lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list] 
From: security at linux-mandrake.com (Mandrake Linux Security Team)
Subject: MDKSA-2004:143 - Updated ImageMagick packages fix vulnerability

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

                 Mandrakelinux Security Update Advisory
 _______________________________________________________________________

 Package name:           ImageMagick
 Advisory ID:            MDKSA-2004:143
 Date:                   December 6th, 2004

 Affected versions:	 10.0, 10.1, 9.2, Corporate Server 2.1
 ______________________________________________________________________

 Problem Description:

 A vulnerability was discovered in ImageMagick where, due to a boundary
 error within the EXIF parsing routine, a specially crafted graphic
 image could potentially lead to the execution of arbitrary code.
 
 The updated packages have been patched to prevent this problem.
 _______________________________________________________________________

 References:

  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0981
 ______________________________________________________________________

 Updated Packages:
  
 Mandrakelinux 10.0:
 fe92759494d57d9e1482c433c54ff869  10.0/RPMS/ImageMagick-5.5.7.15-6.2.100mdk.i586.rpm
 82051cb81cfffc7b8279e1742c3880ce  10.0/RPMS/ImageMagick-doc-5.5.7.15-6.2.100mdk.i586.rpm
 39e259e655fff8913df660306935125c  10.0/RPMS/libMagick5.5.7-5.5.7.15-6.2.100mdk.i586.rpm
 7e410a3e45e5cdc1eb057c8fd3adfe22  10.0/RPMS/libMagick5.5.7-devel-5.5.7.15-6.2.100mdk.i586.rpm
 692f423d2600551d7cd84fe62e24d500  10.0/RPMS/perl-Magick-5.5.7.15-6.2.100mdk.i586.rpm
 b37e69f00c2da1981d41e1bc54af9878  10.0/SRPMS/ImageMagick-5.5.7.15-6.2.100mdk.src.rpm

 Mandrakelinux 10.0/AMD64:
 6f18d320751f01ca8e9688d3cf8cccd1  amd64/10.0/RPMS/ImageMagick-5.5.7.15-6.2.100mdk.amd64.rpm
 d7d239cd8efa17b5e21107b0b92cf9f3  amd64/10.0/RPMS/ImageMagick-doc-5.5.7.15-6.2.100mdk.amd64.rpm
 ee5bb6ae21ce8eecf2442da8ea32ffac  amd64/10.0/RPMS/lib64Magick5.5.7-5.5.7.15-6.2.100mdk.amd64.rpm
 894a86a229adc51026c349ff54ded4da  amd64/10.0/RPMS/lib64Magick5.5.7-devel-5.5.7.15-6.2.100mdk.amd64.rpm
 986347b3262f0dd694be0cb37cec486c  amd64/10.0/RPMS/perl-Magick-5.5.7.15-6.2.100mdk.amd64.rpm
 b37e69f00c2da1981d41e1bc54af9878  amd64/10.0/SRPMS/ImageMagick-5.5.7.15-6.2.100mdk.src.rpm

 Mandrakelinux 10.1:
 4ccc141762e2d463fd1d6090d0a2479e  10.1/RPMS/ImageMagick-6.0.4.4-5.1.101mdk.i586.rpm
 41dac1ea340c626a2d4da2b744795d06  10.1/RPMS/ImageMagick-doc-6.0.4.4-5.1.101mdk.i586.rpm
 b2d6559795c8ea2f585728c9cbb90b89  10.1/RPMS/libMagick6.4.0-6.0.4.4-5.1.101mdk.i586.rpm
 f7d73070aa5df624aee251815dda2410  10.1/RPMS/libMagick6.4.0-devel-6.0.4.4-5.1.101mdk.i586.rpm
 f44f3ea752dd71f1bcb73de523ca81f5  10.1/RPMS/perl-Magick-6.0.4.4-5.1.101mdk.i586.rpm
 1936104c39b2dde2b3ae2090a17729d0  10.1/SRPMS/ImageMagick-6.0.4.4-5.1.101mdk.src.rpm

 Mandrakelinux 10.1/X86_64:
 ef8444748bc2d0e77b608a9b9e636529  x86_64/10.1/RPMS/ImageMagick-6.0.4.4-5.1.101mdk.x86_64.rpm
 a6f42198fa5be410d009591cd0078b09  x86_64/10.1/RPMS/ImageMagick-doc-6.0.4.4-5.1.101mdk.x86_64.rpm
 e67708b273f2efc51a5a590d8d455ac3  x86_64/10.1/RPMS/lib64Magick6.4.0-6.0.4.4-5.1.101mdk.x86_64.rpm
 631cadb3f879a7c6fc302ef423b60cbe  x86_64/10.1/RPMS/lib64Magick6.4.0-devel-6.0.4.4-5.1.101mdk.x86_64.rpm
 a3a7c6ca5b75c9517083b0363c3ae899  x86_64/10.1/RPMS/perl-Magick-6.0.4.4-5.1.101mdk.x86_64.rpm
 1936104c39b2dde2b3ae2090a17729d0  x86_64/10.1/SRPMS/ImageMagick-6.0.4.4-5.1.101mdk.src.rpm

