f14  i386/ImageMagick-devel-6.2.0.7-2.fc3.i386.rpm
12ceecfa8d7fd51e9e7a0eaf92c2abcf  i386/ImageMagick-perl-6.2.0.7-2.fc3.i386.rpm
214aee8a27780dee6e5c4a5b8b58ec0e  i386/ImageMagick-c+
+-6.2.0.7-2.fc3.i386.rpm
1ed8f7ca926e4fd31500f7ee8f767e72  i386/ImageMagick-c++-devel-6.2.0.7-2.fc3.i386.rpm
1f8756e8c6b5405dad07396eb34bf064  i386/debug/ImageMagick-debuginfo-6.2.0.7-2.fc3.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.  
---------------------------------------------------------------------

--fedora-announce-list mailing list
fedora-announce-list@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-announce-list

Fedora Core 3 Update: ImageMagick-6.2.0.7-2.fc3

March 30, 2005
Andrei Nigmatulin discovered a heap based buffer overflow flaw in the ImageMagick image handler

Summary

ImageMagick(TM) is an image display and manipulation tool for the X

Window System. ImageMagick can read and write JPEG, TIFF, PNM, GIF,

and Photo CD image formats. It can resize, rotate, sharpen, color

reduce, or add special effects to an image, and when finished you can

either save the completed work in the original format or a different

one. ImageMagick also includes command line programs for creating

animated or transparent .gifs, creating composite images, creating

thumbnail images, and more.

ImageMagick is one of your choices if you need a program to manipulate

and dis play images. If you want to develop your own applications

which use ImageMagick code or APIs, you need to install

ImageMagick-devel as well.

Andrei Nigmatulin discovered a heap based buffer overflow flaw in the

ImageMagick image handler. An attacker could create a carefully crafted

Photoshop Document (PSD) image in such a way that it would cause

ImageMagick to execute arbitrary code when processing the image. The

Common Vulnerabilities and Exposures project (cve.mitre.org) has

assigned the name CAN-2005-0005 to this issue.

A format string bug was found in the way ImageMagick handles filenames.

An attacker could execute arbitrary code in a victims machine if they

are able to trick the victim into opening a file with a specially

crafted name. The Common Vulnerabilities and Exposures project

(cve.mitre.org) has assigned the name CAN-2005-0397 to this issue.

- Update to 6.2.0 to fix a number of security issues:

- Drop a lot of upstreamed patches

dbbd0c32799bc32658214273037f1942

SRPMS/ImageMagick-6.2.0.7-2.fc3.src.rpm

39ecc49bcdfda64dd2cfaac13b332f42

x86_64/ImageMagick-6.2.0.7-2.fc3.x86_64.rpm

908f8c2f25568cf2340db0a6ae7c5b57 x86_64/ImageMagick-devel-6.2.0.7-2.fc3.x86_64.rpm

7f5112e7f05c9d4a448f5edeb42b153c x86_64/ImageMagick-perl-6.2.0.7-2.fc3.x86_64.rpm

039af81133349c933d0de1e1f61f3ba1 x86_64/ImageMagick-c+

+-6.2.0.7-2.fc3.x86_64.rpm

455c2286d9f1ed1e778a5c5e905053cb x86_64/ImageMagick-c++-devel-6.2.0.7-2.fc3.x86_64.rpm

fe8a3812e6c3fbc8f5016e6eb1d2271a x86_64/debug/ImageMagick-debuginfo-6.2.0.7-2.fc3.x86_64.rpm

1f8387ff55eee8116b53309fc93e28db

x86_64/ImageMagick-6.2.0.7-2.fc3.i386.rpm

214aee8a27780dee6e5c4a5b8b58ec0e x86_64/ImageMagick-c+

+-6.2.0.7-2.fc3.i386.rpm

1f8387ff55eee8116b53309fc93e28db

i386/ImageMagick-6.2.0.7-2.fc3.i386.rpm

a97fb99dfbcddc4391a351a51d544f14 i386/ImageMagick-devel-6.2.0.7-2.fc3.i386.rpm

12ceecfa8d7fd51e9e7a0eaf92c2abcf i386/ImageMagick-perl-6.2.0.7-2.fc3.i386.rpm

214aee8a27780dee6e5c4a5b8b58ec0e i386/ImageMagick-c+

+-6.2.0.7-2.fc3.i386.rpm

1ed8f7ca926e4fd31500f7ee8f767e72 i386/ImageMagick-c++-devel-6.2.0.7-2.fc3.i386.rpm

1f8756e8c6b5405dad07396eb34bf064 i386/debug/ImageMagick-debuginfo-6.2.0.7-2.fc3.i386.rpm

This update can also be installed with the Update Agent; you can

launch the Update Agent with the 'up2date' command.

