[Full-disclosure] [FLSA-2005:152777] Updated ImageMagick packages fix security issues

From: Marc Deslauriers (marcdeslauriers_at_videotron.ca)
Date: 07/13/05

  • Next message: John Travolta: "Re: [Full-disclosure] [badroot security] Security Experts"
    Date: Tue, 12 Jul 2005 18:20:50 -0400
    To: bugtraq@securityfocus.com, full-disclosure@lists.grok.org.uk
    
    
    
    

    ---------------------------------------------------------------------
                   Fedora Legacy Update Advisory

    Synopsis: Updated ImageMagick packages fix security issues
    Advisory ID: FLSA:152777
    Issue date: 2005-07-12
    Product: Red Hat Linux, Fedora Core
    Keywords: Bugfix
    CVE Names: CAN-2003-0455 CAN-2004-0827 CAN-2004-0981
                       CAN-2005-0005 CAN-2005-0397 CAN-2005-0759
                       CAN-2005-0760 CAN-2005-0761 CAN-2005-0762
                       CAN-2005-1275 CAN-2005-1739
    ---------------------------------------------------------------------

    ---------------------------------------------------------------------
    1. Topic:

    Updated ImageMagick packages that fix multiple security vulnerabilities
    are now available.

    ImageMagick(TM) is an image display and manipulation tool for the X
    Window System.

    2. Relevant releases/architectures:

    Red Hat Linux 7.3 - i386
    Red Hat Linux 9 - i386
    Fedora Core 1 - i386
    Fedora Core 2 - i386

    3. Problem description:

    A temporary file handling bug has been found in ImageMagick's libmagick
    library. A local user could overwrite or create files as a different
    user if a program was linked with the vulnerable library. The Common
    Vulnerabilities and Exposures project (cve.mitre.org) has assigned the
    name CAN-2003-0455 to this issue.

    A heap overflow flaw has been discovered in the ImageMagick image
    handler. An attacker could create a carefully crafted BMP file in such
    a way that it could cause ImageMagick to execute arbitrary code when
    processing the image. The Common Vulnerabilities and Exposures project
    (cve.mitre.org) has assigned the name CAN-2004-0827 to this issue.

    A buffer overflow flaw was discovered in the ImageMagick image handler.
    An attacker could create a carefully crafted image file with an improper
    EXIF information in such a way that it would cause ImageMagick to
    execute arbitrary code when processing the image. The Common
    Vulnerabilities and Exposures project (cve.mitre.org) has assigned the
    name CAN-2004-0981 to this issue.

    Andrei Nigmatulin discovered a heap based buffer overflow flaw in the
    ImageMagick image handler. An attacker could create a carefully crafted
    Photoshop Document (PSD) image in such a way that it would cause
    ImageMagick to execute arbitrary code when processing the image. The
    Common Vulnerabilities and Exposures project (cve.mitre.org) has
    assigned the name CAN-2005-0005 to this issue.

    A format string bug was found in the way ImageMagick handles filenames.
    An attacker could execute arbitrary code on a victim's machine if they
    were able to trick the victim into opening a file with a specially
    crafted name. The Common Vulnerabilities and Exposures project
    (cve.mitre.org) has assigned the name CAN-2005-0397 to this issue.

    A bug was found in the way ImageMagick handles TIFF tags. It is possible
    that a TIFF image file with an invalid tag could cause ImageMagick to
    crash. The Common Vulnerabilities and Exposures project (cve.mitre.org)
    has assigned the name CAN-2005-0759 to this issue.

    A bug was found in ImageMagick's TIFF decoder. It is possible that a
    specially crafted TIFF image file could cause ImageMagick to crash. The
    Common Vulnerabilities and Exposures project (cve.mitre.org) has
    assigned the name CAN-2005-0760 to this issue.

