[SECURITY] Fedora Core 6 Update: ImageMagick-6.2.8.0-3.fc6.1
Norm Murray
nmurray at redhat.com
Wed Nov 22 16:24:00 UTC 2006
---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2006-1285
2006-11-22
---------------------------------------------------------------------
Product : Fedora Core 6
Name : ImageMagick
Version : 6.2.8.0
Release : 3.fc6.1
Summary : An X application for displaying and manipulating images.
Description :
ImageMagick(TM) is an image display and manipulation tool for the X
Window System. ImageMagick can read and write JPEG, TIFF, PNM, GIF,
and Photo CD image formats. It can resize, rotate, sharpen, color
reduce, or add special effects to an image, and when finished you can
either save the completed work in the original format or a different
one. ImageMagick also includes command line programs for creating
animated or transparent .gifs, creating composite images, creating
thumbnail images, and more.
ImageMagick is one of your choices if you need a program to manipulate
and dis play images. If you want to develop your own applications
which use ImageMagick code or APIs, you need to install
ImageMagick-devel as well.
---------------------------------------------------------------------
Update Information:
Security update fixing possible overflows in handling of
PALM and DCM images.
---------------------------------------------------------------------
* Wed Nov 15 2006 Norm Murray <nmurray at redhat.com> - 6.2.8.0-3.fc6.1
- fix more overflows (#210921, CVE-2006-5456)
* Wed Aug 23 2006 Matthias Clasen <mclasen at redhat.com> - 6.2.8.0-3.fc6
- fix several integer and buffer overflows (#202193, CVE-2006-3743)
- fix more integer overflows (#202771, CVE-2006-4144)
* Mon Jul 24 2006 Matthias Clasen <mclasen at redhat.com> - 6.2.8.0-2
- Add missing BRs
* Wed Jul 12 2006 Jesse Keating <jkeating at redhat.com> - 6.2.8.0-1.1
- rebuild
* Fri Jun 9 2006 Matthias Clasen <mclasen at redhat.com> - 6.2.8-1
- Update to 6.2.8
* Fri Jun 2 2006 Matthias Clasen <mclasen at redhat.com> - 6.2.5.4-7
- Fix multilib issues
* Thu May 25 2006 Matthias Clasen <mclasen at redhat.com> - 6.2.5.4-6
- Fix a heap overflow CVE-2006-2440 (#192279)
- Include required .la files
* Mon Mar 20 2006 Matthias Clasen <mclasen at redhat.com> - 6.2.5.4-5
- Don't ship .la and .a files (#185237)
* Mon Feb 13 2006 Jesse Keating <jkeating at redhat.com> - 6.2.5.4-4.2.1
- rebump for build order issues during double-long bump
* Fri Feb 10 2006 Jesse Keating <jkeating at redhat.com> - 6.2.5.4-4.2
- bump again for double-long bug on ppc(64)
* Tue Feb 7 2006 Jesse Keating <jkeating at redhat.com> - 6.2.5.4-4.1
- rebuilt for new gcc4.1 snapshot and glibc changes
* Mon Jan 30 2006 Matthias Clasen <mclasen at redhat.com> 6.2.5.4-4
- Make -devel require lcms-devel (#179200)
* Mon Jan 23 2006 Matthias Clasen <mclasen at redhat.com> 6.2.5.4-3
- Fix linking of DSOs. (#176695)
* Mon Jan 9 2006 Matthias Clasen <mclasen at redhat.com> 6.2.5.4-2
- fix a format string vulnerability (CVE-2006-0082)
* Fri Dec 9 2005 Jesse Keating <jkeating at redhat.com>
- rebuilt
* Tue Nov 1 2005 Matthias Clasen <mclasen at redhat.com> 6.2.5.4-1
- Switch requires to modular X
- Update to 6.2.5
* Tue Sep 20 2005 Matthias Clasen <mclasen at redhat.com> 6.2.4.6-1
- Update to 6.2.4-6
- Drop upstreamed patches
- Disable DPS (#158984)
- Add missing requires (#165931)
* Thu Jun 9 2005 Tim Waugh <twaugh at redhat.com> 6.2.2.0-4
- Rebuilt for fixed ghostscript.
