drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Zwei Probleme in ImageMagick
Name: |
Zwei Probleme in ImageMagick |
|
ID: |
TLSA-2005-75 |
|
Distribution: |
TurboLinux |
|
Plattformen: |
Turbolinux 10 Server, Turbolinux 10 Desktop, Turbolinux 10 F..., Turbolinux 7 Server, Turbolinux 7 Workstation, Turbolinux 8 Server, Turbolinux 8 Workstation, Turbolinux Home, Turbolinux Multimedia, Turbolinux Personal |
|
Datum: |
Sa, 3. September 2005, 03:50 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1275
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1739 |
|
Applikationen: |
ImageMagick |
|
Originalnachricht |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
-------------------------------------------------------------------------- Turbolinux Security Advisory TLSA-2005-75 http://www.turbolinux.co.jp/security/ security-team@turbolinux.co.jp --------------------------------------------------------------------------
Original released date: 06 Jul 2005 Last revised: 03 Aug 2005
Package: ImageMagick
Summary: Two vulnerabilities discovered ImageMagick
More information: ImageMagick(TM) is an image display and manipulation tool for the X Window System. ImageMagick can read and write JPEG, TIFF, PNM, GIF and Photo CD image file formats.
- A Heap-based buffer overflow vulnerability exists in ImageMagick. - ImageMagick may allow attackers to cause a denial of service (infinite loop).
Impact: These vulerabilities may allow remote attackers to execute arbitrary code, and/or allow attackers to cause a denial of service via malformed PNM, XWD image files.
Affected Products: - Turbolinux 10 Server - Turbolinux Home - Turbolinux 10 F... - Turbolinux 10 Desktop - Turbolinux Multimedia - Turbolinux Personal - Turbolinux 8 Server - Turbolinux 8 Workstation - Turbolinux 7 Server - Turbolinux 7 Workstation
Solution: Please use the turbopkg (zabom) tool to apply the update. --------------------------------------------- [Turbolinux 10 Server] # turbopkg or # zabom -u ImageMagick ImageMagick-c++ ImageMagick-devel ImageMagick-perl
[Turbolinux 10 Desktop, Turbolinux 10 F..., Turbolinux Home, Turbolinux Multimedia, Turbolinux Personal] # turbopkg or # zabom -u ImageMagick ImageMagick-devel
[Turbolinux 8 Server] # turbopkg or # zabom update ImageMagick ImageMagick-c++ ImageMagick-devel ImageMagick-perl
[other] # turbopkg or # zabom update ImageMagick ImageMagick-devel ---------------------------------------------
<Turbolinux 10 Server>
Source Packages Size: MD5
ImageMagick-6.0.5-8.src.rpm 7514308 e9daa3af8ee537f4d869b5ecef554173
Binary Packages Size: MD5
ImageMagick-6.0.5-8.i586.rpm 4363655 73906b405c975b14cf56c67831f40c7b ImageMagick-c++-6.0.5-8.i586.rpm 306773 78871191ce61eadd63cfea6bf3475aa2 ImageMagick-devel-6.0.5-8.i586.rpm 785882 3aa060ebed655429490e47820288bf4e ImageMagick-perl-6.0.5-8.i586.rpm 74122 5b2c25cdbab5daa33f6899ac981d1ac2
<Turbolinux 10 Desktop, Turbolinux 10 F..., Turbolinux Home, Turbolinux Multimedia, Turbolinux Personal>
Source Packages Size: MD5
ImageMagick-6.0.5-8.src.rpm 7514308 56d51b61bd67ffa460410c597d144093
Binary Packages Size: MD5
ImageMagick-6.0.5-8.i586.rpm 4370553 a59cbd05249fa783044411b05347c822 ImageMagick-devel-6.0.5-8.i586.rpm 784769 6708f39694bac1ec0cc560858a8731a5
<Turbolinux 8 Server>
Source Packages Size: MD5
ImageMagick-5.4.7-6.src.rpm 3619144 e40f0006350c77462cee8ae7b853679b
Binary Packages Size: MD5
ImageMagick-5.4.7-6.i586.rpm 3208246 17be28c277b6c3efb136f3da462b9a0d ImageMagick-c++-5.4.7-6.i586.rpm 1392389 a6536c2ae9a9ffc715b3a469abd126c1 ImageMagick-devel-5.4.7-6.i586.rpm 856126 3f56e9ed747e421ac77124775e4511f1 ImageMagick-perl-5.4.7-6.i586.rpm 60501 ac1980662ac21fc0846e8aefa36009d3
<Turbolinux 8 Workstation>
Source Packages Size: MD5
ImageMagick-5.4.3-5.src.rpm 3668382 f6fc9d829ef472fe7ceb1b9fd17faab3
Binary Packages Size: MD5
ImageMagick-5.4.3-5.i586.rpm 3668836 2ce973bd884111f9fcf1a54309edb555 ImageMagick-devel-5.4.3-5.i586.rpm 971691 4571ab2d93ab08e69cebcb03c097b8e2
<Turbolinux 7 Server>
Source Packages Size: MD5
ImageMagick-5.3.3-6.src.rpm 3660398 938024c85b07e0bea80009aca098124e
Binary Packages Size: MD5
ImageMagick-5.3.3-6.i586.rpm 3039351 dfcf3c844a75160469dca07cb3de23c3 ImageMagick-devel-5.3.3-6.i586.rpm 1266831 bff89b098bded2efbf8c7f2b3fce8aae
<Turbolinux 7 Workstation>
Source Packages Size: MD5
ImageMagick-5.3.3-6.src.rpm 3660398 3f319af8bac1b18a5584214d44a32ae6
Binary Packages Size: MD5
ImageMagick-5.3.3-6.i586.rpm 3039165 77d4619d3f539729aaec31238ab5d689 ImageMagick-devel-5.3.3-6.i586.rpm 1267652 bd1f521546b40202e7c49b421082e1f5
References:
CVE [CAN-2005-1275] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1275 [CAN-2005-1739] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1739
-------------------------------------------------------------------------- Revision History 06 Jul 2005 Initial release 03 Aug 2005 Added Turbolinux Multimedia, Turbolinux Personal to "Affected Products" --------------------------------------------------------------------------
Copyright(C) 2005 Turbolinux, Inc. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux)
iD8DBQFC8G6SK0LzjOqIJMwRAiaeAJ9yPSqYlvqjbgLWaDkAu4YBeaRX8ACglcsq dYeaz+MVSMl1MUJhkaywl+8= =i/E3 -----END PGP SIGNATURE-----
|
|
|
|