[42484] in bugtraq
[USN-246-1] imagemagick vulnerabilities
daemon@ATHENA.MIT.EDU (Martin Pitt)
Sat Jan 28 17:40:35 2006
Date: Tue, 24 Jan 2006 17:26:52 +0100
From: Martin Pitt <martin.pitt@canonical.com>
To: ubuntu-security-announce@lists.ubuntu.com
Cc: full-disclosure@lists.grok.org.uk, bugtraq@securityfocus.com
Message-ID: <20060124162652.GK6265@piware.de>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature"; boundary="tKtFalx5NIx0HZ72"
Content-Disposition: inline
--tKtFalx5NIx0HZ72
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D
Ubuntu Security Notice USN-246-1 January 24, 2006
imagemagick vulnerabilities
CVE-2005-4601, CVE-2006-0082, http://bugs.debian.org/345595
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D
A security issue affects the following Ubuntu releases:
Ubuntu 4.10 (Warty Warthog)
Ubuntu 5.04 (Hoary Hedgehog)
Ubuntu 5.10 (Breezy Badger)
The following packages are affected:
imagemagick
The problem can be corrected by upgrading the affected package to
version 5:6.0.2.5-1ubuntu1.6 (for Ubuntu 4.10), 6:6.0.6.2-2.1ubuntu1.2
(for Ubuntu 5.04), or 6:6.2.3.4-1ubuntu1.1 (for Ubuntu 5.10). In
general, a standard system upgrade is sufficient to effect the
necessary changes.
Details follow:
Florian Weimer discovered that the delegate code did not correctly
handle file names which embed shell commands (CVE-2005-4601). Daniel
Kobras found a format string vulnerability in the SetImageInfo()
function (CVE-2006-0082). By tricking a user into processing an image
file with a specially crafted file name, these two vulnerabilities
could be exploited to execute arbitrary commands with the user's
privileges. These vulnerability become particularly critical if
malicious images are sent as email attachments and the email client
uses imagemagick to convert/display the images (e. g. Thunderbird and
Gnus).
In addition, Eero H=E4kkinen reported a bug in the command line argument
processing of the 'display' command. Arguments that contained
wildcards and were expanded to several files could trigger a heap
overflow. However, there is no known possiblity to exploit this
remotely. (http://bugs.debian.org/345595)
Updated packages for Ubuntu 4.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/imagemagick_6=
=2E0.2.5-1ubuntu1.6.diff.gz
Size/MD5: 134606 4b31a39ad25a54ac6e5660fe40b9ed24
http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/imagemagick_6=
=2E0.2.5-1ubuntu1.6.dsc
Size/MD5: 874 a1df37b8d2d62110e48a2ce92483c88d
http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/imagemagick_6=
=2E0.2.5.orig.tar.gz
Size/MD5: 6700454 207fdb75b6c106007cc483cf15e619ad
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/imagemagick_6=
=2E0.2.5-1ubuntu1.6_amd64.deb
Size/MD5: 1366942 031239f615f2b746392fe625f26a4f74
http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++6-=
dev_6.0.2.5-1ubuntu1.6_amd64.deb
Size/MD5: 227402 cd79a681715e4b3478d510559b15714d
http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++6_=
6.0.2.5-1ubuntu1.6_amd64.deb
Size/MD5: 162112 17b36e50423ce7bc9ca7a43440203ce3
http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick6-de=
v_6.0.2.5-1ubuntu1.6_amd64.deb
Size/MD5: 1522024 05a2569eb10f5292a2559fa612a788b5
http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick6_6.=
0.2.5-1ubuntu1.6_amd64.deb
Size/MD5: 1168622 2a5c961ae1ec074403ed154493df80ff
http://security.ubuntu.com/ubuntu/pool/universe/i/imagemagick/perlmagic=
k_6.0.2.5-1ubuntu1.6_amd64.deb
Size/MD5: 139462 8c2ab6b4f84c8add21d46dd7d876b577
i386 architecture (x86 compatible Intel/AMD)
http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/imagemagick_6=
=2E0.2.5-1ubuntu1.6_i386.deb
Size/MD5: 1366892 80b670fd0bac3e55b8178dab5f05c844
http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++6-=
dev_6.0.2.5-1ubuntu1.6_i386.deb
Size/MD5: 207450 4710b1d09e754d04e6d638b0812d6e11
http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++6_=
6.0.2.5-1ubuntu1.6_i386.deb
Size/MD5: 163376 1056116182350ad8f64e57e150634f7e
http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick6-de=
