Login
Newsletter
Werbung

Sicherheit: Pufferüberläufe in ImageMagick
Aktuelle Meldungen Distributionen
Name: Pufferüberläufe in ImageMagick
ID: MDKSA-2006:223
Distribution: Mandriva
Plattformen: Mandriva Corporate 3.0, Mandriva 2006.0, Mandriva Corporate 4.0
Datum: Sa, 2. Dezember 2006, 02:01
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5868
Applikationen: ImageMagick

Originalnachricht

This is a multi-part message in MIME format...

------------=_1165021265-16192-3794


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDKSA-2006:223
http://www.mandriva.com/security/
_______________________________________________________________________

Package : ImageMagick
Date : December 1, 2006
Affected: 2006.0, Corporate 3.0, Corporate 4.0
_______________________________________________________________________

Problem Description:

Multiple buffer overflows in Imagemagick 6.0 before 6.0.6.2, and 6.2
before 6.2.4.5, has unknown impact and user-assisted attack vectors via
a crafted SGI image.

Updated packages have been patched to correct this issue.
_______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5868
_______________________________________________________________________

Updated Packages:

Mandriva Linux 2006.0:
df62dd8449b08426a4188d5959b3f823
2006.0/i586/ImageMagick-6.2.4.3-1.4.20060mdk.i586.rpm
e87bbddff33171aae89d1d08400907a7
2006.0/i586/ImageMagick-doc-6.2.4.3-1.4.20060mdk.i586.rpm
8755d8beabe9a85f3e7a07b73d071c59
2006.0/i586/libMagick8.4.2-6.2.4.3-1.4.20060mdk.i586.rpm
2b6ae5e3b4c8e187e095442e7dcd5c24
2006.0/i586/libMagick8.4.2-devel-6.2.4.3-1.4.20060mdk.i586.rpm
d7e61aa5943b52eb374b0a2e44232e93
2006.0/i586/perl-Image-Magick-6.2.4.3-1.4.20060mdk.i586.rpm
e5875ef8dd63237d5c7c74a441b123fc
2006.0/SRPMS/ImageMagick-6.2.4.3-1.4.20060mdk.src.rpm

Mandriva Linux 2006.0/X86_64:
973d1bb7026248e93c9f1a16eba0cfaf
2006.0/x86_64/ImageMagick-6.2.4.3-1.4.20060mdk.x86_64.rpm
ca759633ecf8ef52b1c34f55d5a3af6d
2006.0/x86_64/ImageMagick-doc-6.2.4.3-1.4.20060mdk.x86_64.rpm
f65de07d50364a3c861f50ce6f11fee4
2006.0/x86_64/lib64Magick8.4.2-6.2.4.3-1.4.20060mdk.x86_64.rpm
c9e86c379bdfeb36e25bfd34e094b921
2006.0/x86_64/lib64Magick8.4.2-devel-6.2.4.3-1.4.20060mdk.x86_64.rpm
9d58fe1606d8f1f0f6a225df3ac58b48
2006.0/x86_64/perl-Image-Magick-6.2.4.3-1.4.20060mdk.x86_64.rpm
e5875ef8dd63237d5c7c74a441b123fc
2006.0/SRPMS/ImageMagick-6.2.4.3-1.4.20060mdk.src.rpm

Corporate 3.0:
fc15d48d236f0d1f738c795190081ddd
corporate/3.0/i586/ImageMagick-5.5.7.15-6.9.C30mdk.i586.rpm
3ba801afddeb42759aebd891971b5fce
corporate/3.0/i586/ImageMagick-doc-5.5.7.15-6.9.C30mdk.i586.rpm
35c8a337172b91501486381be4e0aa7d
corporate/3.0/i586/libMagick5.5.7-5.5.7.15-6.9.C30mdk.i586.rpm
3273f233005c79adf0602ade443de675
corporate/3.0/i586/libMagick5.5.7-devel-5.5.7.15-6.9.C30mdk.i586.rpm
8dfce9d9e00005e990c1203c1144ac34
corporate/3.0/i586/perl-Magick-5.5.7.15-6.9.C30mdk.i586.rpm
3cf9bff07102ada97373a66c5f4c6e05
corporate/3.0/SRPMS/ImageMagick-5.5.7.15-6.9.C30mdk.src.rpm