* Mon Jun 6 2005 Tim Waugh <twaugh at redhat.com> 6.2.2.0-3
- Rebuilt for new ghostscript.
* Thu May 26 2005 <mclasen at redhat.com> - 6.2.2.0-2
- fix a denial of service in the xwd coder (#158791, CAN-2005-1739)
* Tue Apr 26 2005 Matthias Clasen <mclasen at redhat.com> - 6.2.2.0-1
- Update to 6.2.2 to fix a heap corruption issue
in the pnm coder.
* Mon Apr 25 2005 Matthias Clasen <mclasen at redhat.com> - 6.2.1.7-4
- .la files for modules are needed, actually
* Mon Apr 25 2005 Matthias Clasen <mclasen at redhat.com> - 6.2.1.7-3
- Really remove .la files for modules
* Mon Apr 25 2005 <mclasen at redhat.com> - 6.2.1.7-1
- Update to 6.2.1
- Include multiple improvements and bugfixes
by Rex Dieter et al (111961, 145466, 151196, 149970,
146518, 113951, 145449, 144977, 144570, 139298)
* Sun Apr 24 2005 <mclasen at redhat.com> - 6.2.0.7-3
- Make zip compression work for tiff (#154045)
* Wed Mar 16 2005 <mclasen at redhat.com> - 6.2.0.7-2
- Update to 6.2.0 to fix a number of security issues:
- Drop a lot of upstreamed patches
* Wed Mar 2 2005 Matthias Clasen <mclasen at redhat.com> 6.0.7.1-7
- rebuild with gcc4
- remove an extraneous vsnprintf prototype which causes
gcc4 to complain
* Mon Oct 11 2004 Tim Waugh <twaugh at redhat.com> 6.0.7.1-4
- The devel subpackage requires XFree86-devel (bug #126509).
- Fixed build requirements (bug #120776). From Robert Scheck.
* Tue Sep 14 2004 Karsten Hopp <karsten at redhat.de> 6.0.7.1-3
- move *.mgk files (#132007, #131708, #132397)
* Sun Sep 12 2004 Karsten Hopp <karsten at redhat.de> 6.0.7.1-1
- update to 6.0.7 Patchlevel 1, fixes #132106
* Sat Sep 4 2004 Bill Nottingham <notting at redhat.com> 6.0.6.2-2
- move libWand out of -devel, fix requirements (#131767)
* Wed Sep 1 2004 Karsten Hopp <karsten at redhat.de> 6.0.6.2-1
- update to latest stable version
- get rid of obsolete patches
- fix remaining patches
* Sat Jun 19 2004 Alan Cox <alan at redhat.com>
- Easyfixes (#124791) - fixed missing dependancy between -devel and
libexif-devel
* Tue Jun 15 2004 Elliot Lee <sopwith at redhat.com>
- rebuilt
* Tue Mar 23 2004 Karsten Hopp <karsten at redhat.de> 5.5.7.15-1.3
- freetype patch to fix convert (#115716)
* Tue Mar 2 2004 Elliot Lee <sopwith at redhat.com>
- rebuilt
* Fri Feb 13 2004 Elliot Lee <sopwith at redhat.com>
- rebuilt
* Sun Jan 25 2004 Nils Philippsen <nphilipp at redhat.com> 5.5.7.15-0.2
- make perl module link against the built library instead of the installed one
* Thu Jan 22 2004 Nils Philippsen <nphilipp at redhat.com> 5.5.7.15-0.1
- version 5.5.7 patchlevel 15
* Mon Oct 13 2003 Nils Philippsen <nphilipp at redhat.com> 5.5.7.10-0.1
- rebuild with release 0.1 to not block an official update package
* Wed Sep 10 2003 Nils Philippsen <nphilipp at redhat.com> 5.5.7.10-2
- hack around libtool stupidity
- disable automake patch as we require automake-1.7 anyway
* Wed Sep 10 2003 Nils Philippsen <nphilipp at redhat.com> 5.5.7.10-1
- version 5.5.7 patchlevel 10
* Wed Jun 4 2003 Elliot Lee <sopwith at redhat.com>
- rebuilt
* Thu May 29 2003 Tim Powers <timp at redhat.com> -4
- rebuild for RHEL to fix broken deps
* Thu May 15 2003 Tim Powers <timp at redhat.com> 5.5.6-3
- rebuild again to fix broken dep on libMagick.so.5
* Mon May 12 2003 Karsten Hopp <karsten at redhat.de> 5.5.6-2
- rebuild
* Fri May 9 2003 Karsten Hopp <karsten at redhat.de> 5.5.6-1
- update
- specfile fixes
- verified that the upstream version fixes the following bugreports:
* Wed Jan 22 2003 Tim Powers <timp at redhat.com>
- rebuilt
* Sat Jan 4 2003 Jeff Johnson <jbj at redhat.com> 5.4.7-9
- use internal dep generator.
* Mon Dec 16 2002 Tim Powers <timp at redhat.com> 5.4.7-8
- rebuild
* Sat Dec 14 2002 Tim Powers <timp at redhat.com> 5.4.7-7
- don't use rpms internal dep generator
* Fri Nov 22 2002 Tim Powers <timp at redhat.com>
- fix perl paths in file list
* Thu Nov 21 2002 Tim Powers <timp at redhat.com>
- lib64'ize
- don't throw stuff in /usr/X11R6, that's for X only
- remove files we aren't shipping
* Sat Aug 10 2002 Elliot Lee <sopwith at redhat.com>
- rebuilt with gcc-3.2 (we hope)
* Tue Jul 23 2002 Tim Powers <timp at redhat.com> 5.4.7-4
- build using gcc-3.2-0.1
* Wed Jul 3 2002 Karsten Hopp <karsten at redhat.de> 5.4.7-3
- fix non-cpp headers in -devel package
- fix #62157 (wrong path for include files in ImageMagick-devel)
- fix #63897 (use _target instead of _arch) in libtool workaround
- fix #65860, #65780 (tiff2ps) expands images to >10 MB Postscript files.
* Mon Jul 1 2002 Karsten Hopp <karsten at redhat.de> 5.4.7-1
- update
- fix localdoc patch
- fix %files section
- disable nonroot patch
- fix #62100,55950,62162,63136 (display doesn't start form gnome menu)
- fix libtool workaround
- moved Magick*-config into -devel package (#64249)
* Sun May 26 2002 Tim Powers <timp at redhat.com>
- automated rebuild
* Mon May 6 2002 Bernhard Rosenkraenzer <bero at redhat.com> 5.4.6-1
- 5.4.6
* Thu Mar 14 2002 Bernhard Rosenkraenzer <bero at redhat.com> 5.4.3.11-1
- Update to pl 11
* Fri Feb 22 2002 Bernhard Rosenkraenzer <bero at redhat.com> 5.4.3.5-1
- Update to 5.4.3 pl5; this fixes #58080
* Thu Jan 17 2002 Bernhard Rosenkraenzer <bero at redhat.com> 5.4.2.3-1
- Patchlevel 3
* Wed Jan 9 2002 Tim Powers <timp at redhat.com>
- automated rebuild
* Fri Jan 4 2002 Bernhard Rosenkraenzer <bero at redhat.com> 5.4.2.2-1
- Update to 5.4.2-2
- Fix #57923, also don't hardcode netscape as html viewer
* Wed Dec 5 2001 Bernhard Rosenkraenzer <bero at redhat.com> 5.4.1-1
- 5.4.1
- Link against new libstdc++
* Fri Nov 9 2001 Bernhard Rosenkraenzer <bero at redhat.com> 5.4.0.5-1
- 5.4.0.5
- Make the error message when trying to display an hpgl file more
explicit (#55875)
* Mon Nov 5 2001 Bernhard Rosenkraenzer <bero at redhat.com> 5.4.0.3-1
- 5.4.0.3
- Fix names of man pages
* Mon Oct 22 2001 Bernhard Rosenkraenzer <bero at redhat.com> 5.4.0-1
- 5.4.0
- work around build system breakage causing applications to be named
ppc-redhat-linux-foo rather than foo
* Wed Sep 19 2001 Bernhard Rosenkraenzer <bero at redhat.com> 5.3.9-1
- 5.3.9
* Mon Aug 27 2001 Bernhard Rosenkraenzer <bero at redhat.com> 5.3.8-3
- Add delegates.mgk back, got lost during the update to 5.3.8 (Makefile bug)
(#52611)
* Mon Aug 20 2001 Bernhard Rosenkraenzer <bero at redhat.com> 5.3.8-2
- Remove Magick++ includes from -devel, they're already in -c++-devel
(#51590)
* Sat Jul 28 2001 Bernhard Rosenkraenzer <bero at redhat.com> 5.3.8-1
- 5.3.8 (bugfix release)
* Fri Jul 27 2001 Than Ngo <than at redhat.com> 5.3.7-3
- fix to build Perlmagic on s390 s390x
* Thu Jul 26 2001 Bernhard Rosenkraenzer <bero at redhat.com> 5.3.7-2
- Add delegates.mgk to the package (#50725)
* Tue Jul 24 2001 Bernhard Rosenkraenzer <bero at redhat.com> 5.3.7-1
- 5.3.7
- Fix build without previously installed ImageMagick-devel (#49816)
- Move perl bindings to a separate package.
* Mon Jul 9 2001 Bernhard Rosenkraenzer <bero at redhat.com> 5.3.6-2
- Fix build as non-root again
- Shut up rpmlint
* Tue Jul 3 2001 Bernhard Rosenkraenzer <bero at redhat.com> 5.3.6-1
- 5.3.6
- Get rid of the ia64 patch, it's no longer needed since glibc was fixed
* Sat Jun 16 2001 Than Ngo <than at redhat.com>
- update to 5.3.5
- cleanup specfile
* Sat May 19 2001 Bernhard Rosenkraenzer <bero at redhat.com> 5.3.3-2
- 5.3.3-respin, fixes #41196
* Tue May 1 2001 Bernhard Rosenkraenzer <bero at redhat.com> 5.3.3-1
- 5.3.3
- Add a desktop file for "display" (RFE#17417)
* Sun Apr 15 2001 Bernhard Rosenkraenzer <bero at redhat.com>
- 5.3.2
- work around bugs in ia64 glibc headers
* Mon Jan 8 2001 Florian La Roche <Florian.LaRoche at redhat.de>
- remove patch for s390, it is not necessary
* Mon Jan 1 2001 Bernhard Rosenkraenzer <bero at redhat.com>
- 5.2.7
* Wed Dec 27 2000 Bernhard Rosenkraenzer <bero at redhat.com>
- 5.2.6
* Mon Dec 18 2000 Than Ngo <than at redhat.com>
- ported to s390
* Mon Sep 25 2000 Bernhard Rosenkraenzer <bero at redhat.com>
- 5.2.4
- Fix up and package the C++ bindings in the new c++/c++-devel packages.
* Wed Aug 2 2000 Matt Wilson <msw at redhat.com>
- rebuild against new libpng
* Wed Jul 19 2000 Nalin Dahyabhai <nalin at redhat.com>
- include images with docs (#10312)
* Thu Jul 13 2000 Matt Wilson <msw at redhat.com>
- don't build with -ggdb, use -g instead.
