[RedHat] Schwachstellen in ImageMagick in RedHat Enterprise Linux 2.1 - RHSA-2004:494-01

win-sec-ssc at dfn-cert.de win-sec-ssc at dfn-cert.de
Thu Oct 21 13:15:38 CEST 2004


-----BEGIN PGP SIGNED MESSAGE-----

Liebe Kolleginnen und Kollegen,

soeben erreichte uns nachfolgendes RedHat Security Advisory. Wir geben
diese Informationen unveraendert an Sie weiter.

Das Programm ImageMagick erlaubt das Darstellen und Bearbeiten von
Bildern in verschiedenen Grafik-Formaten.

CAN-2003-0455 - Unsichere Erzeugung temporaerer Dateien durch ImageMagick

   Die Grafikbibliothek des Programms ImageMagick erzeugt temporaere
   Dateien auf unsichere Weise und ermoeglicht so einem lokalen
   Angreifer, Dateien des Benutzer zu loeschen bzw. zu ueberschreiben.
   Betroffen sind alle Programme, welche die Grafikbibliothek verwenden.

CAN-2004-0827 - Heap Overflow in ImageMagick

   Durch einen Fehler in den Routinen zur Behandlung von BMP-Bildern in
   der Grafikbibliothek des Programms ImageMagick kann ein Angreifer u.U.
   beliebigen Code mit den Rechten des Benutzers ausfuehren. Der
   Angreifer muss dazu ein entsprechend manipuliertes BMP-Bild z.B. per
   Mail oder auf einer Webseite anbieten. Betroffen sind alle Programme,
   welche die Grafikbibliothek verwenden.

Betroffen ist das Paket ImageMagick auf den Plattformen:

   Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64
   Red Hat Linux Advanced Workstation 2.1 - ia64
   Red Hat Enterprise Linux ES version 2.1 - i386
   Red Hat Enterprise Linux WS version 2.1 - i386

(c) der deutschen Zusammenfassung bei DFN-CERT Services GmbH; die
Verbreitung, auch auszugsweise, ist nur unter Hinweis auf den Urheber,
DFN-CERT Services GmbH, und nur zu nicht kommerziellen Zwecken
gestattet.

Mit freundlichen Gruessen,
    Andreas Bunten, DFN-CERT

- -- 
Andreas Bunten (CSIRT), DFN-CERT Services GmbH
https://www.dfn-cert.de/, +49 40 808077-617


- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- - ---------------------------------------------------------------------
                    Red Hat Security Advisory

Synopsis:          Updated ImageMagick packages fix security vulnerabilities
Advisory ID:       RHSA-2004:494-01
Issue date:        2004-10-20
Updated on:        2004-10-20
Product:           Red Hat Enterprise Linux
CVE Names:         CAN-2003-0455 CAN-2004-0827
- - ---------------------------------------------------------------------

1. Summary:

Updated ImageMagick packages that fix various security vulnerabilities are
now available.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64
Red Hat Linux Advanced Workstation 2.1 - ia64
Red Hat Enterprise Linux ES version 2.1 - i386
Red Hat Enterprise Linux WS version 2.1 - i386

3. Problem description:

ImageMagick(TM) is an image display and manipulation tool for the X Window
System.

A heap overflow flaw was discovered in the ImageMagick image handler.
An attacker could create a carefully crafted BMP file in such a way that it
would cause ImageMagick to execute arbitrary code when processing the
image.  The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CAN-2004-0827 to this issue.

A temporary file handling bug has been found in ImageMagick's libmagick
library.  A local user could overwrite or create files as a different user
if a program was linked with the vulnerable library.  The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name
CAN-2003-0455 to this issue.

Users of ImageMagick should upgrade to these updated packages, which
contain a backported patch, and is not vulnerable to this issue.

4. Solution:

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.  Use Red Hat
Network to download and update your packages.  To launch the Red Hat
Update Agent, use the following command:

     up2date

For information on how to install packages manually, refer to the
following Web page for the System Administration or Customization
guide specific to your system:

     http://www.redhat.com/docs/manuals/enterprise/

5. Bug IDs fixed (http://bugzilla.redhat.com/ for more info):

98827 - CAN-2003-0455 ImageMagick temporary file handling vulnerability
130807 - CAN-2004-0827 heap overflow in BMP decoder

