openSUSE alert openSUSE-SU-2012:0692-1 (ImageMagick) [LWN.net]


From:
    	       opensuse-security@opensuse.org 
To:
    	       opensuse-updates@opensuse.org 
Subject:
    	       openSUSE-SU-2012:0692-1: moderate: update for ImageMagick 
Date:
    	       Mon,  4 Jun 2012 11:08:42 +0200 (CEST)
Message-ID:
    	       <20120604090842.5435232409@maintenance.suse.de>
Archive-link:
    	       Article, Thread
              
   openSUSE Security Update: update for ImageMagick
______________________________________________________________________________

Announcement ID:    openSUSE-SU-2012:0692-1
Rating:             moderate
References:         #746880 #752879 #754749 #758512 
Cross-References:   CVE-2012-0247 CVE-2012-0248 CVE-2012-0259
                    CVE-2012-0260 CVE-2012-1185 CVE-2012-1186
                    CVE-2012-1610 CVE-2012-1798
Affected Products:
                    openSUSE 12.1
                    openSUSE 11.4
______________________________________________________________________________

   An update that fixes 8 vulnerabilities is now available.

Description:

   Specially crafted files could cause overflows in ImageMagick


Patch Instructions:

   To install this openSUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - openSUSE 12.1:

      zypper in -t patch openSUSE-2012-310

   - openSUSE 11.4:

      zypper in -t patch openSUSE-2012-310

   To bring your system up-to-date, use "zypper patch".


Package List:

   - openSUSE 12.1 (i586 x86_64):

      ImageMagick-6.7.2.7-5.5.1
      ImageMagick-debuginfo-6.7.2.7-5.5.1
      ImageMagick-debugsource-6.7.2.7-5.5.1
      ImageMagick-devel-6.7.2.7-5.5.1
      ImageMagick-extra-6.7.2.7-5.5.1
      ImageMagick-extra-debuginfo-6.7.2.7-5.5.1
      libMagick++-devel-6.7.2.7-5.5.1
      libMagick++5-6.7.2.7-5.5.1
      libMagick++5-debuginfo-6.7.2.7-5.5.1
      libMagickCore5-6.7.2.7-5.5.1
      libMagickCore5-debuginfo-6.7.2.7-5.5.1
      libMagickWand5-6.7.2.7-5.5.1
      libMagickWand5-debuginfo-6.7.2.7-5.5.1
      perl-PerlMagick-6.7.2.7-5.5.1
      perl-PerlMagick-debuginfo-6.7.2.7-5.5.1

   - openSUSE 12.1 (x86_64):

      ImageMagick-devel-32bit-6.7.2.7-5.5.1
      libMagickCore5-32bit-6.7.2.7-5.5.1
      libMagickCore5-debuginfo-32bit-6.7.2.7-5.5.1
      libMagickWand5-32bit-6.7.2.7-5.5.1
      libMagickWand5-debuginfo-32bit-6.7.2.7-5.5.1

   - openSUSE 12.1 (noarch):

      ImageMagick-doc-6.7.2.7-5.5.1

   - openSUSE 12.1 (ia64):

      libMagickCore5-debuginfo-x86-6.7.2.7-5.5.1
      libMagickCore5-x86-6.7.2.7-5.5.1
      libMagickWand5-debuginfo-x86-6.7.2.7-5.5.1
      libMagickWand5-x86-6.7.2.7-5.5.1

   - openSUSE 11.4 (i586 x86_64):

      ImageMagick-6.6.5.8-8.71.1
      ImageMagick-debuginfo-6.6.5.8-8.71.1
      ImageMagick-debugsource-6.6.5.8-8.71.1
      ImageMagick-devel-6.6.5.8-8.71.1
      ImageMagick-extra-6.6.5.8-8.71.1
      ImageMagick-extra-debuginfo-6.6.5.8-8.71.1
      libMagick++-devel-6.6.5.8-8.71.1
      libMagick++4-6.6.5.8-8.71.1
      libMagick++4-debuginfo-6.6.5.8-8.71.1
      libMagickCore4-6.6.5.8-8.71.1
      libMagickCore4-debuginfo-6.6.5.8-8.71.1
      libMagickWand4-6.6.5.8-8.71.1
      libMagickWand4-debuginfo-6.6.5.8-8.71.1
      perl-PerlMagick-6.6.5.8-8.71.1
      perl-PerlMagick-debuginfo-6.6.5.8-8.71.1

   - openSUSE 11.4 (x86_64):

      libMagickCore4-32bit-6.6.5.8-8.71.1
      libMagickCore4-debuginfo-32bit-6.6.5.8-8.71.1
      libMagickWand4-32bit-6.6.5.8-8.71.1
      libMagickWand4-debuginfo-32bit-6.6.5.8-8.71.1

   - openSUSE 11.4 (noarch):

      ImageMagick-doc-6.6.5.8-8.71.1

   - openSUSE 11.4 (ia64):

      libMagickCore4-debuginfo-x86-6.6.5.8-8.71.1
      libMagickCore4-x86-6.6.5.8-8.71.1
      libMagickWand4-debuginfo-x86-6.6.5.8-8.71.1
      libMagickWand4-x86-6.6.5.8-8.71.1


References:

   http://support.novell.com/security/cve/CVE-2012-0247.html
   http://support.novell.com/security/cve/CVE-2012-0248.html
   http://support.novell.com/security/cve/CVE-2012-0259.html
   http://support.novell.com/security/cve/CVE-2012-0260.html
   http://support.novell.com/security/cve/CVE-2012-1185.html
   http://support.novell.com/security/cve/CVE-2012-1186.html
   http://support.novell.com/security/cve/CVE-2012-1610.html
   http://support.novell.com/security/cve/CVE-2012-1798.html
   https://bugzilla.novell.com/746880
   https://bugzilla.novell.com/752879
   https://bugzilla.novell.com/754749
   https://bugzilla.novell.com/758512
(Log in to post comments)