--fedora-announce-list mailing list

fedora-announce-list@redhat.com

http://www.redhat.com/mailman/listinfo/fedora-announce-list

FEDORA-2005-235 2005-03-30 Name : ImageMagick Version : 6.2.0.7 Release : 2.fc3 Summary : An X application for displaying and manipulating images. Description : ImageMagick(TM) is an image display and manipulation tool for the X Window System. ImageMagick can read and write JPEG, TIFF, PNM, GIF, and Photo CD image formats. It can resize, rotate, sharpen, color reduce, or add special effects to an image, and when finished you can either save the completed work in the original format or a different one. ImageMagick also includes command line programs for creating animated or transparent .gifs, creating composite images, creating thumbnail images, and more. ImageMagick is one of your choices if you need a program to manipulate and dis play images. If you want to develop your own applications which use ImageMagick code or APIs, you need to install ImageMagick-devel as well. Andrei Nigmatulin discovered a heap based buffer overflow flaw in the ImageMagick image handler. An attacker could create a carefully crafted Photoshop Document (PSD) image in such a way that it would cause ImageMagick to execute arbitrary code when processing the image. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0005 to this issue. A format string bug was found in the way ImageMagick handles filenames. An attacker could execute arbitrary code in a victims machine if they are able to trick the victim into opening a file with a specially crafted name. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0397 to this issue. - Update to 6.2.0 to fix a number of security issues: - Drop a lot of upstreamed patches dbbd0c32799bc32658214273037f1942 SRPMS/ImageMagick-6.2.0.7-2.fc3.src.rpm 39ecc49bcdfda64dd2cfaac13b332f42 x86_64/ImageMagick-6.2.0.7-2.fc3.x86_64.rpm 908f8c2f25568cf2340db0a6ae7c5b57 x86_64/ImageMagick-devel-6.2.0.7-2.fc3.x86_64.rpm 7f5112e7f05c9d4a448f5edeb42b153c x86_64/ImageMagick-perl-6.2.0.7-2.fc3.x86_64.rpm 039af81133349c933d0de1e1f61f3ba1 x86_64/ImageMagick-c+ +-6.2.0.7-2.fc3.x86_64.rpm 455c2286d9f1ed1e778a5c5e905053cb x86_64/ImageMagick-c++-devel-6.2.0.7-2.fc3.x86_64.rpm fe8a3812e6c3fbc8f5016e6eb1d2271a x86_64/debug/ImageMagick-debuginfo-6.2.0.7-2.fc3.x86_64.rpm 1f8387ff55eee8116b53309fc93e28db x86_64/ImageMagick-6.2.0.7-2.fc3.i386.rpm 214aee8a27780dee6e5c4a5b8b58ec0e x86_64/ImageMagick-c+ +-6.2.0.7-2.fc3.i386.rpm 1f8387ff55eee8116b53309fc93e28db i386/ImageMagick-6.2.0.7-2.fc3.i386.rpm a97fb99dfbcddc4391a351a51d544f14 i386/ImageMagick-devel-6.2.0.7-2.fc3.i386.rpm 12ceecfa8d7fd51e9e7a0eaf92c2abcf i386/ImageMagick-perl-6.2.0.7-2.fc3.i386.rpm 214aee8a27780dee6e5c4a5b8b58ec0e i386/ImageMagick-c+ +-6.2.0.7-2.fc3.i386.rpm 1ed8f7ca926e4fd31500f7ee8f767e72 i386/ImageMagick-c++-devel-6.2.0.7-2.fc3.i386.rpm 1f8756e8c6b5405dad07396eb34bf064 i386/debug/ImageMagick-debuginfo-6.2.0.7-2.fc3.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --fedora-announce-list mailing list fedora-announce-list@redhat.com http://www.redhat.com/mailman/listinfo/fedora-announce-list

Change Log

References

Update Instructions

Severity
Name : ImageMagick
Version : 6.2.0.7
Release : 2.fc3
Summary : An X application for displaying and manipulating images.

Related News

19.Laptop Bed Esm H320
2 - 3 min read
AlmaLinux 9.4 beta has been released and provides compelling reasons to consider it for desktop usage. While AlmaLinux is primarily known as a
32.Lock Code Circular Esm H320
2 - 3 min read
Linux admins and security practitioners face significant challenges in keeping their Linux systems secure amidst the constant threat of kernel bugs.
1.Penguin Landscape Esm H320
2 - 3 min read
A significant security threat, known as the Spectre v2 exploit, has been observed targeting Linux systems running on modern Intel processors. Let's
10.FingerPrint Locks Esm H320
2 - 3 min read
The recent release of I2P 2.5.0 , an anonymous P2P network that protects against online censorship, surveillance, and monitoring, has brought a slew
24.Key Code Esm H320
2 - 3 min read
The Akira ransomware group has extorted approximately $42 million from over 250 victims since January 1, 2024. The group initially focused on
5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
30.Lock Globe Motherboard Esm H320
1 - 2 min read
The SPDX 3.0 release marks a significant milestone in software management, particularly for Linux admins, infosec professionals, internet security
11.Locks IsometricPattern Esm H320
2 - 3 min read
Open Source maintainers and developers have been warned about the continued wave of attacks aimed at project maintainers similar to those recently
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved