Jump to content
Compatible Support Forums
Sign in to follow this  
Followers 0
news

[Security Announce] [ MDVSA-2009:260 ] imagemagick

By news, in Upcoming News

Recommended Posts

news    28

news
Posted

This is a multi-part message in MIME format...

 

------------=_1255058852-13155-2503

 

 

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1

 

_______________________________________________________________________

 

Mandriva Linux Security Advisory MDVSA-2009:260

http://www.mandriva.com/security/

_______________________________________________________________________

 

Package : imagemagick

Date : August 8, 2009

Affected: 2008.1, 2009.0, 2009.1, Corporate 3.0, Corporate 4.0,

Enterprise Server 5.0

_______________________________________________________________________

 

Problem Description:

 

A vulnerability has been found and corrected in ImageMagick,

which could lead to integer overflow in the XMakeImage function in

magick/xwindow.c, allowing remote attackers to cause a denial of

service (crash) and possibly execute arbitrary code via a crafted

TIFF file, which triggers a buffer overflow (CVE-2009-1882).

 

This update fixes this vulnerability.

_______________________________________________________________________

 

References:

 

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1882

_______________________________________________________________________

 

Updated Packages:

 

Mandriva Linux 2008.1:

000d32ef4c7a210f723bb8abca2369a1 2008.1/i586/imagemagick-6.3.8.9-1.1mdv2008.1.i586.rpm

3bb088effcf1578730669f7090715a79 2008.1/i586/imagemagick-desktop-6.3.8.9-1.1mdv2008.1.i586.rpm

31eb071ed1805064709079f359bdccd1 2008.1/i586/imagemagick-doc-6.3.8.9-1.1mdv2008.1.i586.rpm

6201b7e4a52ef6c7835ca0002d33dade 2008.1/i586/libmagick1-6.3.8.9-1.1mdv2008.1.i586.rpm

ac1d144fb0f3b1b9c2f728b6c1fa7d38 2008.1/i586/libmagick-devel-6.3.8.9-1.1mdv2008.1.i586.rpm

98a34a50e775d92bb88d41e01beed2c8 2008.1/i586/perl-Image-Magick-6.3.8.9-1.1mdv2008.1.i586.rpm

8dc8984568f0e766616f2b1a8d6ffb3f 2008.1/SRPMS/imagemagick-6.3.8.9-1.1mdv2008.1.src.rpm

 

Mandriva Linux 2008.1/X86_64:

568ecc8b6e1d1927f8193daf92a6d822 2008.1/x86_64/imagemagick-6.3.8.9-1.1mdv2008.1.x86_64.rpm

46f7fb348d6b11c30e2f53c7b65552cf 2008.1/x86_64/imagemagick-desktop-6.3.8.9-1.1mdv2008.1.x86_64.rpm

4d5a62dff9b657c5ad24103adf5534fe 2008.1/x86_64/imagemagick-doc-6.3.8.9-1.1mdv2008.1.x86_64.rpm

1db6951bf26fb55b071ce965db0936c5 2008.1/x86_64/lib64magick1-6.3.8.9-1.1mdv2008.1.x86_64.rpm

3d9cf389175542631f558677b23d6b9e 2008.1/x86_64/lib64magick-devel-6.3.8.9-1.1mdv2008.1.x86_64.rpm

6aa6c28c70a270a5bfa3f18e33e0db0f 2008.1/x86_64/perl-Image-Magick-6.3.8.9-1.1mdv2008.1.x86_64.rpm

8dc8984568f0e766616f2b1a8d6ffb3f 2008.1/SRPMS/imagemagick-6.3.8.9-1.1mdv2008.1.src.rpm

 

Mandriva Linux 2009.0:

5864e9f2d4a68acf190615abd5f46f7e 2009.0/i586/imagemagick-6.4.2.10-5.1mdv2009.0.i586.rpm

a16e207372431f6087ca52339eeed188 2009.0/i586/imagemagick-desktop-6.4.2.10-5.1mdv2009.0.i586.rpm

8eb2185217957bcb40b83a79d579a76e 2009.0/i586/imagemagick-doc-6.4.2.10-5.1mdv2009.0.i586.rpm

d922a7bb2f34cff1e646a9e8006d1ba8 2009.0/i586/libmagick1-6.4.2.10-5.1mdv2009.0.i586.rpm

