ImageMagick security update
| Advisory: | RHSA-2004:480-05 |
|---|---|
| Type: | Security Advisory |
| Severity: | Important |
| Issued on: | 2004-10-20 |
| Last updated on: | 2004-10-20 |
| Affected Products: | Red Hat Desktop (v. 3) Red Hat Enterprise Linux AS (v. 3) Red Hat Enterprise Linux ES (v. 3) Red Hat Enterprise Linux WS (v. 3) |
| CVEs (cve.mitre.org): |
CVE-2004-0827 |
Details
Updated ImageMagick packages that fix a BMP loader vulnerability are now
available.
ImageMagick(TM) is an image display and manipulation tool for the X Window
System.
A heap overflow flaw has been discovered in the ImageMagick image handler.
An attacker could create a carefully crafted BMP file in such a way that it
could cause ImageMagick to execute arbitrary code when processing the
image. The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CAN-2004-0827 to this issue.
Users of ImageMagick should upgrade to this updated package, which contains
a backported patch, and is not vulnerable to this issue.
Solution
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied. Use Red Hat
Network to download and update your packages. To launch the Red Hat
Update Agent, use the following command:
up2date
For information on how to install packages manually, refer to the
following Web page for the System Administration or Customization
guide specific to your system:
http://www.redhat.com/docs/manuals/enterprise/
errata relevant to your system have been applied. Use Red Hat
Network to download and update your packages. To launch the Red Hat
Update Agent, use the following command:
up2date
For information on how to install packages manually, refer to the
following Web page for the System Administration or Customization
guide specific to your system:
http://www.redhat.com/docs/manuals/enterprise/
Updated packages
| Red Hat Desktop (v. 3) | |
| SRPMS: | |
| ImageMagick-5.5.6-6.src.rpm File outdated by: RHSA-2008:0145 |
MD5: 045e0e91f0ed8f8dec140bf3747b4077 |
| ImageMagick-5.5.6-6.src.rpm File outdated by: RHSA-2008:0145 |
MD5: 045e0e91f0ed8f8dec140bf3747b4077 |
| IA-32: | |
| ImageMagick-5.5.6-6.i386.rpm File outdated by: RHSA-2008:0145 |
MD5: 10ce65b271a96aa9936dde261101950f |
| ImageMagick-c++-5.5.6-6.i386.rpm File outdated by: RHSA-2008:0145 |
MD5: 77116e9d76af4794f483762d9f20e4ea |
| ImageMagick-c++-devel-5.5.6-6.i386.rpm File outdated by: RHSA-2008:0145 |
MD5: 57ec4d864f39319124aec5f5e4b43280 |
| ImageMagick-devel-5.5.6-6.i386.rpm File outdated by: RHSA-2008:0145 |
MD5: ae1f3e70590fffb590956d8fdce9bfcc |
| ImageMagick-perl-5.5.6-6.i386.rpm File outdated by: RHSA-2008:0145 |
MD5: 9d5f480fdd133748dcddc33a763d490f |
| x86_64: | |
| ImageMagick-5.5.6-6.x86_64.rpm File outdated by: RHSA-2008:0145 |
MD5: ac2398a57cf51e8a69dd8c5390f59ff9 |
