Red Hat: ImageMagick security vulnerability fix
Posted by Joe Shakespeare   
RedHat Linux Updated ImageMagick packages that fixes a buffer overflow are now available.

---------------------------------------------------------------------
                   Red Hat Security Advisory

Synopsis:          Updated ImageMagick packages fix security vulnerability
Advisory ID:       RHSA-2004:636-01
Advisory URL:      https://rhn.redhat.com/errata/RHSA-2004-636.html
Issue date:        2004-12-08
Updated on:        2004-12-08
Product:           Red Hat Enterprise Linux
CVE Names:         CAN-2004-0981 CAN-2004-0827
---------------------------------------------------------------------

1. Summary:

Updated ImageMagick packages that fixes a buffer overflow are now available.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64
Red Hat Linux Advanced Workstation 2.1 - ia64
Red Hat Enterprise Linux ES version 2.1 - i386
Red Hat Enterprise Linux WS version 2.1 - i386
Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Desktop version 3 - i386, x86_64
Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64

3. Problem description:

ImageMagick(TM) is an image display and manipulation tool for the X Window
System.

A buffer overflow flaw was discovered in the ImageMagick image handler.
An attacker could create a carefully crafted image file with an improper
EXIF information in such a way that it would cause ImageMagick to execute
arbitrary code when processing the image. The Common Vulnerabilities and
Exposures project (cve.mitre.org) has assigned the name CAN-2004-0981 to
this issue.

David Eisenstein has reported that our previous fix for CAN-2004-0827, a
heap overflow flaw, was incomplete.  An attacker could create a carefully
crafted BMP file in such a way that it could cause ImageMagick to execute
arbitrary code when processing the image. The Common Vulnerabilities and
Exposures project (cve.mitre.org) has assigned the name CAN-2004-0827 to
this issue.

Users of ImageMagick should upgrade to these updated packages, which
contain a backported patch, and is not vulnerable to this issue.

4. Solution:

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.  Use Red Hat
Network to download and update your packages.  To launch the Red Hat
Update Agent, use the following command:

    up2date

For information on how to install packages manually, refer to the
following Web page for the System Administration or Customization
guide specific to your system:

    http://www.redhat.com/docs/manuals/enterprise/

5. Bug IDs fixed (http://bugzilla.redhat.com/ for more info):

138383 - CAN-2004-0981 buffer overflow in ImageMagick's EXIF parser
130807 - CAN-2004-0827 heap overflow in BMP decoder

6. RPMs required:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/ImageMagick-5.3.8-6.src.rpm
04d666060f01521d9fea24742a3f5439  ImageMagick-5.3.8-6.src.rpm

i386:
49dfa73a8b65db1b71604ff7dbed85b8  ImageMagick-5.3.8-6.i386.rpm
e1e68b14d6c637bfa9525accb884b4cb  ImageMagick-c++-5.3.8-6.i386.rpm
4fda06f1279142275c0e3f1365888590  ImageMagick-c++-devel-5.3.8-6.i386.rpm
852ce90eaa8d702e4e3c0a74b4b8ae7a  ImageMagick-devel-5.3.8-6.i386.rpm
5e35ecce0aeb39bcdcab5d307e6a289d  ImageMagick-perl-5.3.8-6.i386.rpm

ia64:
9eebb430cc2782bf8779c2b6c1ac9330  ImageMagick-5.3.8-6.ia64.rpm
03597330fda5d808c67f7e9217e6cd99  ImageMagick-c++-5.3.8-6.ia64.rpm
9a2b3cde42826d541dc25cc18b6fef82  ImageMagick-c++-devel-5.3.8-6.ia64.rpm
3ef246ab1ead8e4ac34d5fb600ba6e11  ImageMagick-devel-5.3.8-6.ia64.rpm
0f8b492a2e35876487a18cb34717530f  ImageMagick-perl-5.3.8-6.ia64.rpm