6b5e5feef320022373fef83699daff57 2009.0/i586/libmagick-devel-6.4.2.10-5.1mdv2009.0.i586.rpm

c6829d7f1f6d2822ee1eff9f8d864ae8 2009.0/i586/perl-Image-Magick-6.4.2.10-5.1mdv2009.0.i586.rpm

64160117ddae7e1b63afe0ad2501c03f 2009.0/SRPMS/imagemagick-6.4.2.10-5.1mdv2009.0.src.rpm

 

Mandriva Linux 2009.0/X86_64:

752d78e34f8af293dbc256ccce753537 2009.0/x86_64/imagemagick-6.4.2.10-5.1mdv2009.0.x86_64.rpm

f9bf9850b50914e6df3ffed1f8134aef 2009.0/x86_64/imagemagick-desktop-6.4.2.10-5.1mdv2009.0.x86_64.rpm

a23f78e65f43a72a96f9e2b3e02c128f 2009.0/x86_64/imagemagick-doc-6.4.2.10-5.1mdv2009.0.x86_64.rpm

6a5c32996c31efa050af82ebc6bf4d69 2009.0/x86_64/lib64magick1-6.4.2.10-5.1mdv2009.0.x86_64.rpm

6b0e93615ac03d283db4a51ad29ed21f 2009.0/x86_64/lib64magick-devel-6.4.2.10-5.1mdv2009.0.x86_64.rpm

1af2852fd61de493222f0bcf2d6577cb 2009.0/x86_64/perl-Image-Magick-6.4.2.10-5.1mdv2009.0.x86_64.rpm

64160117ddae7e1b63afe0ad2501c03f 2009.0/SRPMS/imagemagick-6.4.2.10-5.1mdv2009.0.src.rpm

 

Mandriva Linux 2009.1:

f2593b7f31dcb185746313e65aff44f7 2009.1/i586/imagemagick-6.5.0.2-1.1mdv2009.1.i586.rpm

e988e6b818ed5c02bd7a5ff148417b00 2009.1/i586/imagemagick-desktop-6.5.0.2-1.1mdv2009.1.i586.rpm

6d236c544e26afed4ef50e47686d872e 2009.1/i586/imagemagick-doc-6.5.0.2-1.1mdv2009.1.i586.rpm

ddfdcefc6e06b96af42465299babbf10 2009.1/i586/libmagick2-6.5.0.2-1.1mdv2009.1.i586.rpm

40770452d4b337bfe1f10748edf709dc 2009.1/i586/libmagick-devel-6.5.0.2-1.1mdv2009.1.i586.rpm

b00fc21d70701d23202007369d33ae06 2009.1/i586/perl-Image-Magick-6.5.0.2-1.1mdv2009.1.i586.rpm

4059b2a924977c1fd32957f0f795dc47 2009.1/SRPMS/imagemagick-6.5.0.2-1.1mdv2009.1.src.rpm

 

Mandriva Linux 2009.1/X86_64:

d7fdb4d090e6eb3d597a03d91b595022 2009.1/x86_64/imagemagick-6.5.0.2-1.1mdv2009.1.x86_64.rpm

9843947fcb53123bca7c8102c5aaef86 2009.1/x86_64/imagemagick-desktop-6.5.0.2-1.1mdv2009.1.x86_64.rpm

9cc98f238a7f91e46e000c6b0bcfa28a 2009.1/x86_64/imagemagick-doc-6.5.0.2-1.1mdv2009.1.x86_64.rpm

83b07458a85288b2bbeac339bf498157 2009.1/x86_64/lib64magick2-6.5.0.2-1.1mdv2009.1.x86_64.rpm

52cd08d348b044831a9c01b614f3a3d2 2009.1/x86_64/lib64magick-devel-6.5.0.2-1.1mdv2009.1.x86_64.rpm

1faa5bb19ef4b7452a4fd0feab51b4a4 2009.1/x86_64/perl-Image-Magick-6.5.0.2-1.1mdv2009.1.x86_64.rpm

4059b2a924977c1fd32957f0f795dc47 2009.1/SRPMS/imagemagick-6.5.0.2-1.1mdv2009.1.src.rpm

 

Corporate 3.0:

645ec451082e58239f0489a3fab44238 corporate/3.0/i586/ImageMagick-5.5.7.15-6.13.C30mdk.i586.rpm

8310e2514914d4e7d344ba74b7f919a3 corporate/3.0/i586/ImageMagick-doc-5.5.7.15-6.13.C30mdk.i586.rpm

3012207a86e1f5610aba7f3109e19cd7 corporate/3.0/i586/libMagick5.5.7-5.5.7.15-6.13.C30mdk.i586.rpm

76b19c2f7536f1cb2e06c542540aa9af corporate/3.0/i586/libMagick5.5.7-devel-5.5.7.15-6.13.C30mdk.i586.rpm

f06f03723173bc820fe53efe43ab8c97 corporate/3.0/i586/perl-Magick-5.5.7.15-6.13.C30mdk.i586.rpm

ea14d890c45ca09b19c48f88ba50c133 corporate/3.0/SRPMS/ImageMagick-5.5.7.15-6.13.C30mdk.src.rpm

 

Corporate 3.0/X86_64:

496d83839bfeb45fcbf39e5c1918b9b3 corporate/3.0/x86_64/ImageMagick-5.5.7.15-6.3.100mdk.x86_64.rpm

ea4fd434431ddceadd32c5ccc87b58ce corporate/3.0/x86_64/ImageMagick-doc-5.5.7.15-6.3.100mdk.x86_64.rpm

8c941260c67e4aab1a3ce8373485281d corporate/3.0/x86_64/lib64Magick5.5.7-5.5.7.15-6.3.100mdk.x86_64.rpm

b41e2a5118973a036efdcac43324cf81 corporate/3.0/x86_64/lib64Magick5.5.7-devel-5.5.7.15-6.3.100mdk.x86_64.rpm

746b63d1b815ffb216c7d934c6054426 corporate/3.0/x86_64/perl-Magick-5.5.7.15-6.3.100mdk.x86_64.rpm

ea14d890c45ca09b19c48f88ba50c133 corporate/3.0/SRPMS/ImageMagick-5.5.7.15-6.13.C30mdk.src.rpm

 

Corporate 4.0:

66c83e2b4c0a89aa486fe5eb3ea27afe corporate/4.0/i586/ImageMagick-6.2.4.3-1.9.20060mlcs4.i586.rpm

b1886a35f1a2a2129a6501275b678b71 corporate/4.0/i586/ImageMagick-doc-6.2.4.3-1.9.20060mlcs4.i586.rpm

2847cd7464510d150178b4463aac5c80 corporate/4.0/i586/libMagick8.4.2-6.2.4.3-1.9.20060mlcs4.i586.rpm

629bb7b26373844d677d2499bf154f66 corporate/4.0/i586/libMagick8.4.2-devel-6.2.4.3-1.9.20060mlcs4.i586.rpm

d05ef57b7fbbbfe5b982c09fab10ede2 corporate/4.0/i586/perl-Image-Magick-6.2.4.3-1.9.20060mlcs4.i586.rpm

ad99ab7db500fd2afb62120088cc4d28 corporate/4.0/SRPMS/ImageMagick-6.2.4.3-1.9.20060mlcs4.src.rpm

 

Corporate 4.0/X86_64:

69517bf25c2493f61b603aa58bf5b171 corporate/4.0/x86_64/ImageMagick-6.2.4.3-1.9.20060mlcs4.x86_64.rpm

bc9bdd25c5ee2900f9f5beac206f698f corporate/4.0/x86_64/ImageMagick-doc-6.2.4.3-1.9.20060mlcs4.x86_64.rpm

3f6e510d8cfa8b8e718ccac2aaab3a60 corporate/4.0/x86_64/lib64Magick8.4.2-6.2.4.3-1.9.20060mlcs4.x86_64.rpm

87ca291036ffb59c08611042c99ea83c corporate/4.0/x86_64/lib64Magick8.4.2-devel-6.2.4.3-1.9.20060mlcs4.x86_64.rpm

63bcd120edab25c9c947c43e7dc9bfcd corporate/4.0/x86_64/perl-Image-Magick-6.2.4.3-1.9.20060mlcs4.x86_64.rpm

ad99ab7db500fd2afb62120088cc4d28 corporate/4.0/SRPMS/ImageMagick-6.2.4.3-1.9.20060mlcs4.src.rpm

