User: Password:
|
|
Subscribe / Log in / New account

Fedora alert FEDORA-2006-1285 (ImageMagick)

From:  "Norm Murray" <nmurray@redhat.com>
To:  fedora-package-announce@redhat.com
Subject:  [SECURITY] Fedora Core 6 Update: ImageMagick-6.2.8.0-3.fc6.1
Date:  Wed, 22 Nov 2006 11:24:00 -0500

--------------------------------------------------------------------- Fedora Update Notification FEDORA-2006-1285 2006-11-22 --------------------------------------------------------------------- Product : Fedora Core 6 Name : ImageMagick Version : 6.2.8.0 Release : 3.fc6.1 Summary : An X application for displaying and manipulating images. Description : ImageMagick(TM) is an image display and manipulation tool for the X Window System. ImageMagick can read and write JPEG, TIFF, PNM, GIF, and Photo CD image formats. It can resize, rotate, sharpen, color reduce, or add special effects to an image, and when finished you can either save the completed work in the original format or a different one. ImageMagick also includes command line programs for creating animated or transparent .gifs, creating composite images, creating thumbnail images, and more. ImageMagick is one of your choices if you need a program to manipulate and dis play images. If you want to develop your own applications which use ImageMagick code or APIs, you need to install ImageMagick-devel as well. --------------------------------------------------------------------- Update Information: Security update fixing possible overflows in handling of PALM and DCM images. --------------------------------------------------------------------- * Wed Nov 15 2006 Norm Murray <nmurray@redhat.com> - 6.2.8.0-3.fc6.1 - fix more overflows (#210921, CVE-2006-5456) * Wed Aug 23 2006 Matthias Clasen <mclasen@redhat.com> - 6.2.8.0-3.fc6 - fix several integer and buffer overflows (#202193, CVE-2006-3743) - fix more integer overflows (#202771, CVE-2006-4144) * Mon Jul 24 2006 Matthias Clasen <mclasen@redhat.com> - 6.2.8.0-2 - Add missing BRs * Wed Jul 12 2006 Jesse Keating <jkeating@redhat.com> - 6.2.8.0-1.1 - rebuild * Fri Jun 9 2006 Matthias Clasen <mclasen@redhat.com> - 6.2.8-1 - Update to 6.2.8 * Fri Jun 2 2006 Matthias Clasen <mclasen@redhat.com> - 6.2.5.4-7 - Fix multilib issues * Thu May 25 2006 Matthias Clasen <mclasen@redhat.com> - 6.2.5.4-6 - Fix a heap overflow CVE-2006-2440 (#192279) - Include required .la files * Mon Mar 20 2006 Matthias Clasen <mclasen@redhat.com> - 6.2.5.4-5 - Don't ship .la and .a files (#185237) * Mon Feb 13 2006 Jesse Keating <jkeating@redhat.com> - 6.2.5.4-4.2.1 - rebump for build order issues during double-long bump * Fri Feb 10 2006 Jesse Keating <jkeating@redhat.com> - 6.2.5.4-4.2 - bump again for double-long bug on ppc(64) * Tue Feb 7 2006 Jesse Keating <jkeating@redhat.com> - 6.2.5.4-4.1 - rebuilt for new gcc4.1 snapshot and glibc changes * Mon Jan 30 2006 Matthias Clasen <mclasen@redhat.com> 6.2.5.4-4 - Make -devel require lcms-devel (#179200) * Mon Jan 23 2006 Matthias Clasen <mclasen@redhat.com> 6.2.5.4-3 - Fix linking of DSOs. (#176695) * Mon Jan 9 2006 Matthias Clasen <mclasen@redhat.com> 6.2.5.4-2 - fix a format string vulnerability (CVE-2006-0082) * Fri Dec 9 2005 Jesse Keating <jkeating@redhat.com> - rebuilt * Tue Nov 1 2005 Matthias Clasen <mclasen@redhat.com> 6.2.5.4-1 - Switch requires to modular X - Update to 6.2.5 * Tue Sep 20 2005 Matthias