    A bug was found in the way ImageMagick parses PSD files. It is possible
    that a specially crafted PSD file could cause ImageMagick to crash. The
    Common Vulnerabilities and Exposures project (cve.mitre.org) has
    assigned the name CAN-2005-0761 to this issue.

    A heap overflow bug was found in ImageMagick's SGI parser. It is
    possible that an attacker could execute arbitrary code by tricking a
    user into opening a specially crafted SGI image file. The Common
    Vulnerabilities and Exposures project (cve.mitre.org) has assigned the
    name CAN-2005-0762 to this issue.

    A heap based buffer overflow bug was found in the way ImageMagick parses
    PNM files. An attacker could execute arbitrary code on a victim's
    machine if they were able to trick the victim into opening a specially
    crafted PNM file. The Common Vulnerabilities and Exposures project
    (cve.mitre.org) has assigned the name CAN-2005-1275 to this issue.

    A denial of service bug was found in the way ImageMagick parses XWD
    files. A user or program executing ImageMagick to process a malicious
    XWD file can cause ImageMagick to enter an infinite loop causing a
    denial of service condition. The Common Vulnerabilities and Exposures
    project (cve.mitre.org) has assigned the name CAN-2005-1739 to this
    issue.

    Users of ImageMagick should upgrade to these updated packages, which
    contain backported patches, and are not vulnerable to these issues.

    4. Solution:

    Before applying this update, make sure all previously released errata
    relevant to your system have been applied.

    To update all RPMs for your particular architecture, run:

    rpm -Fvh [filenames]

    where [filenames] is a list of the RPMs you wish to upgrade. Only those
    RPMs which are currently installed will be updated. Those RPMs which
    are not installed but included in the list will not be updated. Note
    that you can also use wildcards (*.rpm) if your current directory *only*
    contains the desired RPMs.

    Please note that this update is also available via yum and apt. Many
    people find this an easier way to apply updates. To use yum issue:

    yum update

    or to use apt:

    apt-get update; apt-get upgrade

    This will start an interactive process that will result in the
    appropriate RPMs being upgraded on your system. This assumes that you
    have yum or apt-get configured for obtaining Fedora Legacy content.
    Please visit http://www.fedoralegacy.org/docs for directions on how to
    configure yum and apt-get.

    5. Bug IDs fixed:

    https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=152777

    6. RPMs required:

    Red Hat Linux 7.3:
    SRPM:
    http://download.fedoralegacy.org/redhat/7.3/updates/SRPMS/ImageMagick-5.4.3.11-12.7.x.legacy.src.rpm

    i386:
    http://download.fedoralegacy.org/redhat/7.3/updates/i386/ImageMagick-5.4.3.11-12.7.x.legacy.i386.rpm
    http://download.fedoralegacy.org/redhat/7.3/updates/i386/ImageMagick-c++-5.4.3.11-12.7.x.legacy.i386.rpm
    http://download.fedoralegacy.org/redhat/7.3/updates/i386/ImageMagick-c++-devel-5.4.3.11-12.7.x.legacy.i386.rpm
    http://download.fedoralegacy.org/redhat/7.3/updates/i386/ImageMagick-devel-5.4.3.11-12.7.x.legacy.i386.rpm
    http://download.fedoralegacy.org/redhat/7.3/updates/i386/ImageMagick-perl-5.4.3.11-12.7.x.legacy.i386.rpm

    Red Hat Linux 9:

    SRPM:
    http://download.fedoralegacy.org/redhat/9/updates/SRPMS/ImageMagick-5.4.7-18.legacy.src.rpm

    i386:
    http://download.fedoralegacy.org/redhat/9/updates/i386/ImageMagick-5.4.7-18.legacy.i386.rpm
    http://download.fedoralegacy.org/redhat/9/updates/i386/ImageMagick-c++-5.4.7-18.legacy.i386.rpm
    http://download.fedoralegacy.org/redhat/9/updates/i386/ImageMagick-c++-devel-5.4.7-18.legacy.i386.rpm
    http://download.fedoralegacy.org/redhat/9/updates/i386/ImageMagick-devel-5.4.7-18.legacy.i386.rpm
    http://download.fedoralegacy.org/redhat/9/updates/i386/ImageMagick-perl-5.4.7-18.legacy.i386.rpm