Red Hat Linux Advanced Workstation 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/ImageMagick-5.3.8-6.src.rpm
04d666060f01521d9fea24742a3f5439  ImageMagick-5.3.8-6.src.rpm

ia64:
9eebb430cc2782bf8779c2b6c1ac9330  ImageMagick-5.3.8-6.ia64.rpm
03597330fda5d808c67f7e9217e6cd99  ImageMagick-c++-5.3.8-6.ia64.rpm
9a2b3cde42826d541dc25cc18b6fef82  ImageMagick-c++-devel-5.3.8-6.ia64.rpm
3ef246ab1ead8e4ac34d5fb600ba6e11  ImageMagick-devel-5.3.8-6.ia64.rpm
0f8b492a2e35876487a18cb34717530f  ImageMagick-perl-5.3.8-6.ia64.rpm

Red Hat Enterprise Linux ES version 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/ImageMagick-5.3.8-6.src.rpm
04d666060f01521d9fea24742a3f5439  ImageMagick-5.3.8-6.src.rpm

i386:
49dfa73a8b65db1b71604ff7dbed85b8  ImageMagick-5.3.8-6.i386.rpm
e1e68b14d6c637bfa9525accb884b4cb  ImageMagick-c++-5.3.8-6.i386.rpm
4fda06f1279142275c0e3f1365888590  ImageMagick-c++-devel-5.3.8-6.i386.rpm
852ce90eaa8d702e4e3c0a74b4b8ae7a  ImageMagick-devel-5.3.8-6.i386.rpm
5e35ecce0aeb39bcdcab5d307e6a289d  ImageMagick-perl-5.3.8-6.i386.rpm

Red Hat Enterprise Linux WS version 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/ImageMagick-5.3.8-6.src.rpm
04d666060f01521d9fea24742a3f5439  ImageMagick-5.3.8-6.src.rpm

i386:
49dfa73a8b65db1b71604ff7dbed85b8  ImageMagick-5.3.8-6.i386.rpm
e1e68b14d6c637bfa9525accb884b4cb  ImageMagick-c++-5.3.8-6.i386.rpm
4fda06f1279142275c0e3f1365888590  ImageMagick-c++-devel-5.3.8-6.i386.rpm
852ce90eaa8d702e4e3c0a74b4b8ae7a  ImageMagick-devel-5.3.8-6.i386.rpm
5e35ecce0aeb39bcdcab5d307e6a289d  ImageMagick-perl-5.3.8-6.i386.rpm

Red Hat Enterprise Linux AS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/ImageMagick-5.5.6-7.src.rpm
0eca5e4139fabef268b8b94405406037  ImageMagick-5.5.6-7.src.rpm

i386:
9647bd23372123be8453f3ea2411b9d9  ImageMagick-5.5.6-7.i386.rpm
7b8262f374a5af5e62f0d6a0e7f4f45b  ImageMagick-c++-5.5.6-7.i386.rpm
15459e343c4a2bb2e651a16ae52a215c  ImageMagick-c++-devel-5.5.6-7.i386.rpm
e8ba073973164c5cb145ea3bbdca6f21  ImageMagick-devel-5.5.6-7.i386.rpm
1b048cef4ad7d7f80fe6b174304efd2f  ImageMagick-perl-5.5.6-7.i386.rpm

ia64:
e9d6b12d49f82587079d8630288d5c21  ImageMagick-5.5.6-7.ia64.rpm
76c2730209f2a419d77dcc6228bce775  ImageMagick-c++-5.5.6-7.ia64.rpm
ad56120694232886525cf73e78059d70  ImageMagick-c++-devel-5.5.6-7.ia64.rpm
5540e68ca6ad478f0c06747e0b0af6a9  ImageMagick-devel-5.5.6-7.ia64.rpm
f5d26f006e80d29379611fe429a057a5  ImageMagick-perl-5.5.6-7.ia64.rpm

ppc:
90facda803fb447e862d754a0f773a24  ImageMagick-5.5.6-7.ppc.rpm
1f7dd0b886fc4dd81f83d203cf125e1c  ImageMagick-c++-5.5.6-7.ppc.rpm
1b005351b9db9d7882bfb636d4c31d18  ImageMagick-c++-devel-5.5.6-7.ppc.rpm
a30586353d6bb70020ed3df263f1a497  ImageMagick-devel-5.5.6-7.ppc.rpm
4f2d299fb4fb9831513136d8e56ec8f9  ImageMagick-perl-5.5.6-7.ppc.rpm

s390:
7acdb99fdb3735bec4b5deaffe48638f  ImageMagick-5.5.6-7.s390.rpm
744ad5fe4fcdd1931e6a29acf52c126b  ImageMagick-c++-5.5.6-7.s390.rpm
cfb51a057018d71a439067395835434d  ImageMagick-c++-devel-5.5.6-7.s390.rpm
49aa63d472ea09bb054cd05907941f40  ImageMagick-devel-5.5.6-7.s390.rpm
fb355cd7d24232761a23231c00f9ceef  ImageMagick-perl-5.5.6-7.s390.rpm

s390x:
2c986024e9a51e4cef1157260efebc28  ImageMagick-5.5.6-7.s390x.rpm
1be22c2e7138567cd9b37f727e1eb2ad  ImageMagick-c++-5.5.6-7.s390x.rpm
557aa610b7be1d2ef6670cada21631de  ImageMagick-c++-devel-5.5.6-7.s390x.rpm
74535eac90406854a4d16432b33d9ef2  ImageMagick-devel-5.5.6-7.s390x.rpm
1120d649cfe4b12886a402280fd50b20  ImageMagick-perl-5.5.6-7.s390x.rpm

x86_64:
5dca93db805a70a5e5c63e9ad8799924  ImageMagick-5.5.6-7.x86_64.rpm
f57f942a8ed19d997f92767028a66fad  ImageMagick-c++-5.5.6-7.x86_64.rpm
c17c17e26cf6320885fb4b49a48d8d00  ImageMagick-c++-devel-5.5.6-7.x86_64.rpm
9c7bc81a718108e2e848f0cb04223492  ImageMagick-devel-5.5.6-7.x86_64.rpm
66699a74e16e141df285f25146da7a43  ImageMagick-perl-5.5.6-7.x86_64.rpm

Red Hat Desktop version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/ImageMagick-5.5.6-7.src.rpm
0eca5e4139fabef268b8b94405406037  ImageMagick-5.5.6-7.src.rpm

i386:
9647bd23372123be8453f3ea2411b9d9  ImageMagick-5.5.6-7.i386.rpm
7b8262f374a5af5e62f0d6a0e7f4f45b  ImageMagick-c++-5.5.6-7.i386.rpm
15459e343c4a2bb2e651a16ae52a215c  ImageMagick-c++-devel-5.5.6-7.i386.rpm
e8ba073973164c5cb145ea3bbdca6f21  ImageMagick-devel-5.5.6-7.i386.rpm
1b048cef4ad7d7f80fe6b174304efd2f  ImageMagick-perl-5.5.6-7.i386.rpm

x86_64:
5dca93db805a70a5e5c63e9ad8799924  ImageMagick-5.5.6-7.x86_64.rpm
f57f942a8ed19d997f92767028a66fad  ImageMagick-c++-5.5.6-7.x86_64.rpm
c17c17e26cf6320885fb4b49a48d8d00  ImageMagick-c++-devel-5.5.6-7.x86_64.rpm
9c7bc81a718108e2e848f0cb04223492  ImageMagick-devel-5.5.6-7.x86_64.rpm
66699a74e16e141df285f25146da7a43  ImageMagick-perl-5.5.6-7.x86_64.rpm

