[USN-7-1] imagemagick vulnerability

• Previous message: Thierry Carrez: "[ GLSA 200410-28 ] rssh: Format string vulnerability"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Wed, 27 Oct 2004 02:52:42 +0200
To: ubuntu-security-announce@lists.ubuntu.com

===========================================================
Ubuntu Security Notice USN-7-1 October 27, 2004
imagemagick vulnerability
CAN-2004-0981
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 4.10 (Warty Warthog)

The following packages are affected:

libmagick6

The problem can be corrected by upgrading the affected package to
version 5:6.0.2.5-1ubuntu1.1. In general, a standard system upgrade is
sufficient to effect the necessary changes.

Details follow:

A buffer overflow in imagemagick's EXIF parsing routine has been
discovered in imagemagick versions prior to 6.1.0. Trying to query
EXIF information of a malicious image file might result in execution
of arbitrary code with the user's privileges.

Since imagemagick can be used in custom printing systems, this also
might lead to privilege escalation (execute code with the printer
spooler's privileges). However, Ubuntu's standard printing system does
not use imagemagick, thus there is no risk of privilege escalation in
a standard installation.

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/imagemagick_6.0.2.5-1ubuntu1.1.diff.gz
      Size/MD5: 128252 ec2de08007787f6dceb8048fa381c269
    http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/imagemagick_6.0.2.5-1ubuntu1.1.dsc
      Size/MD5: 874 fbd1bde2b883b5e1f6d3c3608baf97f2
    http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/imagemagick_6.0.2.5.orig.tar.gz
      Size/MD5: 6700454 207fdb75b6c106007cc483cf15e619ad

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/imagemagick_6.0.2.5-1ubuntu1.1_amd64.deb
      Size/MD5: 1365882 4a7e2a576a514058945e26a1fbfbaf61
    http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++6-dev_6.0.2.5-1ubuntu1.1_amd64.deb
      Size/MD5: 226096 8a0cb4adfa863f7917494539793cad37
    http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++6_6.0.2.5-1ubuntu1.1_amd64.deb
      Size/MD5: 160490 58a31d1a58a09e11135d6864afe07dd6
    http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick6-dev_6.0.2.5-1ubuntu1.1_amd64.deb
      Size/MD5: 1518994 1e261e47415a33e272c906c69b72be9f
    http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick6_6.0.2.5-1ubuntu1.1_amd64.deb
      Size/MD5: 1166704 334a3099dce3e9ca8aa5b450452339a9
    http://security.ubuntu.com/ubuntu/pool/universe/i/imagemagick/perlmagick_6.0.2.5-1ubuntu1.1_amd64.deb
      Size/MD5: 138348 9e58147cb448c7cb74916f5ff5638c52

  i386 architecture (x86 compatible Intel/AMD)

    http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/imagemagick_6.0.2.5-1ubuntu1.1_i386.deb
      Size/MD5: 1365782 da2ebba8bac45b8fb83033aa7d530c57
    http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++6-dev_6.0.2.5-1ubuntu1.1_i386.deb
      Size/MD5: 206254 9f762b26048e7ad4dc208834f6d77312
    http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++6_6.0.2.5-1ubuntu1.1_i386.deb
      Size/MD5: 162540 eb64e055ba51901960dde16af468bbdc
    http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick6-dev_6.0.2.5-1ubuntu1.1_i386.deb
      Size/MD5: 1425038 e50228507fdfbefcd6176b756040bca4
    http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick6_6.0.2.5-1ubuntu1.1_i386.deb
      Size/MD5: 1115170 8af906dc32e2dee6a5c171dc0444557f
    http://security.ubuntu.com/ubuntu/pool/universe/i/imagemagick/perlmagick_6.0.2.5-1ubuntu1.1_i386.deb
      Size/MD5: 136900 41773f2582175646942845dc28c44011

  powerpc architecture (Apple Macintosh G3/G4/G5)

    http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/imagemagick_6.0.2.5-1ubuntu1.1_powerpc.deb
      Size/MD5: 1371144 f0d39986f275d1119268da7affcc34e3
    http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++6-dev_6.0.2.5-1ubuntu1.1_powerpc.deb
      Size/MD5: 224970 15be8f07f8a697d6665f27d504dba9f1
    http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++6_6.0.2.5-1ubuntu1.1_powerpc.deb
      Size/MD5: 154292 386fca02c1a14d5e5376c1dde3b3cdbb
    http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick6-dev_6.0.2.5-1ubuntu1.1_powerpc.deb
      Size/MD5: 1659816 15078f23f6626d1ccb01ad6d2f6f58d6
    http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick6_6.0.2.5-1ubuntu1.1_powerpc.deb
      Size/MD5: 1151174 0d4aa571620cf6c27f6b5deaf392887c
    http://security.ubuntu.com/ubuntu/pool/universe/i/imagemagick/perlmagick_6.0.2.5-1ubuntu1.1_powerpc.deb
      Size/MD5: 135840 4b5d9556339726e1cb277abd0c2692f6

• application/pgp-signature attachment: Digital signature

• Previous message: Thierry Carrez: "[ GLSA 200410-28 ] rssh: Format string vulnerability"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]