    Fedora Core 1:

    SRPM:
    http://download.fedoralegacy.org/fedora/1/updates/SRPMS/ImageMagick-5.5.6-13.legacy.src.rpm

    i386:
    http://download.fedoralegacy.org/fedora/1/updates/i386/ImageMagick-5.5.6-13.legacy.i386.rpm
    http://download.fedoralegacy.org/fedora/1/updates/i386/ImageMagick-c++-5.5.6-13.legacy.i386.rpm
    http://download.fedoralegacy.org/fedora/1/updates/i386/ImageMagick-c++-devel-5.5.6-13.legacy.i386.rpm
    http://download.fedoralegacy.org/fedora/1/updates/i386/ImageMagick-devel-5.5.6-13.legacy.i386.rpm
    http://download.fedoralegacy.org/fedora/1/updates/i386/ImageMagick-perl-5.5.6-13.legacy.i386.rpm

    Fedora Core 2:

    SRPM:
    http://download.fedoralegacy.org/fedora/2/updates/SRPMS/ImageMagick-6.2.0.7-2.fc2.4.legacy.src.rpm

    i386:
    http://download.fedoralegacy.org/fedora/2/updates/i386/ImageMagick-6.2.0.7-2.fc2.4.legacy.i386.rpm
    http://download.fedoralegacy.org/fedora/2/updates/i386/ImageMagick-c++-6.2.0.7-2.fc2.4.legacy.i386.rpm
    http://download.fedoralegacy.org/fedora/2/updates/i386/ImageMagick-c++-devel-6.2.0.7-2.fc2.4.legacy.i386.rpm
    http://download.fedoralegacy.org/fedora/2/updates/i386/ImageMagick-devel-6.2.0.7-2.fc2.4.legacy.i386.rpm
    http://download.fedoralegacy.org/fedora/2/updates/i386/ImageMagick-perl-6.2.0.7-2.fc2.4.legacy.i386.rpm

    7. Verification:

    SHA1 sum Package Name
    ---------------------------------------------------------------------

    7b27cf41597ccc41f50f5f3fd26a3c6cb1909bdd
    redhat/7.3/updates/i386/ImageMagick-5.4.3.11-12.7.x.legacy.i386.rpm
    83414dfc20fff160d3b1c4a695658e331c0d3377
    redhat/7.3/updates/i386/ImageMagick-c++-5.4.3.11-12.7.x.legacy.i386.rpm
    9d3a2639f252fcc0630577e8472363095c94b593
    redhat/7.3/updates/i386/ImageMagick-c++-devel-5.4.3.11-12.7.x.legacy.i386.rpm
    a45ea97141ccce7c7341bb71c45253b43b11f7f8
    redhat/7.3/updates/i386/ImageMagick-devel-5.4.3.11-12.7.x.legacy.i386.rpm
    15f0d5eb36b9aa9a747ac5dbef8711ce5ad4cd72
    redhat/7.3/updates/i386/ImageMagick-perl-5.4.3.11-12.7.x.legacy.i386.rpm
    05387637ee1ebca6c8be0a53c6e13d9823a69b49
    redhat/7.3/updates/SRPMS/ImageMagick-5.4.3.11-12.7.x.legacy.src.rpm
    a6308b069f58c6360005ea56f3feb47eaae3bd65
    redhat/9/updates/i386/ImageMagick-5.4.7-18.legacy.i386.rpm
    9f489f4e8e8b806a9633bb919f1d6c86717b7f27
    redhat/9/updates/i386/ImageMagick-c++-5.4.7-18.legacy.i386.rpm
    889cc1c0ac6d8a467d5af14f7e8d7b0e6f20d8ac
    redhat/9/updates/i386/ImageMagick-c++-devel-5.4.7-18.legacy.i386.rpm
    7e88b3ec777a2389778b8dc872893a145a18f84b
    redhat/9/updates/i386/ImageMagick-devel-5.4.7-18.legacy.i386.rpm
    b08d36cd4582a49599ae8d74c89996d154462f85
    redhat/9/updates/i386/ImageMagick-perl-5.4.7-18.legacy.i386.rpm
    a5af8dee9a7b06b0bc1b21e5765496cfd1ef7783
    redhat/9/updates/SRPMS/ImageMagick-5.4.7-18.legacy.src.rpm
    893208f6a36ec085645e3bf355b6bd4d7f4385c0
    fedora/1/updates/i386/ImageMagick-5.5.6-13.legacy.i386.rpm
    2ceb1c41c4b6e326e1b936eb5400350ab4ff6e31
    fedora/1/updates/i386/ImageMagick-c++-5.5.6-13.legacy.i386.rpm
    d30be986c274be4ed48f242c9e110fab67b242a5
    fedora/1/updates/i386/ImageMagick-c++-devel-5.5.6-13.legacy.i386.rpm
    2bd96e8c2282b2679c2b667392c406d5907bdf0b
    fedora/1/updates/i386/ImageMagick-devel-5.5.6-13.legacy.i386.rpm
    2a3c951dad27669d92b2d96def0a7c99af1ae5e2
    fedora/1/updates/i386/ImageMagick-perl-5.5.6-13.legacy.i386.rpm
    6140077bd02c06b986324ece6d8c13dc57ce7b16
    fedora/1/updates/SRPMS/ImageMagick-5.5.6-13.legacy.src.rpm
    54d9009c07aeb2fcf9bf229261db01dab803dc60
    fedora/2/updates/i386/ImageMagick-6.2.0.7-2.fc2.4.legacy.i386.rpm
    ad54fd8a3e168a327d3132180d203e1e9d1cb5d9
    fedora/2/updates/i386/ImageMagick-c++-6.2.0.7-2.fc2.4.legacy.i386.rpm
    6c5e6d0b1e190d7eb3e04caa348544f40a0be1c3
    fedora/2/updates/i386/ImageMagick-c++-devel-6.2.0.7-2.fc2.4.legacy.i386.rpm
    c57f484f174292c09b8dc5926e69a78b3f01b203
    fedora/2/updates/i386/ImageMagick-devel-6.2.0.7-2.fc2.4.legacy.i386.rpm
    74bb46945e783a9ffc8d2299924496a5f4334d79
    fedora/2/updates/i386/ImageMagick-perl-6.2.0.7-2.fc2.4.legacy.i386.rpm
    00ca9b91408f73c74d7574b4cf1247d8f6cf8749
    fedora/2/updates/SRPMS/ImageMagick-6.2.0.7-2.fc2.4.legacy.src.rpm

    These packages are GPG signed by Fedora Legacy for security. Our key is
    available from http://www.fedoralegacy.org/about/security.php

    You can verify each package with the following command:

        rpm --checksig -v <filename>

    If you only wish to verify that each package has not been corrupted or
    tampered with, examine only the sha1sum with the following command:

        sha1sum <filename>

    8. References:

    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0455
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0827
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0981
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0005
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0397
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0759
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0760
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0761
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0762
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1275
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1739

    9. Contact:

    The Fedora Legacy security contact is <secnotice@fedoralegacy.org>. More
    project details at http://www.fedoralegacy.org

    ---------------------------------------------------------------------

    
    

    
    

    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.grok.org.uk/full-disclosure-charter.html
    Hosted and sponsored by Secunia - http://secunia.com/



  • Next message: John Travolta: "Re: [Full-disclosure] [badroot security] Security Experts"

    Relevant Pages