Bug 176925
Summary: | CVE-2006-0082 ImageMagick format string vulnerability. | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Product: | Red Hat Enterprise Linux 4 | Reporter: | Josh Bressers <bressers> | ||||||||||
Component: | ImageMagick | Assignee: | Matthias Clasen <mclasen> | ||||||||||
Status: | CLOSED ERRATA | QA Contact: | Mike McLean <mikem> | ||||||||||
Severity: | medium | Docs Contact: | |||||||||||
Priority: | medium | ||||||||||||
Version: | 4.0 | Keywords: | Security | ||||||||||
Target Milestone: | --- | ||||||||||||
Target Release: | --- | ||||||||||||
Hardware: | All | ||||||||||||
OS: | Linux | ||||||||||||
Whiteboard: | reported=20060104,public=20060104,source=debian,impact=moderate | ||||||||||||
Fixed In Version: | RHSA-2006-0178 | Doc Type: | Bug Fix | ||||||||||
Doc Text: | Story Points: | --- | |||||||||||
Clone Of: | Environment: | ||||||||||||
Last Closed: | 2006-02-14 16:08:09 UTC | Type: | --- | ||||||||||
Regression: | --- | Mount Type: | --- | ||||||||||
Documentation: | --- | CRM: | |||||||||||
Verified Versions: | Category: | --- | |||||||||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||||||
Cloudforms Team: | --- | Target Upstream Version: | |||||||||||
Embargoed: | |||||||||||||
Attachments: |
|
Description
Josh Bressers
2006-01-04 14:14:11 UTC
The fix in the debian bug is incomplete, the same code is repeated in blob.c Created attachment 122767 [details]
patch for 6.2.5 (Rawhide)
Created attachment 122771 [details]
patch for 6.0.7 (RHEL 4)
Created attachment 122772 [details]
patch for 5.5.6 (RHEL 3)
Created attachment 122773 [details]
patch for 5.3.8 (RHEL 2.1)
The fixes are contained in ImageMagick-6.0.7.1-14 (RHEL4) ImageMagick-5.5.6-17 (RHEL 3) ImageMagick-5.3.8-14 (RHEL 2.1) An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on the solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHSA-2006-0178.html |