On Wed, 1 Feb 2006, Jesse Keating wrote:
> -------- Forwarded Message --------
> From: Stefan Neufeind, PEAR <pear.neufeind@xxxxxxxxxxxxxxx>
> To: secnotice@xxxxxxxxxxxxxxxx
> Subject: ImageMagick in FC3
> Date: Wed, 01 Feb 2006 17:49:18 +0100
>
> Hi,
>
> would it be possible that somebody takes care of an ImageMagick-update?
> Afaik the vuln also relates to FC3. However the bug in bugzilla of
> redhat still remained untouched ("new"), since FC3 is now in legacy.
>
> https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=176926
>
> Some short feedback would be really, really nice! Thank you,
>
> Stefan
This issue has been transferred from Fedora Core to Fedora Legacy in
Bugzilla. The issues is entitlted "CVE-2006-0082 ImageMagick format
string vulnerability." See below for more. -David
---------- Forwarded message ----------
From: bugzilla@xxxxxxxxxx
To: bugs@xxxxxxxxxxxxxxxx
Date: Thu, 2 Feb 2006 04:41:01 -0500
Subject: [Bug 176926] CVE-2006-0082 ImageMagick format string vulnerability.
<snip>
Summary: CVE-2006-0082 ImageMagick format string vulnerability.
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=176926
deisenst@xxxxxxx changed:
What |Removed |Added
----------------------------------------------------------------------------
Product|Fedora Core |Fedora Legacy
Status Whiteboard|reported=20060104,public=200|impact=moderate, LEGACY,
|60104,source=debian,impact=m|rh73, rh90, 1, 2, 3,
|oderate |NEEDSWORK
Component|ImageMagick |ImageMagick
AssignedTo|mclasen@xxxxxxxxxx |bugs@xxxxxxxxxxxxxxxx
CC| |bugzilla.redhat@xxxxxxxxxxxx
| |, deisenst@xxxxxxx
------- Additional Comments From deisenst@xxxxxxx 2006-02-02 04:40 EST -------
Changing this bug over to the Fedora Legacy product.
Thanks for the heads up, Stefan!
CVE-2005-0397 stated: "Format string vulnerability in the SetImageInfo
function in image.c for ImageMagick before 6.0.2.5 may allow remote
attackers to cause a denial of service (application crash) and possibly
execute arbitrary code via format string specifiers in a filename argument
to convert, which may be called by other web applications."
This issue was fixed in FLSA:152777 <http://tinyurl.com/det69> for RHL
7.3, RHL 9, FC1. The issue was fixed in FC2's ImageMagick by Matthias
Clasen's upgrading it to version 6.2.0.7.
CVE-2006-0082: "Format string vulnerability in the SetImageInfo function
in image.c for ImageMagick 6.2.3, and other versions, allows user-
complicit attackers to cause a denial of service (crash) and possibly
execute arbitrary code via a numeric format string specifier such as %d in
the file name, a variant of CVE-2005-0397, and as demonstrated using the
convert program."
This issue should affect these versions of ImageMagick which Fedora Legacy
maintains:
* RHL7.3 - ImageMagick-5.4.3.11-12.7.x.legacy
* RHL 9 - ImageMagick-5.4.7-18.legacy
* FC 1 - ImageMagick-5.5.6-13.legacy
* FC 2 - ImageMagick-6.2.0.7-2.fc2.4.legacy
* FC 3 - ImageMagick-6.2.0.7-2.fc3
--
fedora-legacy-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-legacy-list