Clasen <mclasen@redhat.com> 6.2.4.6-1 - Update to 6.2.4-6 - Drop upstreamed patches - Disable DPS (#158984) - Add missing requires (#165931) * Thu Jun 9 2005 Tim Waugh <twaugh@redhat.com> 6.2.2.0-4 - Rebuilt for fixed ghostscript. * Mon Jun 6 2005 Tim Waugh <twaugh@redhat.com> 6.2.2.0-3 - Rebuilt for new ghostscript. * Thu May 26 2005 <mclasen@redhat.com> - 6.2.2.0-2 - fix a denial of service in the xwd coder (#158791, CAN-2005-1739) * Tue Apr 26 2005 Matthias Clasen <mclasen@redhat.com> - 6.2.2.0-1 - Update to 6.2.2 to fix a heap corruption issue in the pnm coder. * Mon Apr 25 2005 Matthias Clasen <mclasen@redhat.com> - 6.2.1.7-4 - .la files for modules are needed, actually * Mon Apr 25 2005 Matthias Clasen <mclasen@redhat.com> - 6.2.1.7-3 - Really remove .la files for modules * Mon Apr 25 2005 <mclasen@redhat.com> - 6.2.1.7-1 - Update to 6.2.1 - Include multiple improvements and bugfixes by Rex Dieter et al (111961, 145466, 151196, 149970, 146518, 113951, 145449, 144977, 144570, 139298) * Sun Apr 24 2005 <mclasen@redhat.com> - 6.2.0.7-3 - Make zip compression work for tiff (#154045) * Wed Mar 16 2005 <mclasen@redhat.com> - 6.2.0.7-2 - Update to 6.2.0 to fix a number of security issues: - Drop a lot of upstreamed patches * Wed Mar 2 2005 Matthias Clasen <mclasen@redhat.com> 6.0.7.1-7 - rebuild with gcc4 - remove an extraneous vsnprintf prototype which causes gcc4 to complain * Mon Oct 11 2004 Tim Waugh <twaugh@redhat.com> 6.0.7.1-4 - The devel subpackage requires XFree86-devel (bug #126509). - Fixed build requirements (bug #120776). From Robert Scheck. * Tue Sep 14 2004 Karsten Hopp <karsten@redhat.de> 6.0.7.1-3 - move *.mgk files (#132007, #131708, #132397) * Sun Sep 12 2004 Karsten Hopp <karsten@redhat.de> 6.0.7.1-1 - update to 6.0.7 Patchlevel 1, fixes #132106 * Sat Sep 4 2004 Bill Nottingham <notting@redhat.com> 6.0.6.2-2 - move libWand out of -devel, fix requirements (#131767) * Wed Sep 1 2004 Karsten Hopp <karsten@redhat.de> 6.0.6.2-1 - update to latest stable version - get rid of obsolete patches - fix remaining patches * Sat Jun 19 2004 Alan Cox <alan@redhat.com> - Easyfixes (#124791) - fixed missing dependancy between -devel and libexif-devel * Tue Jun 15 2004 Elliot Lee <sopwith@redhat.com> - rebuilt * Tue Mar 23 2004 Karsten Hopp <karsten@redhat.de> 5.5.7.15-1.3 - freetype patch to fix convert (#115716) * Tue Mar 2 2004 Elliot Lee <sopwith@redhat.com> - rebuilt * Fri Feb 13 2004 Elliot Lee <sopwith@redhat.com> - rebuilt * Sun Jan 25 2004 Nils Philippsen <nphilipp@redhat.com> 5.5.7.15-0.2 - make perl module link against the built library instead of the installed one * Thu Jan 22 2004 Nils Philippsen <nphilipp@redhat.com> 5.5.7.15-0.1 - version 5.5.7 patchlevel 15 * Mon Oct 13 2003 Nils Philippsen <nphilipp@redhat.com> 5.5.7.10-0.1 - rebuild with release 0.1 to not block an official update package * Wed Sep 10 2003 Nils Philippsen <nphilipp@redhat.com> 5.5.7.10-2 - hack around libtool stupidity - disable automake patch as we require automake-1.7 anyway * Wed Sep 10 2003 Nils Philippsen <nphilipp@redhat.com> 5.5.7.10-1 - version 5.5.7 patchlevel 10 * Wed Jun 4 2003 Elliot Lee <sopwith@redhat.com> - rebuilt * Thu May 29 2003 Tim Powers <timp@redhat.com> -4 - rebuild for RHEL to fix broken deps * Thu May 15 2003 Tim Powers <timp@redhat.com> 5.5.6-3 - rebuild again to fix broken dep on libMagick.so.5 * Mon May 