Paketname
imagemagick
Datum
2009-12-05
Advisory ID
MDVSA-2009:260-1
Betroffene Versionen
2008.0 i586 , 2008.0 x86_64

Problembeschreibung

A vulnerability has been found and corrected in ImageMagick,
which could lead to integer overflow in the XMakeImage function in
magick/xwindow.c, allowing remote attackers to cause a denial of
service (crash) and possibly execute arbitrary code via a crafted
TIFF file, which triggers a buffer overflow (CVE-2009-1882).

This update fixes this vulnerability.

Update:

Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers

Aktualisierte Pakete

2008.0 i586

 a518c3799c49cd407ca123eedd27631c  2008.0/i586/imagemagick-6.3.2.9-10.3mdv2008.0.i586.rpm
 72f4b32919fa8420cca925510fca21c8  2008.0/i586/imagemagick-desktop-6.3.2.9-10.3mdv2008.0.i586.rpm
 b0e5e58e38f7acd560aeb5bd53d065ed  2008.0/i586/imagemagick-doc-6.3.2.9-10.3mdv2008.0.i586.rpm
 ef3b5f6c1800fd10fbf7a437774d986c  2008.0/i586/libmagick10.7.0-6.3.2.9-10.3mdv2008.0.i586.rpm
 a3549fa4fa21089ff6b43e102932949e  2008.0/i586/libmagick10.7.0-devel-6.3.2.9-10.3mdv2008.0.i586.rpm
 5dde39fb31d70d8b20ce9b17e4baf457  2008.0/i586/perl-Image-Magick-6.3.2.9-10.3mdv2008.0.i586.rpm 
 4dd3532a6395bfbf5faa1e99207e016f  2008.0/SRPMS/imagemagick-6.3.2.9-10.3mdv2008.0.src.rpm

2008.0 x86_64

 eac3f25719308817fae16f61b884fdd1  2008.0/x86_64/imagemagick-6.3.2.9-10.3mdv2008.0.x86_64.rpm
 64b28aeaff64cdf08995bdc48b8af531  2008.0/x86_64/imagemagick-desktop-6.3.2.9-10.3mdv2008.0.x86_64.rpm
 0fb0ab2f564fca7d63030c42e73757c3  2008.0/x86_64/imagemagick-doc-6.3.2.9-10.3mdv2008.0.x86_64.rpm
 51735dba9c7ffb6cbfb4b32fc4bcd02b  2008.0/x86_64/lib64magick10.7.0-6.3.2.9-10.3mdv2008.0.x86_64.rpm
 ae9e8d6f4dc0422a86314ed0ba07d05e  2008.0/x86_64/lib64magick10.7.0-devel-6.3.2.9-10.3mdv2008.0.x86_64.rpm
 96ca02b20d2340f94cd1a23a08d905af  2008.0/x86_64/perl-Image-Magick-6.3.2.9-10.3mdv2008.0.x86_64.rpm 
 4dd3532a6395bfbf5faa1e99207e016f  2008.0/SRPMS/imagemagick-6.3.2.9-10.3mdv2008.0.src.rpm

Referenzen