[Fwd: ImageMagick in FC3]

David Eisenstein deisenst at gtw.net
Fri Feb 3 01:14:16 UTC 2006 

On Wed, 1 Feb 2006, Jesse Keating wrote:

> -------- Forwarded Message --------
> From: Stefan Neufeind, PEAR <pear.neufeind at speedpartner.de>
> To: secnotice at fedoralegacy.org
> Subject: ImageMagick in FC3
> Date: Wed, 01 Feb 2006 17:49:18 +0100
> 
> Hi,
> 
> would it be possible that somebody takes care of an ImageMagick-update? 
> Afaik the vuln also relates to FC3. However the bug in bugzilla of 
> redhat still remained untouched ("new"), since FC3 is now in legacy.
> 
> https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=176926
> 
> Some short feedback would be really, really nice! Thank you,
> 
>    Stefan

This issue has been transferred from Fedora Core to Fedora Legacy in
Bugzilla.  The issues is entitlted "CVE-2006-0082 ImageMagick format
string vulnerability."  See below for more.		-David

---------- Forwarded message ----------
From: bugzilla at redhat.com
To: bugs at fedoralegacy.org
Date: Thu, 2 Feb 2006 04:41:01 -0500
Subject: [Bug 176926] CVE-2006-0082 ImageMagick format string vulnerability.

<snip>
Summary: CVE-2006-0082 ImageMagick format string vulnerability.
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=176926

deisenst at gtw.net changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
            Product|Fedora Core                 |Fedora Legacy
  Status Whiteboard|reported=20060104,public=200|impact=moderate, LEGACY,
                   |60104,source=debian,impact=m|rh73, rh90, 1, 2, 3,
                   |oderate                     |NEEDSWORK
          Component|ImageMagick                 |ImageMagick
         AssignedTo|mclasen at redhat.com          |bugs at fedoralegacy.org
                 CC|                            |bugzilla.redhat at neufeind.net
                   |                            |, deisenst at gtw.net


------- Additional Comments From deisenst at gtw.net  2006-02-02 04:40 EST -------
Changing this bug over to the Fedora Legacy product.

Thanks for the heads up, Stefan!

CVE-2005-0397 stated:  "Format string vulnerability in the SetImageInfo
function in image.c for ImageMagick before 6.0.2.5 may allow remote
attackers to cause a denial of service (application crash) and possibly
execute arbitrary code via format string specifiers in a filename argument
to convert, which may be called by other web applications."  

This issue was fixed in FLSA:152777 <http://tinyurl.com/det69> for RHL
7.3, RHL 9, FC1.  The issue was fixed in FC2's ImageMagick by Matthias
Clasen's upgrading it to version 6.2.0.7.

CVE-2006-0082:  "Format string vulnerability in the SetImageInfo function
in image.c for ImageMagick 6.2.3, and other versions, allows user-
complicit attackers to cause a denial of service (crash) and possibly
execute arbitrary code via a numeric format string specifier such as %d in
the file name, a variant of CVE-2005-0397, and as demonstrated using the
convert program."

This issue should affect these versions of ImageMagick which Fedora Legacy
maintains:
   * RHL7.3 - ImageMagick-5.4.3.11-12.7.x.legacy
   * RHL 9  - ImageMagick-5.4.7-18.legacy
   * FC 1   - ImageMagick-5.5.6-13.legacy
   * FC 2   - ImageMagick-6.2.0.7-2.fc2.4.legacy
   * FC 3   - ImageMagick-6.2.0.7-2.fc3

More information about the fedora-legacy-list mailing list