176925 – CVE-2006-0082 ImageMagick format string vulnerability.

Bug 176925 - CVE-2006-0082 ImageMagick format string vulnerability.

Summary: CVE-2006-0082 ImageMagick format string vulnerability.

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Enterprise Linux 4
Classification:	Red Hat
Component:	ImageMagick
Sub Component:
Version:	4.0
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Target Release:	---
Assignee:	Matthias Clasen
QA Contact:	Mike McLean
Docs Contact:
URL:
Whiteboard:	reported=20060104,public=20060104,sou...
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2006-01-04 14:14 UTC by Josh Bressers
Modified:	2007-11-30 22:07 UTC (History)
CC List:	0 users
Fixed In Version:	RHSA-2006-0178
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2006-02-14 16:08:09 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)
patch for 6.2.5 (Rawhide) (1.52 KB, patch) 2006-01-04 17:05 UTC, Matthias Clasen	no flags	Details \| Diff
patch for 6.0.7 (RHEL 4) (846 bytes, patch) 2006-01-04 18:52 UTC, Matthias Clasen	no flags	Details \| Diff
patch for 5.5.6 (RHEL 3) (802 bytes, patch) 2006-01-04 18:54 UTC, Matthias Clasen	no flags	Details \| Diff
patch for 5.3.8 (RHEL 2.1) (800 bytes, patch) 2006-01-04 18:55 UTC, Matthias Clasen	no flags	Details \| Diff
View All

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHSA-2006:0178	0	normal	SHIPPED_LIVE	Moderate: ImageMagick security update	2006-02-14 05:00:00 UTC

Description Josh Bressers 2006-01-04 14:14:11 UTC

ImageMagick format string vulnerability.

The fix for CVE-2005-0397 is incomplete.  As the Debian bug suggests,
by running a command such as:

convert file.jpg file%d%n.jpg

A segfault will result in ImageMagick.

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=345876


This issue also affects RHEL3
This issue also affects RHEL2.1

Comment 1 Matthias Clasen 2006-01-04 17:04:07 UTC

The fix in the debian bug is incomplete, the same code is repeated in blob.c

Comment 2 Matthias Clasen 2006-01-04 17:05:34 UTC

Created attachment 122767 [details]
patch for 6.2.5 (Rawhide)

Comment 3 Matthias Clasen 2006-01-04 18:52:42 UTC

Created attachment 122771 [details]
patch for 6.0.7 (RHEL 4)

Comment 4 Matthias Clasen 2006-01-04 18:54:29 UTC

Created attachment 122772 [details]
patch for 5.5.6 (RHEL 3)

Comment 5 Matthias Clasen 2006-01-04 18:55:30 UTC

Created attachment 122773 [details]
patch for 5.3.8 (RHEL 2.1)

Comment 6 Matthias Clasen 2006-01-06 18:51:01 UTC

The fixes are contained in 
ImageMagick-6.0.7.1-14 (RHEL4)
ImageMagick-5.5.6-17 (RHEL 3)
ImageMagick-5.3.8-14 (RHEL 2.1)

Comment 9 Red Hat Bugzilla 2006-02-14 16:08:09 UTC

An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2006-0178.html

Note You need to log in before you can comment on or make changes to this bug.