Red Hat Enterprise Linux ES version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/ImageMagick-5.5.6-7.src.rpm
0eca5e4139fabef268b8b94405406037  ImageMagick-5.5.6-7.src.rpm

i386:
9647bd23372123be8453f3ea2411b9d9  ImageMagick-5.5.6-7.i386.rpm
7b8262f374a5af5e62f0d6a0e7f4f45b  ImageMagick-c++-5.5.6-7.i386.rpm
15459e343c4a2bb2e651a16ae52a215c  ImageMagick-c++-devel-5.5.6-7.i386.rpm
e8ba073973164c5cb145ea3bbdca6f21  ImageMagick-devel-5.5.6-7.i386.rpm
1b048cef4ad7d7f80fe6b174304efd2f  ImageMagick-perl-5.5.6-7.i386.rpm

ia64:
e9d6b12d49f82587079d8630288d5c21  ImageMagick-5.5.6-7.ia64.rpm
76c2730209f2a419d77dcc6228bce775  ImageMagick-c++-5.5.6-7.ia64.rpm
ad56120694232886525cf73e78059d70  ImageMagick-c++-devel-5.5.6-7.ia64.rpm
5540e68ca6ad478f0c06747e0b0af6a9  ImageMagick-devel-5.5.6-7.ia64.rpm
f5d26f006e80d29379611fe429a057a5  ImageMagick-perl-5.5.6-7.ia64.rpm

x86_64:
5dca93db805a70a5e5c63e9ad8799924  ImageMagick-5.5.6-7.x86_64.rpm
f57f942a8ed19d997f92767028a66fad  ImageMagick-c++-5.5.6-7.x86_64.rpm
c17c17e26cf6320885fb4b49a48d8d00  ImageMagick-c++-devel-5.5.6-7.x86_64.rpm
9c7bc81a718108e2e848f0cb04223492  ImageMagick-devel-5.5.6-7.x86_64.rpm
66699a74e16e141df285f25146da7a43  ImageMagick-perl-5.5.6-7.x86_64.rpm

Red Hat Enterprise Linux WS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/ImageMagick-5.5.6-7.src.rpm
0eca5e4139fabef268b8b94405406037  ImageMagick-5.5.6-7.src.rpm

i386:
9647bd23372123be8453f3ea2411b9d9  ImageMagick-5.5.6-7.i386.rpm
7b8262f374a5af5e62f0d6a0e7f4f45b  ImageMagick-c++-5.5.6-7.i386.rpm
15459e343c4a2bb2e651a16ae52a215c  ImageMagick-c++-devel-5.5.6-7.i386.rpm
e8ba073973164c5cb145ea3bbdca6f21  ImageMagick-devel-5.5.6-7.i386.rpm
1b048cef4ad7d7f80fe6b174304efd2f  ImageMagick-perl-5.5.6-7.i386.rpm

ia64:
e9d6b12d49f82587079d8630288d5c21  ImageMagick-5.5.6-7.ia64.rpm
76c2730209f2a419d77dcc6228bce775  ImageMagick-c++-5.5.6-7.ia64.rpm
ad56120694232886525cf73e78059d70  ImageMagick-c++-devel-5.5.6-7.ia64.rpm
5540e68ca6ad478f0c06747e0b0af6a9  ImageMagick-devel-5.5.6-7.ia64.rpm
f5d26f006e80d29379611fe429a057a5  ImageMagick-perl-5.5.6-7.ia64.rpm

x86_64:
5dca93db805a70a5e5c63e9ad8799924  ImageMagick-5.5.6-7.x86_64.rpm
f57f942a8ed19d997f92767028a66fad  ImageMagick-c++-5.5.6-7.x86_64.rpm
c17c17e26cf6320885fb4b49a48d8d00  ImageMagick-c++-devel-5.5.6-7.x86_64.rpm
9c7bc81a718108e2e848f0cb04223492  ImageMagick-devel-5.5.6-7.x86_64.rpm
66699a74e16e141df285f25146da7a43  ImageMagick-perl-5.5.6-7.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://www.redhat.com/security/team/key.html#package

7. References:

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=278401
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0981
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0827

8. Contact:

The Red Hat security contact is .  More contact
details at https://www.redhat.com/security/team/contact.html

Copyright 2004 Red Hat, Inc.