LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

(Nearly) full tickless operation in 3.10

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Fedora alert FEDORA-2006-929 (ImageMagick)



From:
    	      "Matthias Clasen" <mclasen@redhat.com>


To:
    	      fedora-package-announce@redhat.com


Subject:
    	      [SECURITY] Fedora Core 5 Update: ImageMagick-6.2.5.4-4.2.1.fc5.4


Date:
    	      Wed, 23 Aug 2006 11:03:36 -0400


---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2006-929
2006-08-23
---------------------------------------------------------------------

Product     : Fedora Core 5
Name        : ImageMagick
Version     : 6.2.5.4
Release     : 4.2.1.fc5.4
Summary     : An X application for displaying and manipulating images.
Description :
ImageMagick(TM) is an image display and manipulation tool for the X
Window System. ImageMagick can read and write JPEG, TIFF, PNM, GIF,
and Photo CD image formats. It can resize, rotate, sharpen, color
reduce, or add special effects to an image, and when finished you can
either save the completed work in the original format or a different
one. ImageMagick also includes command line programs for creating
animated or transparent .gifs, creating composite images, creating
thumbnail images, and more.

ImageMagick is one of your choices if you need a program to manipulate
and dis play images. If you want to develop your own applications
which use ImageMagick code or APIs, you need to install
ImageMagick-devel as well.

---------------------------------------------------------------------
Update Information:

ImageMagick(TM) is an image display and manipulation tool
for the X Window System that can read and write multiple
image formats.

Tavis Ormandy discovered several integer and buffer overflow
flaws in the way ImageMagick decodes XCF, SGI, and Sun
bitmap graphic files. An attacker could execute arbitrary
code on a victim's machine if they were able to trick the
victim into opening a specially crafted image file.
(CVE-2006-3743, CVE-2006-4144)

Users of ImageMagick should upgrade to these updated
packages, which contain backported patches and are not
vulnerable to these issues. 
---------------------------------------------------------------------
* Wed Aug 23 2006 Matthias Clasen <mclasen@redhat.com> - 6.2.5.4-4.2.1.fc5.4
- fix several integer and buffer overflows (#202193, CVE-2006-3743)
- fix more integer overflows (#202771, CVE-2006-4144)

---------------------------------------------------------------------
This update can be downloaded from:
    http://download.fedora.redhat.com/pub/fedora/linux/core/u...

0f625ef3e9fba0f300080e5425eee180f1e72429  SRPMS/ImageMagick-6.2.5.4-4.2.1.fc5.4.src.rpm
0f625ef3e9fba0f300080e5425eee180f1e72429  noarch/ImageMagick-6.2.5.4-4.2.1.fc5.4.src.rpm
b589debb77f932265e6a367fcaf7ec6833f39943  ppc/ImageMagick-c++-devel-6.2.5.4-4.2.1.fc5.4.ppc.rpm
bc50271e8311cd8433ac37a49df8855a84ea2210  ppc/ImageMagick-devel-6.2.5.4-4.2.1.fc5.4.ppc.rpm
8ec6edae987fccf48bacc3af4e43343cc4eb9cea  ppc/ImageMagick-6.2.5.4-4.2.1.fc5.4.ppc.rpm
fda476e4f696c597d3731005adc407056dae36e3
ppc/debug/ImageMagick-debuginfo-6.2.5.4-4.2.1.fc5.4.ppc.rpm
455f3e063ee319e6c397f7f3a18670d584c74f93  ppc/ImageMagick-perl-6.2.5.4-4.2.1.fc5.4.ppc.rpm
2a788a9b6610989a463eae43e31e1ee36c1187c1  ppc/ImageMagick-c++-6.2.5.4-4.2.1.fc5.4.ppc.rpm
cc597ababf15a51f5a9d5db6fac605c9d9d7c44c  x86_64/ImageMagick-perl-6.2.5.4-4.2.1.fc5.4.x86_64.rpm
0e9ec0f8ca903bc65c0a2805e1b8e0074a87b5fc  x86_64/ImageMagick-6.2.5.4-4.2.1.fc5.4.x86_64.rpm
78b13ab2e4ba199832b14f40e739f67802383fcb
x86_64/debug/ImageMagick-debuginfo-6.2.5.4-4.2.1.fc5.4.x86_64.rpm
53ca9d9cad4a8549def9f426ff961d604852c848  x86_64/ImageMagick-c++-6.2.5.4-4.2.1.fc5.4.x86_64.rpm
b8995e667fe115191b06b0b9e8450e2ab36ed887  x86_64/ImageMagick-devel-6.2.5.4-4.2.1.fc5.4.x86_64.rpm
fc0aa4f71a558aac3d64e3a9f4c1d473a582acc8
x86_64/ImageMagick-c++-devel-6.2.5.4-4.2.1.fc5.4.x86_64.rpm
94cd920ff63e1e2afb8da932b7119a13b477d507
i386/debug/ImageMagick-debuginfo-6.2.5.4-4.2.1.fc5.4.i386.rpm
1af20b86bd6ae7f56945d48cded312ca43a0ec0a  i386/ImageMagick-perl-6.2.5.4-4.2.1.fc5.4.i386.rpm
4b65ca62aee3b2909ca8f55522a7d98ffc7779cf  i386/ImageMagick-devel-6.2.5.4-4.2.1.fc5.4.i386.rpm
da50b2f35358f62e621bb49106d9ece55b2d47f2  i386/ImageMagick-c++-devel-6.2.5.4-4.2.1.fc5.4.i386.rpm
7749ef7a0e705845269394097c97ce9f4f6ce47e  i386/ImageMagick-c++-6.2.5.4-4.2.1.fc5.4.i386.rpm
3cf28da3bdb7ce078b5157d147600f97966ff274  i386/ImageMagick-6.2.5.4-4.2.1.fc5.4.i386.rpm

This update can be installed with the 'yum' update program.  Use 'yum update
package-name' at the command line.  For more information, refer to 'Managing
Software with yum,' available at http://fedora.redhat.com/docs/yum/.
---------------------------------------------------------------------

_______________________________________________
Fedora-package-announce mailing list
Fedora-package-announce@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-package-ann...
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds