Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2005.0161 -- RHSA-2005:071-01 Moderate: ImageMagick security update 17 February 2005 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: ImageMagick Publisher: Red Hat Operating System: Red Hat Enterprise Linux AS/ES/WS 4 Red Hat Desktop version 4 Linux variants UNIX variants Impact: Execute Arbitrary Code/Commands Access: Remote/Unauthenticated CVE Names: CAN-2005-0005 Ref: ESB-2005.0048 Original Bulletin: https://rhn.redhat.com/errata/RHSA-2005-071.html Comment: This Red Hat advisory is for Enterprise Linux version 4 only. The same vulnerability may exist in other versions, and administrators are advised to check the vendor's web site for further details. - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Moderate: ImageMagick security update Advisory ID: RHSA-2005:071-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-071.html Issue date: 2005-02-15 Updated on: 2005-02-15 Product: Red Hat Enterprise Linux CVE Names: CAN-2005-0005 - - --------------------------------------------------------------------- 1. Summary: Updated ImageMagick packages that fix a security flaw are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: ImageMagick is an image display and manipulation tool for the X Window System. Andrei Nigmatulin discovered a heap based buffer overflow flaw in the ImageMagick image handler. An attacker could create a carefully crafted Photoshop Document (PSD) image in such a way that it would cause ImageMagick to execute arbitrary code when processing the image. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0005 to this issue. Users of ImageMagick should upgrade to these updated packages, which contain a backported patch, and are not vulnerable to this issue. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command: up2date For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system: http://www.redhat.com/docs/manuals/enterprise/ 5. Bug IDs fixed (http://bugzilla.redhat.com/): 145123 - CAN-2005-0005 buffer overflow in ImageMagick 6. RPMs required: Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/ImageMagick-6.0.7.1-6.src.rpm a5c8511327dc216e6543f2bcce9dbaef ImageMagick-6.0.7.1-6.src.rpm i386: 1145a7d29a8b8f444d94834b5e6c32af ImageMagick-6.0.7.1-6.i386.rpm 7f77e9423e940706e843737c6caaf53f ImageMagick-c++-6.0.7.1-6.i386.rpm e1b8cf2f535ba390f07619327540cb84 ImageMagick-c++-devel-6.0.7.1-6.i386.rpm 7748f74dadba601fb43eb04b6bd5787a ImageMagick-devel-6.0.7.1-6.i386.rpm e907c9aaab08c87c815d289ae3e34d24 ImageMagick-perl-6.0.7.1-6.i386.rpm ia64: 6389e67ad2ec903f8744355a026671c0 ImageMagick-6.0.7.1-6.ia64.rpm 0a5415a7dd437424be36edda7e59404f ImageMagick-c++-6.0.7.1-6.ia64.rpm 7ccc183bce8e328c017a6acd15f85746 ImageMagick-c++-devel-6.0.7.1-6.ia64.rpm 0fbfca7d0531822f1b64fe28410b089a ImageMagick-devel-6.0.7.1-6.ia64.rpm 975b389ef4c61819221a33b46d5798c5 ImageMagick-perl-6.0.7.1-6.ia64.rpm ppc: 0005695a74c40faa555381d9294bbce8 ImageMagick-6.0.7.1-6.ppc.rpm 7e07a4f6de79a6185867b12b13263200 ImageMagick-c++-6.0.7.1-6.ppc.rpm ab2dac355d35242988da6873de6422e2 ImageMagick-c++-devel-6.0.7.1-6.ppc.rpm 62a235627ca1eee014b69ee68ee6b93f ImageMagick-devel-6.0.7.1-6.ppc.rpm 76d2a6e6ab17003535fa8019d3fbeab9 ImageMagick-perl-6.0.7.1-6.ppc.rpm s390: 6d43807788a76a876b4abef3ff0ff1b0 ImageMagick-6.0.7.1-6.s390.rpm 321e1f007114e0bd581bd83b0eda7fe6 ImageMagick-c++-6.0.7.1-6.s390.rpm 3b0d090b96e796c6aff5507d13ed35ae ImageMagick-c++-devel-6.0.7.1-6.s390.rpm 764d139053a2964c1ecee0407ea60c41 ImageMagick-devel-6.0.7.1-6.s390.rpm c239527e5377076c6d57afea04fa18c3 ImageMagick-perl-6.0.7.1-6.s390.rpm s390x: 83717e077a6401a30f9d52b858d62809 ImageMagick-6.0.7.1-6.s390x.rpm c4898fe5d9b06b537f7871c812846d22 ImageMagick-c++-6.0.7.1-6.s390x.rpm 5aaf3be1910b8ce7b4e7ed01fb35e049 ImageMagick-c++-devel-6.0.7.1-6.s390x.rpm 7672587e292ef5e94490749e367508a8 ImageMagick-devel-6.0.7.1-6.s390x.rpm 7bc82308c1b8b405ba45ced6553a1fe0 ImageMagick-perl-6.0.7.1-6.s390x.rpm x86_64: 2f0ee7ea6c2facad27ef786ded68e8c1 ImageMagick-6.0.7.1-6.x86_64.rpm f0950411b38e248645c771ea85b9125d ImageMagick-c++-6.0.7.1-6.x86_64.rpm 4fdf0a7ccc22f73ddb510ac627bc63d5 ImageMagick-c++-devel-6.0.7.1-6.x86_64.rpm 0f8e9d58c905273acc2a5a0410bbd801 ImageMagick-devel-6.0.7.1-6.x86_64.rpm 616716d249de35ad9e3888a251757675 ImageMagick-perl-6.0.7.1-6.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/ImageMagick-6.0.7.1-6.src.rpm a5c8511327dc216e6543f2bcce9dbaef ImageMagick-6.0.7.1-6.src.rpm i386: 1145a7d29a8b8f444d94834b5e6c32af ImageMagick-6.0.7.1-6.i386.rpm 7f77e9423e940706e843737c6caaf53f ImageMagick-c++-6.0.7.1-6.i386.rpm e1b8cf2f535ba390f07619327540cb84 ImageMagick-c++-devel-6.0.7.1-6.i386.rpm 7748f74dadba601fb43eb04b6bd5787a ImageMagick-devel-6.0.7.1-6.i386.rpm e907c9aaab08c87c815d289ae3e34d24 ImageMagick-perl-6.0.7.1-6.i386.rpm x86_64: 2f0ee7ea6c2facad27ef786ded68e8c1 ImageMagick-6.0.7.1-6.x86_64.rpm f0950411b38e248645c771ea85b9125d ImageMagick-c++-6.0.7.1-6.x86_64.rpm 4fdf0a7ccc22f73ddb510ac627bc63d5 ImageMagick-c++-devel-6.0.7.1-6.x86_64.rpm 0f8e9d58c905273acc2a5a0410bbd801 ImageMagick-devel-6.0.7.1-6.x86_64.rpm 616716d249de35ad9e3888a251757675 ImageMagick-perl-6.0.7.1-6.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/ImageMagick-6.0.7.1-6.src.rpm a5c8511327dc216e6543f2bcce9dbaef ImageMagick-6.0.7.1-6.src.rpm i386: 1145a7d29a8b8f444d94834b5e6c32af ImageMagick-6.0.7.1-6.i386.rpm 7f77e9423e940706e843737c6caaf53f ImageMagick-c++-6.0.7.1-6.i386.rpm e1b8cf2f535ba390f07619327540cb84 ImageMagick-c++-devel-6.0.7.1-6.i386.rpm 7748f74dadba601fb43eb04b6bd5787a ImageMagick-devel-6.0.7.1-6.i386.rpm e907c9aaab08c87c815d289ae3e34d24 ImageMagick-perl-6.0.7.1-6.i386.rpm ia64: 6389e67ad2ec903f8744355a026671c0 ImageMagick-6.0.7.1-6.ia64.rpm 0a5415a7dd437424be36edda7e59404f ImageMagick-c++-6.0.7.1-6.ia64.rpm 7ccc183bce8e328c017a6acd15f85746 ImageMagick-c++-devel-6.0.7.1-6.ia64.rpm 0fbfca7d0531822f1b64fe28410b089a ImageMagick-devel-6.0.7.1-6.ia64.rpm 975b389ef4c61819221a33b46d5798c5 ImageMagick-perl-6.0.7.1-6.ia64.rpm x86_64: 2f0ee7ea6c2facad27ef786ded68e8c1 ImageMagick-6.0.7.1-6.x86_64.rpm f0950411b38e248645c771ea85b9125d ImageMagick-c++-6.0.7.1-6.x86_64.rpm 4fdf0a7ccc22f73ddb510ac627bc63d5 ImageMagick-c++-devel-6.0.7.1-6.x86_64.rpm 0f8e9d58c905273acc2a5a0410bbd801 ImageMagick-devel-6.0.7.1-6.x86_64.rpm 616716d249de35ad9e3888a251757675 ImageMagick-perl-6.0.7.1-6.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/ImageMagick-6.0.7.1-6.src.rpm a5c8511327dc216e6543f2bcce9dbaef ImageMagick-6.0.7.1-6.src.rpm i386: 1145a7d29a8b8f444d94834b5e6c32af ImageMagick-6.0.7.1-6.i386.rpm 7f77e9423e940706e843737c6caaf53f ImageMagick-c++-6.0.7.1-6.i386.rpm e1b8cf2f535ba390f07619327540cb84 ImageMagick-c++-devel-6.0.7.1-6.i386.rpm 7748f74dadba601fb43eb04b6bd5787a ImageMagick-devel-6.0.7.1-6.i386.rpm e907c9aaab08c87c815d289ae3e34d24 ImageMagick-perl-6.0.7.1-6.i386.rpm ia64: 6389e67ad2ec903f8744355a026671c0 ImageMagick-6.0.7.1-6.ia64.rpm 0a5415a7dd437424be36edda7e59404f ImageMagick-c++-6.0.7.1-6.ia64.rpm 7ccc183bce8e328c017a6acd15f85746 ImageMagick-c++-devel-6.0.7.1-6.ia64.rpm 0fbfca7d0531822f1b64fe28410b089a ImageMagick-devel-6.0.7.1-6.ia64.rpm 975b389ef4c61819221a33b46d5798c5 ImageMagick-perl-6.0.7.1-6.ia64.rpm x86_64: 2f0ee7ea6c2facad27ef786ded68e8c1 ImageMagick-6.0.7.1-6.x86_64.rpm f0950411b38e248645c771ea85b9125d ImageMagick-c++-6.0.7.1-6.x86_64.rpm 4fdf0a7ccc22f73ddb510ac627bc63d5 ImageMagick-c++-devel-6.0.7.1-6.x86_64.rpm 0f8e9d58c905273acc2a5a0410bbd801 ImageMagick-devel-6.0.7.1-6.x86_64.rpm 616716d249de35ad9e3888a251757675 ImageMagick-perl-6.0.7.1-6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0005 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://www.redhat.com/security/team/contact/ Copyright 2005 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFCEcyEXlSAg2UNWIIRAskuAKC10/Xi5883UVe4hB+cMDDUo2ksOQCdEvka +u9EVyCFUobEDbMm0nQR+2o= =ixMf - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: http://www.auscert.org.au/render.html?cid=1980 If you believe that your computer system has been compromised or attacked in any way, we encourage you to let us know by completing the secure National IT Incident Reporting Form at: http://www.auscert.org.au/render.html?it=3192 =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQCVAwUBQhP5Yyh9+71yA2DNAQJLeAP/a4Nk2g4kJpNHIppKaeiofA5FKTdiMMh9 z3gvR/6ZBvEJX/yukj9DACyDq9pWHewPsIT4cErzo962sqObmNzDox55ZPvS5idp FlHe4iCU4i5wgsZM81CaoWmMc7mY8pFwG/SRpsILPHx3hKrmuPRgoR5SOQSgm5LR A1m7xD9c86I= =iOmN -----END PGP SIGNATURE-----