Mandriva update to ImageMagick [LWN.net]

From:		security-AT-mandriva.com
To:		security-announce-AT-mandrivalinux.org
Subject:		[Security Announce] [ MDKA-2006:031 ] - Updated ImageMagick packages fix infinite loop issue
Date:		Mon, 31 Jul 2006 19:15:00 -0600

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________
 
 Mandriva Linux Advisory                                   MDKA-2006:031
 http://www.mandriva.com/security/
 _______________________________________________________________________
 
 Package : ImageMagick
 Date    : July 31, 2006
 Affected: Corporate 3.0
 _______________________________________________________________________
 
 Problem Description:
 
 ImageMagick-5.5.7, in the ReadTIFFImage function, was found to be
 susceptible to a condition that consumes 100% of the system cpu
 if attempting to view a carefully crafted tif image using the 
 "display" or "identify" programs. This has already been addressed in 
 newer versions of ImageMagick and only effects the Corp3 products.
 
 The updated packages have been patched to correct these issues.
 _______________________________________________________________________

 References:
 
 http://qa.mandriva.com/show_bug.cgi?id=24016
 _______________________________________________________________________
 
 Updated Packages:
 
 Corporate 3.0:
 fd80fcd87b2b523efc8d9521b24feba2  corporate/3.0/RPMS/ImageMagick-5.5.7.15-6.6.C30mdk.i586.rpm
 78c17a0ffa5ccc30c4068efdfe736fc3  corporate/3.0/RPMS/ImageMagick-doc-5.5.7.15-6.6.C30mdk.i586.rpm
 371bdacaa57d02b7edb66a91fa70b632  corporate/3.0/RPMS/libMagick5.5.7-5.5.7.15-6.6.C30mdk.i586.rpm
 7e7c036756f56fc72602fb2812e9a2d1
corporate/3.0/RPMS/libMagick5.5.7-devel-5.5.7.15-6.6.C30mdk.i586.rpm
 ddee1bb640da67fa72cff2e92ebd4982  corporate/3.0/RPMS/perl-Magick-5.5.7.15-6.6.C30mdk.i586.rpm
 9cfbc88ac9d2fef00705d23e306393f5  corporate/3.0/SRPMS/ImageMagick-5.5.7.15-6.6.C30mdk.src.rpm

 Corporate 3.0/X86_64:
 27403874eba816c11b66e22434e88d80
x86_64/corporate/3.0/RPMS/ImageMagick-5.5.7.15-6.6.C30mdk.x86_64.rpm
 ea4dd6ab6e7d1441abdeb8d2090f9396
x86_64/corporate/3.0/RPMS/ImageMagick-doc-5.5.7.15-6.6.C30mdk.x86_64.rpm
 133cbbf96320273fe98d24e250577358
x86_64/corporate/3.0/RPMS/lib64Magick5.5.7-5.5.7.15-6.6.C30mdk.x86_64.rpm
 985816a4a57ff1eada9d9174c5746674
x86_64/corporate/3.0/RPMS/lib64Magick5.5.7-devel-5.5.7.15-6.6.C30mdk.x86_64.rpm
 4aba40f647d437541903485b48dbb92d
x86_64/corporate/3.0/RPMS/perl-Magick-5.5.7.15-6.6.C30mdk.x86_64.rpm
 9cfbc88ac9d2fef00705d23e306393f5
x86_64/corporate/3.0/SRPMS/ImageMagick-5.5.7.15-6.6.C30mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)

iD8DBQFEzpVFmqjQ0CJFipgRAjWCAKDgLuGqJ+Qhe166nl5I5wSdtf2lOgCfR7p2
na5luxlUSjVoO1E94MuSOF0=
=cIQX
-----END PGP SIGNATURE-----


To unsubscribe, send a email to sympa@mandrivalinux.org
with this subject : unsubscribe security-announce
_______________________________________________________
Want to buy your Pack or Services from Mandriva? 
Go to http://www.mandrivastore.com
Join the Club : http://www.mandrivaclub.com
_______________________________________________________
(Log in to post comments)