* Wed Jul 12 2000 Prospector <bugzilla at redhat.com>
- automatic rebuild
* Mon Jul 3 2000 Florian La Roche <laroche at redhat.com>
- update to 5.2.2 beta
* Mon Jul 3 2000 Florian La Roche <laroche at redhat.com>
- update to 5.2.1, redone patches as they failed
* Fri Jun 30 2000 Matt Wilson <msw at redhat.com>
- remove hacks to move perl man pages
- don't include the perl*/man stuff, these files go in /usr/share/man now.
* Thu Jun 15 2000 Nalin Dahyabhai <nalin at redhat.com>
- disable optimization on Alpha and Sparc
* Wed Jun 14 2000 Nalin Dahyabhai <nalin at redhat.com>
- update to 5.2.0
- update URL
- remove redundant CXXFLAGS=$RPM_OPT_FLAGS
* Thu Jun 1 2000 Matt Wilson <msw at redhat.com>
- bootstrap rebuilt to nuke broken libbz2 deps
- add Prefix: tag such that the FHS macros work properly
* Wed May 17 2000 Trond Eivind Glomsrød <teg at redhat.com>
- now compiles with bzip2 1.0
- changed buildroot to include version
* Fri May 5 2000 Bill Nottingham <notting at redhat.com>
- fix compilation with new perl
* Sat Mar 18 2000 Bernhard Rosenkraenzer <bero at redhat.com>
- 5.1.1
* Thu Feb 3 2000 Bernhard Rosenkraenzer <bero at redhat.com>
- Rebuild to get compressed man pages
* Thu Nov 18 1999 Michael K. Johnson <johnsonm at redhat.com>
- ugly hack to print with lpr instead of lp
* Mon Aug 30 1999 Bill Nottingham <notting at redhat.com>
- update to 4.2.9
* Tue Aug 17 1999 Bill Nottingham <notting at redhat.com>
- update to 4.2.8
* Fri Apr 9 1999 Cristian Gafton <gafton at redhat.com>
- include the perl man pages as well
* Tue Apr 6 1999 Michael K. Johnson <johnsonm at redhat.com>
- remove --enable-16bit because it damages interoperability
* Mon Apr 5 1999 Bill Nottingham <notting at redhat.com>
- update to 4.2.2
- change ChangeLog to refer to actual dates.
- strip binaries
* Thu Apr 1 1999 Bill Nottingham <notting at redhat.com>
- add more files. Oops.
* Sun Mar 21 1999 Cristian Gafton <gafton at redhat.com>
- auto rebuild in the new build environment (release 2)
* Wed Mar 10 1999 Bill Nottingham <notting at redhat.com>
- version 4.2.1
* Tue Jan 19 1999 Michael K. Johnson <johnsonm at redhat.com>
- changed group
* Tue Jan 19 1999 Cristian Gafton <gafton at redhat.com>
- hacks to make it work with the new perl
- version 4.1.0 (actually installs the sonames as 4.0.10... doh!)
- make sure the libraries have the x bit on
* Wed Jun 10 1998 Prospector System <bugs at redhat.com>
- translations modified for de, fr
* Thu May 7 1998 Prospector System <bugs at redhat.com>
- translations modified for de, fr, tr
* Tue Apr 21 1998 Cristian Gafton <gafton at redhat.com>
- updated to 4.0.5
* Wed Apr 8 1998 Cristian Gafton <gafton at redhat.com>
- updated to 4.0.4
- added BuildRoot
* Thu Oct 23 1997 Donnie Barnes <djb at redhat.com>
- updated from 3.8.3 to 3.9.1
- removed PNG patch (appears to be fixed)
* Wed Oct 15 1997 Erik Troan <ewt at redhat.com>
- build against new libpng
* Thu Jul 10 1997 Erik Troan <ewt at redhat.com>
- built against glibc
* Thu Mar 20 1997 Michael Fulbright <msf at redhat.com>
- updated to version 3.8.3.
