Advisories

Mandriva Advisories

Package name ImageMagick Date July 31st, 2006 Advisory ID MDKA-2006:031 Affected versions CS3.0 Synopsis Updated ImageMagick packages fix infinite loop issue

Problem Description

ImageMagick-5.5.7, in the ReadTIFFImage function, was found to be
susceptible to a condition that consumes 100% of the system cpu
if attempting to view a carefully crafted tif image using the
"display" or "identify" programs. This has already been addressed in
newer versions of ImageMagick and only effects the Corp3 products.

The updated packages have been patched to correct these issues.

Updated Packages

Corporate Server 3.0

 fd80fcd87b2b523efc8d9521b24feba2  corporate/3.0/RPMS/ImageMagick-5.5.7.15-6.6.C30mdk.i586.rpm
 78c17a0ffa5ccc30c4068efdfe736fc3  corporate/3.0/RPMS/ImageMagick-doc-5.5.7.15-6.6.C30mdk.i586.rpm
 371bdacaa57d02b7edb66a91fa70b632  corporate/3.0/RPMS/libMagick5.5.7-5.5.7.15-6.6.C30mdk.i586.rpm
 7e7c036756f56fc72602fb2812e9a2d1  corporate/3.0/RPMS/libMagick5.5.7-devel-5.5.7.15-6.6.C30mdk.i586.rpm
 ddee1bb640da67fa72cff2e92ebd4982  corporate/3.0/RPMS/perl-Magick-5.5.7.15-6.6.C30mdk.i586.rpm
 9cfbc88ac9d2fef00705d23e306393f5  corporate/3.0/SRPMS/ImageMagick-5.5.7.15-6.6.C30mdk.src.rpm

Corporate Server 3.0/X86_64

 27403874eba816c11b66e22434e88d80  x86_64/corporate/3.0/RPMS/ImageMagick-5.5.7.15-6.6.C30mdk.x86_64.rpm
 ea4dd6ab6e7d1441abdeb8d2090f9396  x86_64/corporate/3.0/RPMS/ImageMagick-doc-5.5.7.15-6.6.C30mdk.x86_64.rpm
 133cbbf96320273fe98d24e250577358  x86_64/corporate/3.0/RPMS/lib64Magick5.5.7-5.5.7.15-6.6.C30mdk.x86_64.rpm
 985816a4a57ff1eada9d9174c5746674  x86_64/corporate/3.0/RPMS/lib64Magick5.5.7-devel-5.5.7.15-6.6.C30mdk.x86_64.rpm
 4aba40f647d437541903485b48dbb92d  x86_64/corporate/3.0/RPMS/perl-Magick-5.5.7.15-6.6.C30mdk.x86_64.rpm
 9cfbc88ac9d2fef00705d23e306393f5  x86_64/corporate/3.0/SRPMS/ImageMagick-5.5.7.15-6.6.C30mdk.src.rpm

Upgrade

To upgrade automatically, use MandrivaUpdate.

Verification

Please verify the update prior to upgrading to ensure the integrity of the downloaded package. You can do this with the command :

                rpm --checksig package.rpm
                

You can get the GPG public key of the Mandriva Security Team to verify the GPG signature of each RPM.

If you use MandrivaUpdate, the verification of md5 checksum and GPG signature is performed automatically for you.