v_6.0.2.5-1ubuntu1.6_i386.deb
Size/MD5: 1427412 ca850b91e4f39e9e19178be9228ccabe
http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick6_6.=
0.2.5-1ubuntu1.6_i386.deb
Size/MD5: 1117264 c07a26a9b2a40c1da40d458b0df657e0
http://security.ubuntu.com/ubuntu/pool/universe/i/imagemagick/perlmagic=
k_6.0.2.5-1ubuntu1.6_i386.deb
Size/MD5: 138022 487d5569d70cc7012975d64504879628
powerpc architecture (Apple Macintosh G3/G4/G5)
http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/imagemagick_6=
=2E0.2.5-1ubuntu1.6_powerpc.deb
Size/MD5: 1372024 a75468520f752d9a810ea4cffddb3e92
http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++6-=
dev_6.0.2.5-1ubuntu1.6_powerpc.deb
Size/MD5: 226066 373518e298911dd74d7e4ba117964a28
http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++6_=
6.0.2.5-1ubuntu1.6_powerpc.deb
Size/MD5: 155200 85f464df3f14c0c02ad3971022d663d5
http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick6-de=
v_6.0.2.5-1ubuntu1.6_powerpc.deb
Size/MD5: 1663242 5180ae627cc48e3523f9de4f03898d69
http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick6_6.=
0.2.5-1ubuntu1.6_powerpc.deb
Size/MD5: 1153814 f9c9c2db361f52977d18bda5ce8c6a4f
http://security.ubuntu.com/ubuntu/pool/universe/i/imagemagick/perlmagic=
k_6.0.2.5-1ubuntu1.6_powerpc.deb
Size/MD5: 136962 f8d63f5842e707c2486212a2939c9adf
Updated packages for Ubuntu 5.04:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/imagemagick_6=
=2E0.6.2-2.1ubuntu1.2.diff.gz
Size/MD5: 142402 88d606def6be0f7218f41291dd3324d5
http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/imagemagick_6=
=2E0.6.2-2.1ubuntu1.2.dsc
Size/MD5: 899 3c3932cbac1d221f535d6eef36b1fdae
http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/imagemagick_6=
=2E0.6.2.orig.tar.gz
Size/MD5: 6824001 477a361ba0154cc2423726fab4a3f57c
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/imagemagick_6=
=2E0.6.2-2.1ubuntu1.2_amd64.deb
Size/MD5: 1466370 74271b63dabc2070242a58b255ac702c
http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++6-=
dev_6.0.6.2-2.1ubuntu1.2_amd64.deb
Size/MD5: 228796 185021d56caddf09f97842ca92079ae1
http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++6_=
6.0.6.2-2.1ubuntu1.2_amd64.deb
Size/MD5: 163618 2f7b45227d703e76ed8c0aa0c096043a
http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick6-de=
v_6.0.6.2-2.1ubuntu1.2_amd64.deb
Size/MD5: 1550780 7d40b54efa938be50d425fc6b65541f6
http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick6_6.=
0.6.2-2.1ubuntu1.2_amd64.deb
Size/MD5: 1194764 a3699ddbb32e0a8fcf7e301e9116c792
http://security.ubuntu.com/ubuntu/pool/universe/i/imagemagick/perlmagic=
k_6.0.6.2-2.1ubuntu1.2_amd64.deb
Size/MD5: 231838 8b862ed12df39896908b0cb734de3664
i386 architecture (x86 compatible Intel/AMD)
http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/imagemagick_6=
=2E0.6.2-2.1ubuntu1.2_i386.deb
Size/MD5: 1465000 5a18ad991a335a509bc15bcd53275ff2
http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++6-=
dev_6.0.6.2-2.1ubuntu1.2_i386.deb
Size/MD5: 208886 d18d1ff45ec4f966ab8404a5c19f88ab
http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++6_=
6.0.6.2-2.1ubuntu1.2_i386.deb
Size/MD5: 164364 ee15d0e87891b335490f33053bb0bbf9
http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick6-de=
v_6.0.6.2-2.1ubuntu1.2_i386.deb
Size/MD5: 1453440 0a32a5416da430ec0bad36c9ff3ce472
http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick6_6.=
0.6.2-2.1ubuntu1.2_i386.deb
Size/MD5: 1140134 54f35379a5e273d06673f295a903eeb5
http://security.ubuntu.com/ubuntu/pool/universe/i/imagemagick/perlmagic=
k_6.0.6.2-2.1ubuntu1.2_i386.deb
Size/MD5: 232212 afcabad7e0acbd41bcc87ac44907abcd
powerpc architecture (Apple Macintosh G3/G4/G5)
http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/imagemagick_6=
=2E0.6.2-2.1ubuntu1.2_powerpc.deb
Size/MD5: 1471744 2e733a0863fdb86b85b60411e19f6db1
http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++6-=
dev_6.0.6.2-2.1ubuntu1.2_powerpc.deb
Size/MD5: 227776 117db34854a6841b41069769e1046019
http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++6_=
6.0.6.2-2.1ubuntu1.2_powerpc.deb
Size/MD5: 156750 4bd0278363240e0c7db0312d943b29c0
http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick6-de=
v_6.0.6.2-2.1ubuntu1.2_powerpc.deb
Size/MD5: 1685470 ccdfd882db3b2a0e54940abec63b5f1c
http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick6_6.=
0.6.2-2.1ubuntu1.2_powerpc.deb
Size/MD5: 1169660 aa8cd772447aca0b54b232b1535d633e
http://security.ubuntu.com/ubuntu/pool/universe/i/imagemagick/perlmagic=
k_6.0.6.2-2.1ubuntu1.2_powerpc.deb
Size/MD5: 270578 08b125b02a9c13fae6b4d7332620fe86
Updated packages for Ubuntu 5.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/imagemagick_6=
=2E2.3.4-1ubuntu1.1.diff.gz
Size/MD5: 141719 559a4d4ed6e7bbfe0ad5a786cd5d4732
http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/imagemagick_6=
=2E2.3.4-1ubuntu1.1.dsc
Size/MD5: 899 fb21becc6f02ec9301f916ea8de051e8
http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/imagemagick_6=
=2E2.3.4.orig.tar.gz
Size/MD5: 5769194 7e9a3edd467a400a74126eb4a18e31ef
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/imagemagick_6=
=2E2.3.4-1ubuntu1.1_amd64.deb
Size/MD5: 1333686 633e09174c3e2e695c95ca3f92000f71
http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++6-=
dev_6.2.3.4-1ubuntu1.1_amd64.deb
Size/MD5: 259082 c7ec6c78d48c4a8359beff834e07a205
http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++6c=
2_6.2.3.4-1ubuntu1.1_amd64.deb
Size/MD5: 171182 7a2cb4a4c564cb4ce8f3a9e00d5368bb
http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick6-de=
v_6.2.3.4-1ubuntu1.1_amd64.deb
Size/MD5: 1670016 8ad4ffdf0f7e2afa6c13bd92a9d8e3ff
http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick6_6.=
2.3.4-1ubuntu1.1_amd64.deb
Size/MD5: 1319860 ebe2ed9b8bb7872748a7d7999d6b214f
http://security.ubuntu.com/ubuntu/pool/universe/i/imagemagick/perlmagic=
k_6.2.3.4-1ubuntu1.1_amd64.deb
Size/MD5: 169108 0614280b6b9a0c66fbaaae7331a9abd0
i386 architecture (x86 compatible Intel/AMD)
http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/imagemagick_6=
=2E2.3.4-1ubuntu1.1_i386.deb
Size/MD5: 1332624 30f8c9079904779d175e51010a247de7
http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++6-=
dev_6.2.3.4-1ubuntu1.1_i386.deb
Size/MD5: 235462 20d850dc0f4c33b5ad6dc2f73c7bacb2
http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++6c=
2_6.2.3.4-1ubuntu1.1_i386.deb
Size/MD5: 170338 37ca4adeeed945b8091013dee7c8ac93
http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick6-de=
v_6.2.3.4-1ubuntu1.1_i386.deb
Size/MD5: 1521306 a930ae70ca0ca466dccff3241f9cbbb3
http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick6_6.=
2.3.4-1ubuntu1.1_i386.deb
Size/MD5: 1223752 11dc33c26d87a87478e61a03de036049
http://security.ubuntu.com/ubuntu/pool/universe/i/imagemagick/perlmagic=
k_6.2.3.4-1ubuntu1.1_i386.deb
Size/MD5: 164420 184ef6337e3310db99be77124a5e0696
powerpc architecture (Apple Macintosh G3/G4/G5)
http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/imagemagick_6=
=2E2.3.4-1ubuntu1.1_powerpc.deb
Size/MD5: 1337288 c0fa8dbe382c9c31d9d6d64c00574f1d
http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++6-=
dev_6.2.3.4-1ubuntu1.1_powerpc.deb
Size/MD5: 259984 7a6f5aca4a3f1f8312dfa2b63a5134ff
http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++6c=
2_6.2.3.4-1ubuntu1.1_powerpc.deb
Size/MD5: 163560 bf2974c1669997ea3418fd27fcaf40de
http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick6-de=
v_6.2.3.4-1ubuntu1.1_powerpc.deb
Size/MD5: 1873442 54ac80d3c655b335d84d7845e8fbb425
http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick6_6.=
2.3.4-1ubuntu1.1_powerpc.deb
Size/MD5: 1257526 97bfc0a71d5bd78185781e9d7ff2168f
http://security.ubuntu.com/ubuntu/pool/universe/i/imagemagick/perlmagic=
k_6.2.3.4-1ubuntu1.1_powerpc.deb
Size/MD5: 163568 b97c878e2f3569756e87600af040803b
--tKtFalx5NIx0HZ72
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
iD8DBQFD1lVMDecnbV4Fd/IRAss7AKCucRgDjE+B2WsQ7o7oPS86+Yv88gCgjOeB
JlqNZW43XmNJJlFrln4ifmo=
=4qMf
-----END PGP SIGNATURE-----
--tKtFalx5NIx0HZ72--