Advisories

Mandriva Advisories

Package name	ImageMagick
Date	December 1st, 2006
Advisory ID	MDKSA-2006:223
Affected versions	CS3.0, 2006.0, CS4.0
Synopsis	Updated ImageMagick packages fixes vulnerability

Problem Description

Multiple buffer overflows in Imagemagick 6.0 before 6.0.6.2, and 6.2
before 6.2.4.5, has unknown impact and user-assisted attack vectors via
a crafted SGI image.

Updated packages have been patched to correct this issue.

Updated Packages

Corporate Server 3.0

 fc15d48d236f0d1f738c795190081ddd  corporate/3.0/i586/ImageMagick-5.5.7.15-6.9.C30mdk.i586.rpm
 3ba801afddeb42759aebd891971b5fce  corporate/3.0/i586/ImageMagick-doc-5.5.7.15-6.9.C30mdk.i586.rpm
 35c8a337172b91501486381be4e0aa7d  corporate/3.0/i586/libMagick5.5.7-5.5.7.15-6.9.C30mdk.i586.rpm
 3273f233005c79adf0602ade443de675  corporate/3.0/i586/libMagick5.5.7-devel-5.5.7.15-6.9.C30mdk.i586.rpm
 8dfce9d9e00005e990c1203c1144ac34  corporate/3.0/i586/perl-Magick-5.5.7.15-6.9.C30mdk.i586.rpm 
 3cf9bff07102ada97373a66c5f4c6e05  corporate/3.0/SRPMS/ImageMagick-5.5.7.15-6.9.C30mdk.src.rpm

Corporate Server 3.0/X86_64

 0f8193fed5ac7b344398b9e99fe5bccb  corporate/3.0/x86_64/ImageMagick-5.5.7.15-6.9.C30mdk.x86_64.rpm
 bdae28be1bcacf4f5bc6d9bdfa589cbd  corporate/3.0/x86_64/ImageMagick-doc-5.5.7.15-6.9.C30mdk.x86_64.rpm
 fa4a5fe3e447770c33ef0596da8570fb  corporate/3.0/x86_64/lib64Magick5.5.7-5.5.7.15-6.9.C30mdk.x86_64.rpm
 8af081adcd750d5edec44bf1e85e5c7d  corporate/3.0/x86_64/lib64Magick5.5.7-devel-5.5.7.15-6.9.C30mdk.x86_64.rpm
 e238642447217ade5a772c4b12b492b3  corporate/3.0/x86_64/perl-Magick-5.5.7.15-6.9.C30mdk.x86_64.rpm 
 3cf9bff07102ada97373a66c5f4c6e05  corporate/3.0/SRPMS/ImageMagick-5.5.7.15-6.9.C30mdk.src.rpm

Mandriva Linux 2006

 df62dd8449b08426a4188d5959b3f823  2006.0/i586/ImageMagick-6.2.4.3-1.4.20060mdk.i586.rpm
 e87bbddff33171aae89d1d08400907a7  2006.0/i586/ImageMagick-doc-6.2.4.3-1.4.20060mdk.i586.rpm
 8755d8beabe9a85f3e7a07b73d071c59  2006.0/i586/libMagick8.4.2-6.2.4.3-1.4.20060mdk.i586.rpm
 2b6ae5e3b4c8e187e095442e7dcd5c24  2006.0/i586/libMagick8.4.2-devel-6.2.4.3-1.4.20060mdk.i586.rpm
 d7e61aa5943b52eb374b0a2e44232e93  2006.0/i586/perl-Image-Magick-6.2.4.3-1.4.20060mdk.i586.rpm 
 e5875ef8dd63237d5c7c74a441b123fc  2006.0/SRPMS/ImageMagick-6.2.4.3-1.4.20060mdk.src.rpm

Mandriva Linux 2006/X86_64

 973d1bb7026248e93c9f1a16eba0cfaf  2006.0/x86_64/ImageMagick-6.2.4.3-1.4.20060mdk.x86_64.rpm
 ca759633ecf8ef52b1c34f55d5a3af6d  2006.0/x86_64/ImageMagick-doc-6.2.4.3-1.4.20060mdk.x86_64.rpm
 f65de07d50364a3c861f50ce6f11fee4  2006.0/x86_64/lib64Magick8.4.2-6.2.4.3-1.4.20060mdk.x86_64.rpm
 c9e86c379bdfeb36e25bfd34e094b921  2006.0/x86_64/lib64Magick8.4.2-devel-6.2.4.3-1.4.20060mdk.x86_64.rpm
 9d58fe1606d8f1f0f6a225df3ac58b48  2006.0/x86_64/perl-Image-Magick-6.2.4.3-1.4.20060mdk.x86_64.rpm 
 e5875ef8dd63237d5c7c74a441b123fc  2006.0/SRPMS/ImageMagick-6.2.4.3-1.4.20060mdk.src.rpm

Corporate Server 4.0

 dde2f028a95732f3d5fd5bfd48ede727  corporate/4.0/i586/ImageMagick-6.2.4.3-1.4.20060mlcs4.i586.rpm
 6affed772cabdc8e8eb6e6ed96efb178  corporate/4.0/i586/ImageMagick-doc-6.2.4.3-1.4.20060mlcs4.i586.rpm
 426d44c76834a660ea48c09719048de2  corporate/4.0/i586/libMagick8.4.2-6.2.4.3-1.4.20060mlcs4.i586.rpm
 4cc0f80f0bbfdbc1c26a497f14e2dd0d  corporate/4.0/i586/libMagick8.4.2-devel-6.2.4.3-1.4.20060mlcs4.i586.rpm
 9deab133788e00cf6487a057042c3ae0  corporate/4.0/i586/perl-Image-Magick-6.2.4.3-1.4.20060mlcs4.i586.rpm 
 0b75266159c73fcb8a0f7027d208bee2  corporate/4.0/SRPMS/ImageMagick-6.2.4.3-1.4.20060mlcs4.src.rpm

Corporate Server 4.0/X86_64

 283a0751148b3468bd3e2281d819f08d  corporate/4.0/x86_64/ImageMagick-6.2.4.3-1.4.20060mlcs4.x86_64.rpm
 48ee2e7835b97a89e27342c3a27db913  corporate/4.0/x86_64/ImageMagick-doc-6.2.4.3-1.4.20060mlcs4.x86_64.rpm
 fad038ed56f886f4656302721a616578  corporate/4.0/x86_64/lib64Magick8.4.2-6.2.4.3-1.4.20060mlcs4.x86_64.rpm
 17b7841d6459f0a52662f43d16f09771  corporate/4.0/x86_64/lib64Magick8.4.2-devel-6.2.4.3-1.4.20060mlcs4.x86_64.rpm
 dbcfd793204ead891cbf779c1075287e  corporate/4.0/x86_64/perl-Image-Magick-6.2.4.3-1.4.20060mlcs4.x86_64.rpm 
 0b75266159c73fcb8a0f7027d208bee2  corporate/4.0/SRPMS/ImageMagick-6.2.4.3-1.4.20060mlcs4.src.rpm

References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5868

Upgrade

To upgrade automatically, use MandrivaUpdate.

Verification

Please verify the update prior to upgrading to ensure the integrity of the downloaded package. You can do this with the command :

                rpm --checksig package.rpm

You can get the GPG public key of the Mandriva Security Team to verify the GPG signature of each RPM.

If you use MandrivaUpdate, the verification of md5 checksum and GPG signature is performed automatically for you.

URL:

https://mandriva.com/security/advisories

Short link:

https://mandriva.com/content/view/full/1075

Intersites Menu

Mandriva

Tools

Top menu

Advisories

Footer