12 2003 Karsten Hopp <karsten@redhat.de> 5.5.6-2 - rebuild * Fri May 9 2003 Karsten Hopp <karsten@redhat.de> 5.5.6-1 - update - specfile fixes - verified that the upstream version fixes the following bugreports: * Wed Jan 22 2003 Tim Powers <timp@redhat.com> - rebuilt * Sat Jan 4 2003 Jeff Johnson <jbj@redhat.com> 5.4.7-9 - use internal dep generator. * Mon Dec 16 2002 Tim Powers <timp@redhat.com> 5.4.7-8 - rebuild * Sat Dec 14 2002 Tim Powers <timp@redhat.com> 5.4.7-7 - don't use rpms internal dep generator * Fri Nov 22 2002 Tim Powers <timp@redhat.com> - fix perl paths in file list * Thu Nov 21 2002 Tim Powers <timp@redhat.com> - lib64'ize - don't throw stuff in /usr/X11R6, that's for X only - remove files we aren't shipping * Sat Aug 10 2002 Elliot Lee <sopwith@redhat.com> - rebuilt with gcc-3.2 (we hope) * Tue Jul 23 2002 Tim Powers <timp@redhat.com> 5.4.7-4 - build using gcc-3.2-0.1 * Wed Jul 3 2002 Karsten Hopp <karsten@redhat.de> 5.4.7-3 - fix non-cpp headers in -devel package - fix #62157 (wrong path for include files in ImageMagick-devel) - fix #63897 (use _target instead of _arch) in libtool workaround - fix #65860, #65780 (tiff2ps) expands images to >10 MB Postscript files. * Mon Jul 1 2002 Karsten Hopp <karsten@redhat.de> 5.4.7-1 - update - fix localdoc patch - fix %files section - disable nonroot patch - fix #62100,55950,62162,63136 (display doesn't start form gnome menu) - fix libtool workaround - moved Magick*-config into -devel package (#64249) * Sun May 26 2002 Tim Powers <timp@redhat.com> - automated rebuild * Mon May 6 2002 Bernhard Rosenkraenzer <bero@redhat.com> 5.4.6-1 - 5.4.6 * Thu Mar 14 2002 Bernhard Rosenkraenzer <bero@redhat.com> 5.4.3.11-1 - Update to pl 11 * Fri Feb 22 2002 Bernhard Rosenkraenzer <bero@redhat.com> 5.4.3.5-1 - Update to 5.4.3 pl5; this fixes #58080 * Thu Jan 17 2002 Bernhard Rosenkraenzer <bero@redhat.com> 5.4.2.3-1 - Patchlevel 3 * Wed Jan 9 2002 Tim Powers <timp@redhat.com> - automated rebuild * Fri Jan 4 2002 Bernhard Rosenkraenzer <bero@redhat.com> 5.4.2.2-1 - Update to 5.4.2-2 - Fix #57923, also don't hardcode netscape as html viewer * Wed Dec 5 2001 Bernhard Rosenkraenzer <bero@redhat.com> 5.4.1-1 - 5.4.1 - Link against new libstdc++ * Fri Nov 9 2001 Bernhard Rosenkraenzer <bero@redhat.com> 5.4.0.5-1 - 5.4.0.5 - Make the error message when trying to display an hpgl file more explicit (#55875) * Mon Nov 5 2001 Bernhard Rosenkraenzer <bero@redhat.com> 5.4.0.3-1 - 5.4.0.3 - Fix names of man pages * Mon Oct 22 2001 Bernhard Rosenkraenzer <bero@redhat.com> 5.4.0-1 - 5.4.0 - work around build system breakage causing applications to be named ppc-redhat-linux-foo rather than foo * Wed Sep 19 2001 Bernhard Rosenkraenzer <bero@redhat.com> 5.3.9-1 - 5.3.9 * Mon Aug 27 2001 Bernhard Rosenkraenzer <bero@redhat.com> 5.3.8-3 - Add delegates.mgk back, got lost during the update to 5.3.8 (Makefile bug) (#52611) * Mon Aug 20 2001 Bernhard Rosenkraenzer <bero@redhat.com> 5.3.8-2 - Remove Magick++ includes from -devel, they're already in -c++-devel (#51590) * Sat Jul 28 2001 Bernhard Rosenkraenzer <bero@redhat.com> 5.3.8-1 - 5.3.8 (bugfix release) * Fri Jul 27 2001 Than Ngo <than@redhat.com> 5.3.7-3 - fix to build Perlmagic on s390 s390x * Thu Jul 26 2001 Bernhard Rosenkraenzer <bero@redhat.com> 5.3.7-2 - Add delegates.mgk to the package (#50725) * Tue Jul 24 2001 Bernhard Rosenkraenzer <bero@redhat.com> 5.3.7-1 - 5.3.7 - Fix build without previously installed ImageMagick-devel (#49816) - Move perl bindings to a separate package. * Mon Jul 9 2001 Bernhard Rosenkraenzer <bero@redhat.com> 5.3.6-2 - Fix build as non-root again - Shut up rpmlint * Tue Jul 3 2001 Bernhard Rosenkraenzer <bero@redhat.com> 5.3.6-1 - 5.3.6 - Get rid of the ia64 patch, it's no longer needed since glibc was fixed * Sat Jun 16 2001 Than Ngo <than@redhat.com> - update to 5.3.5 - cleanup specfile * Sat May 19 2001 Bernhard Rosenkraenzer <bero@redhat.com> 5.3.3-2 - 5.3.3-respin, fixes #41196 * Tue May 1 2001 Bernhard Rosenkraenzer <bero@redhat.com> 5.3.3-1 - 5.3.3 - Add a desktop file for "display" (RFE#17417) * Sun Apr 15 2001 Bernhard Rosenkraenzer <bero@redhat.com> - 5.3.2 - work around bugs in ia64 glibc headers * Mon Jan 8 2001 Florian La Roche <Florian.LaRoche@redhat.de> - remove patch for s390, it is not necessary * Mon Jan 1 2001 Bernhard Rosenkraenzer <bero@redhat.com> - 5.2.7 * Wed Dec 27 2000 Bernhard Rosenkraenzer <bero@redhat.com> - 5.2.6 * Mon Dec 18 2000 Than Ngo <than@redhat.com> - ported to s390 * Mon Sep 25 2000 Bernhard Rosenkraenzer <bero@redhat.com> - 5.2.4 - Fix up and package the C++ bindings in the new c++/c++-devel packages. * Wed Aug 2 2000 Matt Wilson <msw@redhat.com> - rebuild against new libpng * Wed Jul 19 2000 Nalin Dahyabhai <nalin@redhat.com> - include images with docs (#10312) * Thu Jul 13 2000 Matt Wilson <msw@redhat.com> - don't build with -ggdb, use -g instead. * Wed Jul 12 2000 Prospector <bugzilla@redhat.com> - automatic rebuild * Mon Jul 3 2000 Florian La Roche <laroche@redhat.com> - update to 5.2.2 beta * Mon Jul 3 2000 Florian La Roche <laroche@redhat.com> - update to 5.2.1, redone patches as they failed * Fri Jun 30 2000 Matt Wilson <msw@redhat.com> - remove hacks to move perl man pages - don't include the perl*/man stuff, these files go in /usr/share/man now. * Thu Jun 15 2000 Nalin Dahyabhai <nalin@redhat.com> - disable optimization on Alpha and Sparc * Wed Jun 14 2000 Nalin Dahyabhai <nalin@redhat.com> - update to 5.2.0 - update URL - remove redundant CXXFLAGS=$RPM_OPT_FLAGS * Thu Jun 1 2000 Matt Wilson <msw@redhat.com> - bootstrap rebuilt to nuke broken libbz2 deps - add Prefix: tag such that the FHS macros work properly * Wed May 17 2000 Trond Eivind Glomsrød <teg@redhat.com> - now compiles with bzip2 1.0 - changed buildroot to include version * Fri May 5 2000 Bill Nottingham <notting@redhat.com> - fix compilation with new perl * Sat Mar 18 2000 Bernhard Rosenkraenzer <bero@redhat.com> - 5.1.1 * Thu Feb 3 2000 Bernhard Rosenkraenzer <bero@redhat.com> - Rebuild to get compressed man pages * Thu Nov 18 1999 Michael K. Johnson <johnsonm@redhat.com> - ugly hack to print with lpr instead of lp * Mon Aug 30 1999 Bill Nottingham <notting@redhat.com> - update to 4.2.9 * Tue Aug 17 1999 Bill Nottingham <notting@redhat.com> - update to 4.2.8 * Fri Apr 9 1999 Cristian Gafton <gafton@redhat.com> - include the perl man pages as well * Tue Apr 6 1999 Michael K. Johnson <johnsonm@redhat.com> - remove --enable-16bit because it damages interoperability * Mon Apr 5 1999 Bill Nottingham <notting@redhat.com> - update to 4.2.2 - change ChangeLog to refer to actual dates. - strip binaries * Thu Apr 1 1999 Bill Nottingham <notting@redhat.com> - add more files. Oops. * Sun Mar 21 1999 Cristian Gafton <gafton@redhat.com> - auto rebuild in the new build environment (release 2) * Wed Mar 10 1999 Bill Nottingham <notting@redhat.com> - version 4.2.1 * Tue Jan 19 1999 Michael K. Johnson <johnsonm@redhat.com> - changed group * Tue Jan 19 1999 Cristian Gafton <gafton@redhat.com> - hacks to make it work with the new perl - version 4.1.0 (actually installs the sonames as 4.0.10... doh!) - make sure the libraries have the x bit on * Wed Jun 10 1998 Prospector System <bugs@redhat.com> - translations modified for de, fr * Thu May 7 1998 Prospector System <bugs@redhat.com> - translations modified for de, fr, tr * Tue Apr 21 1998 Cristian Gafton <gafton@redhat.com> - updated to 4.0.5 * Wed Apr 8 1998 Cristian Gafton <gafton@redhat.com> - updated to 4.0.4 - added BuildRoot * Thu Oct 23 1997 Donnie Barnes <djb@redhat.com> - updated from 3.8.3 to 3.9.1 - removed PNG patch (appears to be fixed) * Wed Oct 15 1997 Erik Troan <ewt@redhat.com> - build against new libpng * Thu Jul 10 1997 Erik Troan <ewt@redhat.com> - built against glibc * Thu Mar 20 1997 Michael Fulbright <msf@redhat.com> - updated to version 3.8.3. - updated source and url tags. --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/u... bd778974f50b7bd90eb0e0f5719dc7ab2dc31e30 SRPMS/ImageMagick-6.2.8.0-3.fc6.1.src.rpm bd778974f50b7bd90eb0e0f5719dc7ab2dc31e30 noarch/ImageMagick-6.2.8.0-3.fc6.1.src.rpm 101eb23d4641351d9f6337ecf1acfa8ab0161306 ppc/debug/ImageMagick-debuginfo-6.2.8.0-3.fc6.1.ppc.rpm e78f62889cd2b5968e7c129c3b1e5b2c94851a80 ppc/ImageMagick-c++-devel-6.2.8.0-3.fc6.1.ppc.rpm bbf7de1a2d8a55b104f867f14d4206d57a60c713 ppc/ImageMagick-perl-6.2.8.0-3.fc6.1.ppc.rpm 6a94c1ff21f63c2f227970033c2899a66e0a30cc ppc/ImageMagick-c++-6.2.8.0-3.fc6.1.ppc.rpm b7e415e1ca29791af7dc8c8b841fc49d6814f64a ppc/ImageMagick-devel-6.2.8.0-3.fc6.1.ppc.rpm 8233ebaeca2073931414d7dbe4a35a5f970526e2 ppc/ImageMagick-6.2.8.0-3.fc6.1.ppc.rpm 07d88dba255b6cdcf7527341be5e1a5d449bb646 x86_64/ImageMagick-c++-devel-6.2.8.0-3.fc6.1.x86_64.rpm 50ba7d52e9bb870d591a4a2d03239a92c6e79088 x86_64/ImageMagick-perl-6.2.8.0-3.fc6.1.x86_64.rpm 98fac1368c3684c7863b7b939b1efaa4af6b57ad x86_64/debug/ImageMagick-debuginfo-6.2.8.0-3.fc6.1.x86_64.rpm 1014d4dbdd08c141bf8b1ff65e313e59b9f6f7f7 x86_64/ImageMagick-devel-6.2.8.0-3.fc6.1.x86_64.rpm f086eb7b9c5cfa13116e45cb00c38e41f7d36dab x86_64/ImageMagick-c++-6.2.8.0-3.fc6.1.x86_64.rpm cac8707d1582b854421ceb6f098a68eba2ffd8af x86_64/ImageMagick-6.2.8.0-3.fc6.1.x86_64.rpm b91b9b77605b2a2fb5e5a76333105049d8e4ffd9 i386/ImageMagick-6.2.8.0-3.fc6.1.i386.rpm 226933a8b544ea12c82324abe454afe3e4fb34a0 i386/ImageMagick-devel-6.2.8.0-3.fc6.1.i386.rpm 4409d0d5a6bdb9e0c8599ab0c1f56ecd94739a84 i386/ImageMagick-c++-6.2.8.0-3.fc6.1.i386.rpm d9597f4176469dda88315e927104e8b9bf901ad9 i386/debug/ImageMagick-debuginfo-6.2.8.0-3.fc6.1.i386.rpm 3dced5a46c3c5679202a92c913067636e2a94967 i386/ImageMagick-perl-6.2.8.0-3.fc6.1.i386.rpm 25eaca9e8a0567d1526482fa5da41541966fdc18 i386/ImageMagick-c++-devel-6.2.8.0-3.fc6.1.i386.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/. --------------------------------------------------------------------- _______________________________________________ Fedora-package-announce mailing list Fedora-package-announce@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-ann...


(Log in to post comments)


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds