From:
[email protected]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- ------------------------------------------------------------------------ Debian Security Advisory DSA-1903
[email protected] http://www.debian.org/security/ Giuseppe Iuculano October 07, 2009
http://www.debian.org/security/faq
- ------------------------------------------------------------------------
Package : graphicsmagick
Vulnerability : several vulnerabilities
Problem type : local (remote)
Debian-specific: no
CVE IDs : CVE-2007-1667 CVE-2007-1797 CVE-2007-4985 CVE-2007-4986
CVE-2007-4988 CVE-2008-1096 CVE-2008-3134 CVE-2008-6070
CVE-2008-6071 CVE-2008-6072 CVE-2008-6621 CVE-2009-1882
Debian Bugs : 414370 417862 444266 491439 530946
Several vulnerabilities have been discovered in graphicsmagick, a
collection of image processing tool, which can lead to the execution
of arbitrary code, exposure of sensitive information or cause DoS.
The Common Vulnerabilities and Exposures project identifies the
following problems:
CVE-2007-1667
Multiple integer overflows in XInitImage function in xwd.c for
GraphicsMagick, allow user-assisted remote attackers to cause a
denial of service (crash) or obtain sensitive information via
crafted images with large or negative values that trigger a
buffer overflow. It only affects the oldstable distribution (etch).
CVE-2007-1797
Multiple integer overflows allow remote attackers to execute arbitrary
code via a crafted DCM image, or the colors or comments field in a
crafted XWD image. It only affects the oldstable distribution (etch).
CVE-2007-4985
A crafted image file can trigger an infinite loop in the ReadDCMImage
function or in the ReadXCFImage function. It only affects the oldstable
distribution (etch).
CVE-2007-4986
Multiple integer overflows allow context-dependent attackers to execute
arbitrary code via a crafted .dcm, .dib, .xbm, .xcf, or .xwd image file,
which triggers a heap-based buffer overflow. It only affects the
oldstable distribution (etch).
CVE-2007-4988
A sign extension error allows context-dependent attackers to execute
arbitrary code via a crafted width value in an image file, which
triggers an integer overflow and a heap-based buffer overflow. It
affects only the oldstable distribution (etch).
CVE-2008-1096
The load_tile function in the XCF coder allows user-assisted remote
attackers to cause a denial of service or possibly execute arbitrary
code via a crafted .xcf file that triggers an out-of-bounds heap write.
It affects only oldstable (etch).
CVE-2008-3134
Multiple vulnerabilities in GraphicsMagick before 1.2.4 allow remote
attackers to cause a denial of service (crash, infinite loop, or
memory consumption) via vectors in the AVI, AVS, DCM, EPT, FITS,
MTV, PALM, RLA, and TGA decoder readers; and the
GetImageCharacteristics function in magick/image.c, as reachable
from a crafted PNG, JPEG, BMP, or TIFF file.
CVE-2008-6070
Multiple heap-based buffer underflows in the ReadPALMImage function in
coders/palm.c in GraphicsMagick before 1.2.3 allow remote attackers
to ca use a denial of service (crash) or possibly execute arbitrary
code via a crafted PALM image.
CVE-2008-6071
Heap-based buffer overflow in the DecodeImage function in
coders/pict.c in GraphicsMagick before 1.1.14, and 1.2.x before
1.2.3, allows remote attackers to cause a denial of service (crash)
or possibly execute arbitrary code via a crafted PICT image.
CVE-2008-6072
Multiple vulnerabilities in GraphicsMagick allow remote attackers to
cause a denial of service (crash) via vectors in XCF and CINEON images.
CVE-2008-6621
Vulnerability in GraphicsMagick allows remote attackers to cause a denial
of service (crash) via vectors in DPX images.
CVE-2009-1882
Integer overflow allows remote attackers to cause a denial of service
(crash) and possibly execute arbitrary code via a crafted TIFF file,
which triggers a buffer overflow.
For the oldstable distribution (etch), these problems have been fixed in version 1.1.7-13+etch1.
For the stable distribution (lenny), these problems have been fixed in
version 1.1.11-3.2+lenny1.
For the upcoming stable distribution (squeeze) and the unstable
distribution ion (sid), these problems have been fixed in version
1.3.5-5.1.
We recommend that you upgrade your graphicsmagick packages.
Upgrade instructions
- --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 4.0 alias etch
- -------------------------------
Oldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/g/graphicsmagick/graphicsmagick_1.1.7-13+etch1.diff.gz
Size/MD5 checksum: 60962 43b19aeb820ec1f54351004a31f4b5ea
http://security.debian.org/pool/updates/main/g/graphicsmagick/graphicsmagick_1.1.7.orig.tar.gz
Size/MD5 checksum: 5926667 9dec2209500b44c617a789b4072ed724
http://security.debian.org/pool/updates/main/g/graphicsmagick/graphicsmagick_1.1.7-13+etch1.dsc
Size/MD5 checksum: 1113 62a7a1a734a73d5b8e469c893bd613ce
Architecture independent packages:
http://security.debian.org/pool/updates/main/g/graphicsmagick/graphicsmagick-libmagick-dev-compat_1.1.7-13+etch1_all.deb
Size/MD5 checksum: 14598 57fab68d7fa464bd4cc0549ef133b383
http://security.debian.org/pool/updates/main/g/graphicsmagick/graphicsmagick-imagemagick-compat_1.1.7-13+etch1_all.deb
Size/MD5 checksum: 11076 3040d645f62708c6466a39499374d3d2
alpha architecture (DEC Alpha)
[continued in next message]
--- SoupGate-Win32 v1.05
* Origin: you cannot sedate... all the things you hate (1:229/2)