Corporate 3.0/X86_64:
0f8193fed5ac7b344398b9e99fe5bccb
corporate/3.0/x86_64/ImageMagick-5.5.7.15-6.9.C30mdk.x86_64.rpm
bdae28be1bcacf4f5bc6d9bdfa589cbd
corporate/3.0/x86_64/ImageMagick-doc-5.5.7.15-6.9.C30mdk.x86_64.rpm
fa4a5fe3e447770c33ef0596da8570fb
corporate/3.0/x86_64/lib64Magick5.5.7-5.5.7.15-6.9.C30mdk.x86_64.rpm
8af081adcd750d5edec44bf1e85e5c7d
corporate/3.0/x86_64/lib64Magick5.5.7-devel-5.5.7.15-6.9.C30mdk.x86_64.rpm
e238642447217ade5a772c4b12b492b3
corporate/3.0/x86_64/perl-Magick-5.5.7.15-6.9.C30mdk.x86_64.rpm
3cf9bff07102ada97373a66c5f4c6e05
corporate/3.0/SRPMS/ImageMagick-5.5.7.15-6.9.C30mdk.src.rpm

Corporate 4.0:
dde2f028a95732f3d5fd5bfd48ede727
corporate/4.0/i586/ImageMagick-6.2.4.3-1.4.20060mlcs4.i586.rpm
6affed772cabdc8e8eb6e6ed96efb178
corporate/4.0/i586/ImageMagick-doc-6.2.4.3-1.4.20060mlcs4.i586.rpm
426d44c76834a660ea48c09719048de2
corporate/4.0/i586/libMagick8.4.2-6.2.4.3-1.4.20060mlcs4.i586.rpm
4cc0f80f0bbfdbc1c26a497f14e2dd0d
corporate/4.0/i586/libMagick8.4.2-devel-6.2.4.3-1.4.20060mlcs4.i586.rpm
9deab133788e00cf6487a057042c3ae0
corporate/4.0/i586/perl-Image-Magick-6.2.4.3-1.4.20060mlcs4.i586.rpm
0b75266159c73fcb8a0f7027d208bee2
corporate/4.0/SRPMS/ImageMagick-6.2.4.3-1.4.20060mlcs4.src.rpm

Corporate 4.0/X86_64:
283a0751148b3468bd3e2281d819f08d
corporate/4.0/x86_64/ImageMagick-6.2.4.3-1.4.20060mlcs4.x86_64.rpm
48ee2e7835b97a89e27342c3a27db913
corporate/4.0/x86_64/ImageMagick-doc-6.2.4.3-1.4.20060mlcs4.x86_64.rpm
fad038ed56f886f4656302721a616578
corporate/4.0/x86_64/lib64Magick8.4.2-6.2.4.3-1.4.20060mlcs4.x86_64.rpm
17b7841d6459f0a52662f43d16f09771
corporate/4.0/x86_64/lib64Magick8.4.2-devel-6.2.4.3-1.4.20060mlcs4.x86_64.rpm
dbcfd793204ead891cbf779c1075287e
corporate/4.0/x86_64/perl-Image-Magick-6.2.4.3-1.4.20060mlcs4.x86_64.rpm
0b75266159c73fcb8a0f7027d208bee2
corporate/4.0/SRPMS/ImageMagick-6.2.4.3-1.4.20060mlcs4.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)

iD8DBQFFcJi1mqjQ0CJFipgRAoCvAJ9sJwsy6KmxvLwFtEyFiCoLvVHIaACgj+2v
kI0mULDMWX7ydgtZ+bArC40=
=m55O
-----END PGP SIGNATURE-----


------------=_1165021265-16192-3794
Content-Type: text/plain; name="message-footer.txt"
Content-Disposition: inline; filename="message-footer.txt"
Content-Transfer-Encoding: 8bit

To unsubscribe, send a email to sympa@mandrivalinux.org
with this subject : unsubscribe security-announce
_______________________________________________________
Want to buy your Pack or Services from Mandriva?
Go to http://www.mandrivastore.com
Join the Club : http://www.mandrivaclub.com
_______________________________________________________

------------=_1165021265-16192-3794--
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten
Werbung