6. RPMs required:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/ImageMagick-5.3.8-5.src.rpm
22738cf864df785a841772511e92e689  ImageMagick-5.3.8-5.src.rpm

i386:
6f2d75c18a23e1dfd8436612760cea77  ImageMagick-5.3.8-5.i386.rpm
6ab5cd1e16ce974097ed70fe509b2d54  ImageMagick-c++-5.3.8-5.i386.rpm
f8ecc0f1253736bd99b48d15447f61dc  ImageMagick-c++-devel-5.3.8-5.i386.rpm
14cb59447f203c6d2141636c71ce8d58  ImageMagick-devel-5.3.8-5.i386.rpm
c504ef763f766cf4c90cb8caad764ebb  ImageMagick-perl-5.3.8-5.i386.rpm

ia64:
13a0333046d8337643de2b338aa157b9  ImageMagick-5.3.8-5.ia64.rpm
163e1753c113703c2b279ab2b6150c9f  ImageMagick-c++-5.3.8-5.ia64.rpm
4f16d62bf35adb7512da4fb1cbc93df7  ImageMagick-c++-devel-5.3.8-5.ia64.rpm
641626cf00da91e4cf321e5b5bde5ff8  ImageMagick-devel-5.3.8-5.ia64.rpm
5ae53b3226e04ca6bb3f4906faafa998  ImageMagick-perl-5.3.8-5.ia64.rpm

Red Hat Linux Advanced Workstation 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/ImageMagick-5.3.8-5.src.rpm
22738cf864df785a841772511e92e689  ImageMagick-5.3.8-5.src.rpm

ia64:
13a0333046d8337643de2b338aa157b9  ImageMagick-5.3.8-5.ia64.rpm
163e1753c113703c2b279ab2b6150c9f  ImageMagick-c++-5.3.8-5.ia64.rpm
4f16d62bf35adb7512da4fb1cbc93df7  ImageMagick-c++-devel-5.3.8-5.ia64.rpm
641626cf00da91e4cf321e5b5bde5ff8  ImageMagick-devel-5.3.8-5.ia64.rpm
5ae53b3226e04ca6bb3f4906faafa998  ImageMagick-perl-5.3.8-5.ia64.rpm

Red Hat Enterprise Linux ES version 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/ImageMagick-5.3.8-5.src.rpm
22738cf864df785a841772511e92e689  ImageMagick-5.3.8-5.src.rpm

i386:
6f2d75c18a23e1dfd8436612760cea77  ImageMagick-5.3.8-5.i386.rpm
6ab5cd1e16ce974097ed70fe509b2d54  ImageMagick-c++-5.3.8-5.i386.rpm
f8ecc0f1253736bd99b48d15447f61dc  ImageMagick-c++-devel-5.3.8-5.i386.rpm
14cb59447f203c6d2141636c71ce8d58  ImageMagick-devel-5.3.8-5.i386.rpm
c504ef763f766cf4c90cb8caad764ebb  ImageMagick-perl-5.3.8-5.i386.rpm

Red Hat Enterprise Linux WS version 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/ImageMagick-5.3.8-5.src.rpm
22738cf864df785a841772511e92e689  ImageMagick-5.3.8-5.src.rpm

i386:
6f2d75c18a23e1dfd8436612760cea77  ImageMagick-5.3.8-5.i386.rpm
6ab5cd1e16ce974097ed70fe509b2d54  ImageMagick-c++-5.3.8-5.i386.rpm
f8ecc0f1253736bd99b48d15447f61dc  ImageMagick-c++-devel-5.3.8-5.i386.rpm
14cb59447f203c6d2141636c71ce8d58  ImageMagick-devel-5.3.8-5.i386.rpm
c504ef763f766cf4c90cb8caad764ebb  ImageMagick-perl-5.3.8-5.i386.rpm

These packages are GPG signed by Red Hat for security.  Our key and 
details on how to verify the signature are available from
https://www.redhat.com/security/team/key.html#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0455
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0827

8. Contact:

The Red Hat security contact is <secalert at redhat.com>.  More contact
details at https://www.redhat.com/security/team/contact.html

Copyright 2004 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)

iD8DBQFBdr8oXlSAg2UNWIIRAgokAJ0YRjujcb1+SPurBRZwWWa5BwYS7wCfSe5H
gmGlyvxkwsiwgU6aEEoX3fk=
=bta3
- -----END PGP SIGNATURE-----

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQEVAgUBQXeZdSgU04YpslABAQFHxgf+KN/crUZmCxQffSa3S5FuWjar3L9Iak6Z
ECniNjGhzBcG6Ku2f3afieDRpRcURH3fGm/CKj1roJ5q/LrQWJL3af+p2ojeU+Pq
zekXWAOVpFtZl91kZnCSgjo0z+IPHSbnAKN2DmRz6eFfUGPgQXAi2pVvdo/WZMxf
VybK1VnGl8GGRqTkh2lXvn76Xn9dWjDqehTIKt6Hnqt0bIgeyAexkR9CszXqOiJ1
t7ypN4Bz3Fj/amWJcWFI2chng4MqU8+AyGIpZ11yBKUb3vcQgnbtBl1bd1BC0fey
j88rTTcJ2VoyECUvlbSxjf5euCeB061BwHd0M7ypncpJMh3DrCf6QQ==
=fNDc
-----END PGP SIGNATURE-----






More information about the Security-Announce mailing list