 

Mandriva Enterprise Server 5:

1a37840782a8ae1bab37f50b81fc0134 mes5/i586/imagemagick-6.4.2.10-5.1mdvmes5.i586.rpm

22e54f467f3d46666271a581a9a96e88 mes5/i586/imagemagick-desktop-6.4.2.10-5.1mdvmes5.i586.rpm

5e9c329e028cc589d963af48d4102910 mes5/i586/imagemagick-doc-6.4.2.10-5.1mdvmes5.i586.rpm

06e75470dc9554fd589e11ff6eacc1ae mes5/i586/libmagick1-6.4.2.10-5.1mdvmes5.i586.rpm

354edabae7e2b0e2dea687111137ef62 mes5/i586/libmagick-devel-6.4.2.10-5.1mdvmes5.i586.rpm

69f0d7c697752df502404ce598ce8601 mes5/i586/perl-Image-Magick-6.4.2.10-5.1mdvmes5.i586.rpm

7514326c9caa396cf19303c9c3fe8bb2 mes5/SRPMS/imagemagick-6.4.2.10-5.1mdvmes5.src.rpm

 

Mandriva Enterprise Server 5/X86_64:

f4626dafbdabba314cb91035476f8d6a mes5/x86_64/imagemagick-6.4.2.10-5.1mdvmes5.x86_64.rpm

bf3b2922a0da494815d1d9e5d43f68f7 mes5/x86_64/imagemagick-desktop-6.4.2.10-5.1mdvmes5.x86_64.rpm

7f4e33fc5398d302d408ed8ac9476bf8 mes5/x86_64/imagemagick-doc-6.4.2.10-5.1mdvmes5.x86_64.rpm

283844cc3e0be95dfc5b90d10225d3d4 mes5/x86_64/lib64magick1-6.4.2.10-5.1mdvmes5.x86_64.rpm

a6eb1b319874c2080f8b1759d280ee65 mes5/x86_64/lib64magick-devel-6.4.2.10-5.1mdvmes5.x86_64.rpm

04ccec2c19e2f9aedd4fed4df3b4e934 mes5/x86_64/perl-Image-Magick-6.4.2.10-5.1mdvmes5.x86_64.rpm

7514326c9caa396cf19303c9c3fe8bb2 mes5/SRPMS/imagemagick-6.4.2.10-5.1mdvmes5.src.rpm

_______________________________________________________________________

 

To upgrade automatically use MandrivaUpdate or urpmi. The verification

of md5 checksums and GPG signatures is performed automatically for you.

 

All packages are signed by Mandriva for security. You can obtain the

GPG public key of the Mandriva Security Team by executing:

 

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 

You can view other update advisories for Mandriva Linux at:

 

http://www.mandriva.com/security/advisories

 

If you want to report vulnerabilities, please contact

 

security_(at)_mandriva.com

_______________________________________________________________________

 

Type Bits/KeyID Date User ID

pub 1024D/22458A98 2000-07-10 Mandriva Security Team

 

-----BEGIN PGP SIGNATURE-----

Version: GnuPG v1.4.9 (GNU/Linux)

 

iD8DBQFKzn36mqjQ0CJFipgRAm1oAJ4/rmywtwmIUNsUAL6JwlHTXMkUFgCg2jZ2

z3CtOJKMPXSkoU0jFrEETgU=

=CJdS

-----END PGP SIGNATURE-----

 

 

------------=_1255058852-13155-2503

Content-Type: text/plain; name="message-footer.txt"

Content-Disposition: inline; filename="message-footer.txt"

Content-Transfer-Encoding: 8bit

 

To unsubscribe, send a email to sympa ( -at -) mandrivalinux.org

with this subject : unsubscribe security-announce

_______________________________________________________

Want to buy your Pack or Services from Mandriva?

Go to http://www.mandrivastore.com

Join the Club : http://www.mandrivaclub.com

_______________________________________________________

 

------------=_1255058852-13155-2503--

 

 

Share this post

Link to post

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
Sign in to follow this  
Followers 0
Go To Topic Listing Upcoming News
×