[RHSA-2008:0165-01] Moderate: ImageMagick security update

[news 28]

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1

 

=====================================================================

Red Hat Security Advisory

 

Synopsis: Moderate: ImageMagick security update

Advisory ID: RHSA-2008:0165-01

Product: Red Hat Enterprise Linux

Advisory URL: https://rhn.redhat.com/errata/RHSA-2008-0165.html

Issue date: 2008-04-16

Keywords: heap stack buffer integer overflow

CVE Names: CVE-2007-1797 CVE-2007-4985 CVE-2007-4986

CVE-2008-1097

=====================================================================

 

1. Summary:

 

Updated ImageMagick packages that correct several security issues are now

available for Red Hat Enterprise Linux version 2.1.

 

This update has been rated as having moderate security impact by the Red

Hat Security Response Team.

 

2. Relevant releases/architectures:

 

Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64

Red Hat Linux Advanced Workstation 2.1 - ia64

Red Hat Enterprise Linux ES version 2.1 - i386

Red Hat Enterprise Linux WS version 2.1 - i386

 

3. Description:

 

ImageMagick is an image display and manipulation tool for the X Window

System that can read and write multiple image formats.

 

Several heap-based buffer overflow flaws were found in ImageMagick. If a

victim opened a specially-crafted DCM or XWD file, an attacker could

potentially execute arbitrary code on the victim's machine. (CVE-2007-1797)

 

Several denial of service flaws were found in ImageMagick's parsing of XCF

and DCM files. Attempting to process a specially crafted input file in

these formats could cause ImageMagick to enter an infinite loop.

(CVE-2007-4985)

 

Several integer overflow flaws were found in ImageMagick. If a victim

opened a specially-crafted DCM, DIB, XBM, XCF or XWD file, an attacker

could potentially execute arbitrary code with the privileges of the user

running ImageMagick. (CVE-2007-4986)

 

A heap-based buffer overflow flaw was found in ImageMagick's processing of

certain malformed PCX images. If a victim opened a specially-crafted PCX

file, an attacker could possibly execute arbitrary code with the privileges

of the user running ImageMagick.. (CVE-2008-1097)

 

All users of ImageMagick should upgrade to these updated packages, which

contain backported patches to correct these issues.

 

4. Solution:

 

Before applying this update, make sure that all previously-released

errata relevant to your system have been applied.

 

This update is available via Red Hat Network. Details on how to use

the Red Hat Network to apply this update are available at

http://kbase.redhat.com/faq/FAQ_58_10188

 

5. Bugs fixed (http://bugzilla.redhat.com/):

 

235071 - CVE-2007-1797 Heap overflow in ImageMagick's DCM and XWD coders

285861 - CVE-2008-1097 Memory corruption in ImageMagick's PCX coder

310091 - CVE-2007-4985 Infinite loops in ImageMagick's XCF and DCM coders

310121 - CVE-2007-4986 Multiple integer overflows in ImageMagick

 

6. Package List:

 

Red Hat Enterprise Linux AS (Advanced Server) version 2.1 :

 

Source:

ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/ImageMagick-5.3.8-21.src.rpm

 

i386:

ImageMagick-5.3.8-21.i386.rpm

ImageMagick-c++-5.3.8-21.i386.rpm

ImageMagick-c++-devel-5.3.8-21.i386.rpm

ImageMagick-devel-5.3.8-21.i386.rpm

ImageMagick-perl-5.3.8-21.i386.rpm

 

ia64:

ImageMagick-5.3.8-21.ia64.rpm

ImageMagick-c++-5.3.8-21.ia64.rpm

ImageMagick-c++-devel-5.3.8-21.ia64.rpm

ImageMagick-devel-5.3.8-21.ia64.rpm

ImageMagick-perl-5.3.8-21.ia64.rpm

 

Red Hat Linux Advanced Workstation 2.1:

 

Source:

ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/ImageMagick-5.3.8-21.src.rpm

 

ia64:

ImageMagick-5.3.8-21.ia64.rpm

ImageMagick-c++-5.3.8-21.ia64.rpm

ImageMagick-c++-devel-5.3.8-21.ia64.rpm

ImageMagick-devel-5.3.8-21.ia64.rpm

ImageMagick-perl-5.3.8-21.ia64.rpm

 

Red Hat Enterprise Linux ES version 2.1:

 

Source:

ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/ImageMagick-5.3.8-21.src.rpm

 

i386:

ImageMagick-5.3.8-21.i386.rpm

ImageMagick-c++-5.3.8-21.i386.rpm

ImageMagick-c++-devel-5.3.8-21.i386.rpm

ImageMagick-devel-5.3.8-21.i386.rpm

ImageMagick-perl-5.3.8-21.i386.rpm

 

Red Hat Enterprise Linux WS version 2.1:

 

Source:

ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/ImageMagick-5.3.8-21.src.rpm

 

i386:

ImageMagick-5.3.8-21.i386.rpm

ImageMagick-c++-5.3.8-21.i386.rpm

ImageMagick-c++-devel-5.3.8-21.i386.rpm

ImageMagick-devel-5.3.8-21.i386.rpm

ImageMagick-perl-5.3.8-21.i386.rpm

 

These packages are GPG signed by Red Hat for security. Our key and

details on how to verify the signature are available from

https://www.redhat.com/security/team/key/#package

 

7. References:

 

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1797

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4985

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4986

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1097

http://www.redhat.com/security/updates/classification/#moderate

 

8. Contact:

 

The Red Hat security contact is . More contact

details at https://www.redhat.com/security/team/contact/

 

Copyright 2008 Red Hat, Inc.

-----BEGIN PGP SIGNATURE-----

Version: GnuPG v1.4.4 (GNU/Linux)

 

iD8DBQFIBqvJXlSAg2UNWIIRAkoHAKC1HZiQLqsXQet7yBIiEdcI+1IgmQCfXkX7

km6xcRXUuiZIUDvLFcP3BlM=

=zzG4

-----END PGP SIGNATURE-----

 

 

--