Bug 130807 - CAN-2004-0827 heap overflow in BMP decoder
CAN-2004-0827 heap overflow in BMP decoder
Status: CLOSED RAWHIDE
Product: Red Hat Enterprise Linux 3
Classification: Red Hat
Component: ImageMagick (Show other bugs)
3.0
All Linux
medium Severity high
: ---
: ---
Assigned To: Jonathan Blandford
Mike McLean
impact=important,public=20041111
: Security
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2004-08-24 16:28 EDT by Josh Bressers
Modified: 2013-04-02 00:19 EDT (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2004-12-01 04:07:03 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)
More comprehensive patch (2.82 KB, patch)
2004-11-16 02:45 EST, David Eisenstein
no flags Details | Diff

  None (edit)
Description Josh Bressers 2004-08-24 16:28:57 EDT
A heap overflow has been discovered in the ImageMagick BMP decoder. 
The demo BMP file is the same one which affected QT.


The demo image is attachment 102533 [details].

This issue also affects RHEL2.1

Fedora Core is being hadled by bug 130806
Comment 1 Josh Bressers 2004-08-24 16:30:13 EDT
The patch for this issue is attachment 103039 [details]
Comment 2 Jonathan Blandford 2004-09-14 17:59:46 EDT
I built these into errata-candidate.
Comment 3 Josh Bressers 2004-10-20 15:13:59 EDT
An errata has been issued which should help the problem 
described in this bug report. This report is therefore being 
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files, 
please follow the link below. You may reopen this bug report 
if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2004-494.html
Comment 4 Josh Bressers 2004-10-20 15:34:09 EDT
An errata has been issued which should help the problem 
described in this bug report. This report is therefore being 
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files, 
please follow the link below. You may reopen this bug report 
if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2004-480.html
Comment 5 David Eisenstein 2004-11-11 15:48:59 EST
FYI, as in 
   https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=130806#c2 ,
you may wish to have a look at 
   https://bugzilla.fedora.us/show_bug.cgi?id=2052#c10

because the patch in comment #1 may not have caught all of
the vulnerabilities, if this was the only patch applied into
RHSA's 2004-494 and 2004-480.
      -David
Comment 6 Josh Bressers 2004-11-11 17:05:01 EST
Our fix was obviously incomplete, we'll want to fix the correctly.
Comment 7 David Eisenstein 2004-11-16 02:45:47 EST
Created attachment 106788 [details]
More comprehensive patch

FYI, here is a more comprehensive patch for this issue we've come up with over
on Fedora Legacy that we will soon be testing.	 -David
Comment 8 Mark J. Cox (Product Security) 2004-12-01 04:07:03 EST
ImageMagic-6.0.7 seems to include these updated fixes in the upstream
version, which is part of RHEL4-re1129.0 -> resolving.

Note You need to log in before you can comment on or make changes to this bug.