-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2012:078 http://www.mandriva.com/security/ _______________________________________________________________________ Package : imagemagick Date : May 17, 2012 Affected: 2011. _______________________________________________________________________ Problem Description: Multiple vulnerabilities has been found and corrected in imagemagick: A flaw was found in the way ImageMagick processed images with malformed Exchangeable image file format (Exif) metadata. An attacker could create a specially-crafted image file that, when opened by a victim, would cause ImageMagick to crash or, potentially, execute arbitrary code (CVE-2012-0247). A denial of service flaw was found in the way ImageMagick processed images with malformed Exif metadata. An attacker could create a specially-crafted image file that, when opened by a victim, could cause ImageMagick to enter an infinite loop (CVE-2012-0248). The original fix for CVE-2012-0247 failed to check for the possibility of an integer overflow when computing the sum of number_bytes and offset. This resulted in a wrap around into a value smaller than length, making original CVE-2012-0247 introduced length check still to be possible to bypass, leading to memory corruption (CVE-2012-1185). An integer overflow flaw was found in the way ImageMagick processed certain Exif tags with a large components count. An attacker could create a specially-crafted image file that, when opened by a victim, could cause ImageMagick to access invalid memory and crash (CVE-2012-0259). A denial of service flaw was found in the way ImageMagick decoded certain JPEG images. A remote attacker could provide a JPEG image with specially-crafted sequences of RST0 up to RST7 restart markers (used to indicate the input stream to be corrupted), which once processed by ImageMagick, would cause it to consume excessive amounts of memory and CPU time (CVE-2012-0260). An out-of-bounds buffer read flaw was found in the way ImageMagick processed certain TIFF image files. A remote attacker could provide a TIFF image with a specially-crafted Exif IFD value (the set of tags for recording Exif-specific attribute information), which once opened by ImageMagick, would cause it to crash (CVE-2012-1798). The updated packages have been patched to correct these issues. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0247 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0248 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1185 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0259 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0260 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1798 _______________________________________________________________________ Updated Packages: Mandriva Linux 2011: da7361c0c17202ca091edb5b8072712b 2011/i586/imagemagick-6.7.0.9-1.1-mdv2011.0.i586.rpm 0f4df0478f20a7a9827138ea1cf65a0f 2011/i586/imagemagick-desktop-6.7.0.9-1.1-mdv2011.0.i586.rpm 538e0ca239e8867aa220449c9a62c56e 2011/i586/imagemagick-doc-6.7.0.9-1.1-mdv2011.0.i586.rpm c9cfd07876b53066060a79a8f75daa2e 2011/i586/libmagick4-6.7.0.9-1.1-mdv2011.0.i586.rpm d4014e6a7db2cdf424b1dc76cea26aa2 2011/i586/libmagick-devel-6.7.0.9-1.1-mdv2011.0.i586.rpm ab16832bd74eef833f896b621ee92085 2011/i586/perl-Image-Magick-6.7.0.9-1.1-mdv2011.0.i586.rpm 202110f4349f2c1bab72a427e436b674 2011/SRPMS/imagemagick-6.7.0.9-1.1.src.rpm Mandriva Linux 2011/X86_64: 51f47020de331237e7dcb27900e69412 2011/x86_64/imagemagick-6.7.0.9-1.1-mdv2011.0.x86_64.rpm bf2f680d4c889ad223f8bd96e046cb18 2011/x86_64/imagemagick-desktop-6.7.0.9-1.1-mdv2011.0.x86_64.rpm 8656a86ae2a83d19b3c775606a7b746a 2011/x86_64/imagemagick-doc-6.7.0.9-1.1-mdv2011.0.x86_64.rpm 0332b2715f20d5afcd46739f48626e1f 2011/x86_64/lib64magick4-6.7.0.9-1.1-mdv2011.0.x86_64.rpm 848ae4df649fd005c70d425ea6e24ad4 2011/x86_64/lib64magick-devel-6.7.0.9-1.1-mdv2011.0.x86_64.rpm f18b862dc68b90a01b5c11410ab642f7 2011/x86_64/perl-Image-Magick-6.7.0.9-1.1-mdv2011.0.x86_64.rpm 202110f4349f2c1bab72a427e436b674 2011/SRPMS/imagemagick-6.7.0.9-1.1.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iD8DBQFPtNWgmqjQ0CJFipgRAjsgAJ9DBMcjCq1YycnMDNk1tEsDaHn1xQCfUqIL oCy+PtqzEuM3Y6wiGKA6iso= =14X6 -----END PGP SIGNATURE-----