 Corporate Server 2.1:
 3c979ba44b8667a13273abaf1ef9fbc5  corporate/2.1/RPMS/ImageMagick-5.4.8.3-2.2.C21mdk.i586.rpm
 908645c9feb865bcd2346e85f2d3cccc  corporate/2.1/RPMS/libMagick5-5.4.8.3-2.2.C21mdk.i586.rpm
 6817b5c307373bb5bcfd8704038ab170  corporate/2.1/RPMS/libMagick5-devel-5.4.8.3-2.2.C21mdk.i586.rpm
 161aada567715e12e582bd20cd45d7c0  corporate/2.1/RPMS/perl-Magick-5.4.8.3-2.2.C21mdk.i586.rpm
 88e04a437b8c98bdf97c78af7c888524  corporate/2.1/SRPMS/ImageMagick-5.4.8.3-2.2.C21mdk.src.rpm

 Corporate Server 2.1/x86_64:
 b483d3bde5a5abaf12f11b16350efc61  x86_64/corporate/2.1/RPMS/ImageMagick-5.4.8.3-2.2.C21mdk.x86_64.rpm
 507d84144336030bbcb5aa9520fec9d3  x86_64/corporate/2.1/RPMS/libMagick5-5.4.8.3-2.2.C21mdk.x86_64.rpm
 8e6350a79310b07245b30d4a485be26b  x86_64/corporate/2.1/RPMS/libMagick5-devel-5.4.8.3-2.2.C21mdk.x86_64.rpm
 f0707d9c21b117babf0cd4c1336057a9  x86_64/corporate/2.1/RPMS/perl-Magick-5.4.8.3-2.2.C21mdk.x86_64.rpm
 88e04a437b8c98bdf97c78af7c888524  x86_64/corporate/2.1/SRPMS/ImageMagick-5.4.8.3-2.2.C21mdk.src.rpm

 Mandrakelinux 9.2:
 7d8071b2ab19ba89fb8ddc8b2f857ee3  9.2/RPMS/ImageMagick-5.5.7.10-7.2.92mdk.i586.rpm
 67f7869416b518d4def7ae076ee06e39  9.2/RPMS/libMagick5.5.7-5.5.7.10-7.2.92mdk.i586.rpm
 13d01e0ea997978bda6bbc9e7223745e  9.2/RPMS/libMagick5.5.7-devel-5.5.7.10-7.2.92mdk.i586.rpm
 ceef914612ea8f8b6debe257319001cd  9.2/RPMS/perl-Magick-5.5.7.10-7.2.92mdk.i586.rpm
 f7b8e971d13a1b7332353d291b2f774c  9.2/SRPMS/ImageMagick-5.5.7.10-7.2.92mdk.src.rpm

 Mandrakelinux 9.2/AMD64:
 e4088933c94ed867ad9fc101944a8fa6  amd64/9.2/RPMS/ImageMagick-5.5.7.10-7.2.92mdk.amd64.rpm
 b5ecbbb86878b3d09daf617029a383bc  amd64/9.2/RPMS/lib64Magick5.5.7-5.5.7.10-7.2.92mdk.amd64.rpm
 ea7eb11d9bfa0ed0689316f0fa87171c  amd64/9.2/RPMS/lib64Magick5.5.7-devel-5.5.7.10-7.2.92mdk.amd64.rpm
 5931f9e045956d2d85a23083d20f27fd  amd64/9.2/RPMS/perl-Magick-5.5.7.10-7.2.92mdk.amd64.rpm
 f7b8e971d13a1b7332353d291b2f774c  amd64/9.2/SRPMS/ImageMagick-5.5.7.10-7.2.92mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrakeUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandrakesoft for security.  You can obtain
 the GPG public key of the Mandrakelinux Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandrakelinux at:

  http://www.mandrakesoft.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_linux-mandrake.com

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Linux Mandrake Security Team
  <security linux-mandrake.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)

iD8DBQFBtRSWmqjQ0CJFipgRAvkvAKDKF8uifBWYCelxiceJovWsLxwPHgCeMn0x
Xh2cjwpkAAsqZhAnfzXjuX8=
=i9xH
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