- updated source and url tags.
---------------------------------------------------------------------
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/
bd778974f50b7bd90eb0e0f5719dc7ab2dc31e30 SRPMS/ImageMagick-6.2.8.0-3.fc6.1.src.rpm
bd778974f50b7bd90eb0e0f5719dc7ab2dc31e30 noarch/ImageMagick-6.2.8.0-3.fc6.1.src.rpm
101eb23d4641351d9f6337ecf1acfa8ab0161306 ppc/debug/ImageMagick-debuginfo-6.2.8.0-3.fc6.1.ppc.rpm
e78f62889cd2b5968e7c129c3b1e5b2c94851a80 ppc/ImageMagick-c++-devel-6.2.8.0-3.fc6.1.ppc.rpm
bbf7de1a2d8a55b104f867f14d4206d57a60c713 ppc/ImageMagick-perl-6.2.8.0-3.fc6.1.ppc.rpm
6a94c1ff21f63c2f227970033c2899a66e0a30cc ppc/ImageMagick-c++-6.2.8.0-3.fc6.1.ppc.rpm
b7e415e1ca29791af7dc8c8b841fc49d6814f64a ppc/ImageMagick-devel-6.2.8.0-3.fc6.1.ppc.rpm
8233ebaeca2073931414d7dbe4a35a5f970526e2 ppc/ImageMagick-6.2.8.0-3.fc6.1.ppc.rpm
07d88dba255b6cdcf7527341be5e1a5d449bb646 x86_64/ImageMagick-c++-devel-6.2.8.0-3.fc6.1.x86_64.rpm
50ba7d52e9bb870d591a4a2d03239a92c6e79088 x86_64/ImageMagick-perl-6.2.8.0-3.fc6.1.x86_64.rpm
98fac1368c3684c7863b7b939b1efaa4af6b57ad x86_64/debug/ImageMagick-debuginfo-6.2.8.0-3.fc6.1.x86_64.rpm
1014d4dbdd08c141bf8b1ff65e313e59b9f6f7f7 x86_64/ImageMagick-devel-6.2.8.0-3.fc6.1.x86_64.rpm
f086eb7b9c5cfa13116e45cb00c38e41f7d36dab x86_64/ImageMagick-c++-6.2.8.0-3.fc6.1.x86_64.rpm
cac8707d1582b854421ceb6f098a68eba2ffd8af x86_64/ImageMagick-6.2.8.0-3.fc6.1.x86_64.rpm
b91b9b77605b2a2fb5e5a76333105049d8e4ffd9 i386/ImageMagick-6.2.8.0-3.fc6.1.i386.rpm
226933a8b544ea12c82324abe454afe3e4fb34a0 i386/ImageMagick-devel-6.2.8.0-3.fc6.1.i386.rpm
4409d0d5a6bdb9e0c8599ab0c1f56ecd94739a84 i386/ImageMagick-c++-6.2.8.0-3.fc6.1.i386.rpm
d9597f4176469dda88315e927104e8b9bf901ad9 i386/debug/ImageMagick-debuginfo-6.2.8.0-3.fc6.1.i386.rpm
3dced5a46c3c5679202a92c913067636e2a94967 i386/ImageMagick-perl-6.2.8.0-3.fc6.1.i386.rpm
25eaca9e8a0567d1526482fa5da41541966fdc18 i386/ImageMagick-c++-devel-6.2.8.0-3.fc6.1.i386.rpm
This update can be installed with the 'yum' update program. Use 'yum update
package-name' at the command line. For more information, refer to 'Managing
Software with yum,' available at http://fedora.redhat.com/docs/yum/.
---------------------------------------------------------------------
More information about the Fedora-package-announce
mailing list