| ImageMagick-c++-5.5.6-6.x86_64.rpm File outdated by: RHSA-2008:0145 |
MD5: 16d4ae779d2ef69aea9d863725022a21 |
| ImageMagick-c++-devel-5.5.6-6.x86_64.rpm File outdated by: RHSA-2008:0145 |
MD5: 30c42ec86f195228c268c24001f45c9a |
| ImageMagick-devel-5.5.6-6.x86_64.rpm File outdated by: RHSA-2008:0145 |
MD5: b1f941d2a971a417d858ff32f188bf6c |
| ImageMagick-perl-5.5.6-6.x86_64.rpm File outdated by: RHSA-2008:0145 |
MD5: 4dea1aa57f513c5e84c3900d455a4637 |
| Red Hat Enterprise Linux AS (v. 3) | |
| SRPMS: | |
| ImageMagick-5.5.6-6.src.rpm File outdated by: RHSA-2008:0145 |
MD5: 045e0e91f0ed8f8dec140bf3747b4077 |
| ImageMagick-5.5.6-6.src.rpm File outdated by: RHSA-2008:0145 |
MD5: 045e0e91f0ed8f8dec140bf3747b4077 |
| IA-32: | |
| ImageMagick-5.5.6-6.i386.rpm File outdated by: RHSA-2008:0145 |
MD5: 10ce65b271a96aa9936dde261101950f |
| ImageMagick-c++-5.5.6-6.i386.rpm File outdated by: RHSA-2008:0145 |
MD5: 77116e9d76af4794f483762d9f20e4ea |
| ImageMagick-c++-devel-5.5.6-6.i386.rpm File outdated by: RHSA-2008:0145 |
MD5: 57ec4d864f39319124aec5f5e4b43280 |
| ImageMagick-devel-5.5.6-6.i386.rpm File outdated by: RHSA-2008:0145 |
MD5: ae1f3e70590fffb590956d8fdce9bfcc |
| ImageMagick-perl-5.5.6-6.i386.rpm File outdated by: RHSA-2008:0145 |
MD5: 9d5f480fdd133748dcddc33a763d490f |
| IA-64: | |
| ImageMagick-5.5.6-6.ia64.rpm File outdated by: RHSA-2008:0145 |
MD5: e20e8750e25c70bbb816e927f630c267 |
| ImageMagick-c++-5.5.6-6.ia64.rpm File outdated by: RHSA-2008:0145 |
MD5: 3116fc8ca9bd813065000825ab3a1bad |
| ImageMagick-c++-devel-5.5.6-6.ia64.rpm File outdated by: RHSA-2008:0145 |
MD5: b5dc78df650c171dea8e962c79b1efe0 |
| ImageMagick-devel-5.5.6-6.ia64.rpm File outdated by: RHSA-2008:0145 |
MD5: f65e3ce07d6b67d238f5a85ab020885f |
| ImageMagick-perl-5.5.6-6.ia64.rpm File outdated by: RHSA-2008:0145 |
MD5: 09f10be40bd9a88f7e0ff6d59e34e70f |
| PPC: | |
| ImageMagick-5.5.6-6.ppc.rpm File outdated by: RHSA-2008:0145 |
MD5: 46f51cb3c082370bd2f1b9af9415ad7a |
| ImageMagick-c++-5.5.6-6.ppc.rpm File outdated by: RHSA-2008:0145 |
MD5: 03f63acc78df42657e6891077d3467f1 |
| ImageMagick-c++-devel-5.5.6-6.ppc.rpm File outdated by: RHSA-2008:0145 |
MD5: 09fe58f083ffa8e2941202821c0534b5 |
| ImageMagick-devel-5.5.6-6.ppc.rpm File outdated by: RHSA-2008:0145 |
MD5: 33df253831ce0cd8708afc20f589abbd |
| ImageMagick-perl-5.5.6-6.ppc.rpm File outdated by: RHSA-2008:0145 |
MD5: 61477cb1d82fd9079254b995aca7e678 |
| s390: | |
| ImageMagick-5.5.6-6.s390.rpm File outdated by: RHSA-2008:0145 |
MD5: 757608ce8939fe166074c93913c7b8a2 |
| ImageMagick-c++-5.5.6-6.s390.rpm File outdated by: RHSA-2008:0145 |
MD5: af8965782a23f7d484df3293eb214c0d |
| ImageMagick-c++-devel-5.5.6-6.s390.rpm File outdated by: RHSA-2008:0145 |
MD5: 00c94923b096cf548592ed6f6f16f745 |
| ImageMagick-devel-5.5.6-6.s390.rpm File outdated by: RHSA-2008:0145 |
MD5: c07a76f6457cb277518c17c64d074321 |
| ImageMagick-perl-5.5.6-6.s390.rpm File outdated by: RHSA-2008:0145 |
MD5: 9faafb72664e87bb2f191fc60fad75b5 |
| s390x: | |
| ImageMagick-5.5.6-6.s390x.rpm File outdated by: RHSA-2008:0145 |
MD5: 55a76a77830de834060f039cc176e4cd |
| ImageMagick-c++-5.5.6-6.s390x.rpm File outdated by: RHSA-2008:0145 |
MD5: 8ccdb45d34ff40712ab9f6d0a19fbe86 |
| ImageMagick-c++-devel-5.5.6-6.s390x.rpm File outdated by: RHSA-2008:0145 |
MD5: e7eb1807788551defe5f50df2763fce1 |
| ImageMagick-devel-5.5.6-6.s390x.rpm File outdated by: RHSA-2008:0145 |
MD5: c74e048ac339446226b5f7c6d76b97f5 |
| ImageMagick-perl-5.5.6-6.s390x.rpm File outdated by: RHSA-2008:0145 |
MD5: e05b50851348d5c370901e7d2f3d16e4 |
| x86_64: | |
| ImageMagick-5.5.6-6.x86_64.rpm File outdated by: RHSA-2008:0145 |
MD5: ac2398a57cf51e8a69dd8c5390f59ff9 |
| ImageMagick-c++-5.5.6-6.x86_64.rpm File outdated by: RHSA-2008:0145 |
MD5: 16d4ae779d2ef69aea9d863725022a21 |
| ImageMagick-c++-devel-5.5.6-6.x86_64.rpm File outdated by: RHSA-2008:0145 |
MD5: 30c42ec86f195228c268c24001f45c9a |
| ImageMagick-devel-5.5.6-6.x86_64.rpm File outdated by: RHSA-2008:0145 |
MD5: b1f941d2a971a417d858ff32f188bf6c |
| ImageMagick-perl-5.5.6-6.x86_64.rpm File outdated by: RHSA-2008:0145 |
MD5: 4dea1aa57f513c5e84c3900d455a4637 |
| Red Hat Enterprise Linux ES (v. 3) | |
| SRPMS: | |
| ImageMagick-5.5.6-6.src.rpm File outdated by: RHSA-2008:0145 |
MD5: 045e0e91f0ed8f8dec140bf3747b4077 |
| ImageMagick-5.5.6-6.src.rpm File outdated by: RHSA-2008:0145 |
MD5: 045e0e91f0ed8f8dec140bf3747b4077 |
| IA-32: | |
| ImageMagick-5.5.6-6.i386.rpm File outdated by: RHSA-2008:0145 |
MD5: 10ce65b271a96aa9936dde261101950f |
| ImageMagick-c++-5.5.6-6.i386.rpm File outdated by: RHSA-2008:0145 |
MD5: 77116e9d76af4794f483762d9f20e4ea |
| ImageMagick-c++-devel-5.5.6-6.i386.rpm File outdated by: RHSA-2008:0145 |
MD5: 57ec4d864f39319124aec5f5e4b43280 |
| ImageMagick-devel-5.5.6-6.i386.rpm File outdated by: RHSA-2008:0145 |
MD5: ae1f3e70590fffb590956d8fdce9bfcc |
| ImageMagick-perl-5.5.6-6.i386.rpm File outdated by: RHSA-2008:0145 |
MD5: 9d5f480fdd133748dcddc33a763d490f |
| IA-64: | |
| ImageMagick-5.5.6-6.ia64.rpm File outdated by: RHSA-2008:0145 |
MD5: e20e8750e25c70bbb816e927f630c267 |
| ImageMagick-c++-5.5.6-6.ia64.rpm File outdated by: RHSA-2008:0145 |
MD5: 3116fc8ca9bd813065000825ab3a1bad |
| ImageMagick-c++-devel-5.5.6-6.ia64.rpm File outdated by: RHSA-2008:0145 |
MD5: b5dc78df650c171dea8e962c79b1efe0 |
| ImageMagick-devel-5.5.6-6.ia64.rpm File outdated by: RHSA-2008:0145 |
MD5: f65e3ce07d6b67d238f5a85ab020885f |
| ImageMagick-perl-5.5.6-6.ia64.rpm File outdated by: RHSA-2008:0145 |
MD5: 09f10be40bd9a88f7e0ff6d59e34e70f |
| x86_64: | |
