Fedora Core 3 Test Update: ImageMagick-6.2.0.7-2.fc3

Matthias Clasen mclasen at redhat.com
Sat Mar 19 02:51:21 UTC 2005 

---------------------------------------------------------------------
Fedora Test Update Notification
FEDORA-2005-235
2005-03-18
---------------------------------------------------------------------

Product     : Fedora Core 3
Name        : ImageMagick
Version     : 6.2.0.7
Release     : 2.fc3
Summary     : An X application for displaying and manipulating images.
Description :
ImageMagick(TM) is an image display and manipulation tool for the X
Window System. ImageMagick can read and write JPEG, TIFF, PNM, GIF,
and Photo CD image formats. It can resize, rotate, sharpen, color
reduce, or add special effects to an image, and when finished you can
either save the completed work in the original format or a different
one. ImageMagick also includes command line programs for creating
animated or transparent .gifs, creating composite images, creating
thumbnail images, and more.

ImageMagick is one of your choices if you need a program to manipulate
and dis play images. If you want to develop your own applications
which use ImageMagick code or APIs, you need to install
ImageMagick-devel as well.

---------------------------------------------------------------------
Update Information:

Andrei Nigmatulin discovered a heap based buffer overflow flaw in the
ImageMagick image handler. An attacker could create a carefully crafted
Photoshop Document (PSD) image in such a way that it would cause
ImageMagick to execute arbitrary code when processing the image. The
Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CAN-2005-0005 to this issue.

A format string bug was found in the way ImageMagick handles filenames.
An attacker could execute arbitrary code in a victims machine if they
are able to trick the victim into opening a file with a specially
crafted name. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CAN-2005-0397 to this issue.

---------------------------------------------------------------------
* Wed Mar 16 2005 <mclasen at redhat.com> - 6.2.0.7-2.fc3

- Update to 6.2.0 to fix a number of security issues:
  #145112 (CAN-2005-05), #151265 (CAN-2005-0397)
- Drop a lot of upstreamed patches

* Fri Mar 11 2005 Matthias Clasen  <mclasen at redhat.com> - 6.0.7.1-5.fc3

- Make writing tiff to stdout work.


---------------------------------------------------------------------
This update can be downloaded from:

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/testing/3/

96c355277cf7ce28ef4384a6d733ecab
SRPMS/ImageMagick-6.2.0.7-2.fc3.src.rpm
eba67c16f7c6c54feddd81e7197f41af
x86_64/ImageMagick-6.2.0.7-2.fc3.x86_64.rpm
065c95127afc38fa97e90157e6797183
x86_64/ImageMagick-devel-6.2.0.7-2.fc3.x86_64.rpm
8a476c7d7b50afa314c41e0b80a434c9
x86_64/ImageMagick-perl-6.2.0.7-2.fc3.x86_64.rpm
44e604b3be8523753821a2ae4cf1a432  x86_64/ImageMagick-c
++-6.2.0.7-2.fc3.x86_64.rpm
2b1b408f42aef092c6156395d8935ef6  x86_64/ImageMagick-c
++-devel-6.2.0.7-2.fc3.x86_64.rpm
2ead9fd925b4069dfb4d7793bfb613d9
x86_64/debug/ImageMagick-debuginfo-6.2.0.7-2.fc3.x86_64.rpm
8a9a464218ed28d7d6245c10c3b24e52
x86_64/ImageMagick-6.2.0.7-2.fc3.i386.rpm
8f30983373060a78e8f35ea972b4f0fd  x86_64/ImageMagick-c
++-6.2.0.7-2.fc3.i386.rpm
8a9a464218ed28d7d6245c10c3b24e52
i386/ImageMagick-6.2.0.7-2.fc3.i386.rpm
302a65ffb25b36ff7e83edbf763976a9
i386/ImageMagick-devel-6.2.0.7-2.fc3.i386.rpm
70fddae83d164f2244c294435b50dc6a
i386/ImageMagick-perl-6.2.0.7-2.fc3.i386.rpm
8f30983373060a78e8f35ea972b4f0fd  i386/ImageMagick-c
++-6.2.0.7-2.fc3.i386.rpm
cafc12bda5b8d2e773496a307ced844b  i386/ImageMagick-c
++-devel-6.2.0.7-2.fc3.i386.rpm
06399797a7674e964c3645834e35c848
i386/debug/ImageMagick-debuginfo-6.2.0.7-2.fc3.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.  You may
need to edit your up2date channels configuration.  Within
/etc/sysconfig/rhn/sources enable the following line:
yum updates-testing
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/testing/3/$ARCH
---------------------------------------------------------------------

More information about the fedora-test-list mailing list