| ImageMagick-5.5.6-6.x86_64.rpm File outdated by: RHSA-2008:0145 |
MD5: ac2398a57cf51e8a69dd8c5390f59ff9 |
| ImageMagick-c++-5.5.6-6.x86_64.rpm File outdated by: RHSA-2008:0145 |
MD5: 16d4ae779d2ef69aea9d863725022a21 |
| ImageMagick-c++-devel-5.5.6-6.x86_64.rpm File outdated by: RHSA-2008:0145 |
MD5: 30c42ec86f195228c268c24001f45c9a |
| ImageMagick-devel-5.5.6-6.x86_64.rpm File outdated by: RHSA-2008:0145 |
MD5: b1f941d2a971a417d858ff32f188bf6c |
| ImageMagick-perl-5.5.6-6.x86_64.rpm File outdated by: RHSA-2008:0145 |
MD5: 4dea1aa57f513c5e84c3900d455a4637 |
| Red Hat Enterprise Linux WS (v. 3) | |
| SRPMS: | |
| ImageMagick-5.5.6-6.src.rpm File outdated by: RHSA-2008:0145 |
MD5: 045e0e91f0ed8f8dec140bf3747b4077 |
| ImageMagick-5.5.6-6.src.rpm File outdated by: RHSA-2008:0145 |
MD5: 045e0e91f0ed8f8dec140bf3747b4077 |
| IA-32: | |
| ImageMagick-5.5.6-6.i386.rpm File outdated by: RHSA-2008:0145 |
MD5: 10ce65b271a96aa9936dde261101950f |
| ImageMagick-c++-5.5.6-6.i386.rpm File outdated by: RHSA-2008:0145 |
MD5: 77116e9d76af4794f483762d9f20e4ea |
| ImageMagick-c++-devel-5.5.6-6.i386.rpm File outdated by: RHSA-2008:0145 |
MD5: 57ec4d864f39319124aec5f5e4b43280 |
| ImageMagick-devel-5.5.6-6.i386.rpm File outdated by: RHSA-2008:0145 |
MD5: ae1f3e70590fffb590956d8fdce9bfcc |
| ImageMagick-perl-5.5.6-6.i386.rpm File outdated by: RHSA-2008:0145 |
MD5: 9d5f480fdd133748dcddc33a763d490f |
| IA-64: | |
| ImageMagick-5.5.6-6.ia64.rpm File outdated by: RHSA-2008:0145 |
MD5: e20e8750e25c70bbb816e927f630c267 |
| ImageMagick-c++-5.5.6-6.ia64.rpm File outdated by: RHSA-2008:0145 |
MD5: 3116fc8ca9bd813065000825ab3a1bad |
| ImageMagick-c++-devel-5.5.6-6.ia64.rpm File outdated by: RHSA-2008:0145 |
MD5: b5dc78df650c171dea8e962c79b1efe0 |
| ImageMagick-devel-5.5.6-6.ia64.rpm File outdated by: RHSA-2008:0145 |
MD5: f65e3ce07d6b67d238f5a85ab020885f |
| ImageMagick-perl-5.5.6-6.ia64.rpm File outdated by: RHSA-2008:0145 |
MD5: 09f10be40bd9a88f7e0ff6d59e34e70f |
| x86_64: | |
| ImageMagick-5.5.6-6.x86_64.rpm File outdated by: RHSA-2008:0145 |
MD5: ac2398a57cf51e8a69dd8c5390f59ff9 |
| ImageMagick-c++-5.5.6-6.x86_64.rpm File outdated by: RHSA-2008:0145 |
MD5: 16d4ae779d2ef69aea9d863725022a21 |
| ImageMagick-c++-devel-5.5.6-6.x86_64.rpm File outdated by: RHSA-2008:0145 |
MD5: 30c42ec86f195228c268c24001f45c9a |
| ImageMagick-devel-5.5.6-6.x86_64.rpm File outdated by: RHSA-2008:0145 |
MD5: b1f941d2a971a417d858ff32f188bf6c |
| ImageMagick-perl-5.5.6-6.x86_64.rpm File outdated by: RHSA-2008:0145 |
MD5: 4dea1aa57f513c5e84c3900d455a4637 |
Bugs fixed (see bugzilla for more information)
130807 - CAN-2004-0827 heap overflow in BMP decoder
References
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package
The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/
