imagemagick 5:6.0.2.5-1ubuntu1.6 source package in Ubuntu
Changelog
imagemagick (5:6.0.2.5-1ubuntu1.6) warty-security; urgency=low * SECURITY UPDATE: Arbitrary code execution with malicious file names. * Patch backported from Debian Sid upload (thanks to Daniel Kobras). * magick/{animate.c,blob.c,display.c,image.c,log.c,montage.c,string.c, string_.h}: Implement new utility function FormatMagickStringNumeric() to securely expand a user-supplied format string with a single numeric argument. Adjust code to use this function where appropriate. (CVE-2006-0082) Closes: #345876 * coders/pdf.c,coders/ps.c,magick/delegate.c,magick/delegate.h, magick/methods.h: Do not call external delegates with user-supplied filename, but with securely named symlinks only to prevent shell command injection (CVE-2005-4601). Closes: #345238 * magick/display.c: In DisplayImageCommand(), expand command line before allocating ressources based on argc. Patch and analysis thanks to Eero Häkkinen. Closes: #345595 * Add missing CVE to previous changelog. -- Martin Pitt <email address hidden> Tue, 24 Jan 2006 14:10:29 +0000
Upload details
- Uploaded by:
- Ubuntu Archive Auto-Sync
- Uploaded to:
- Warty
- Original maintainer:
- Ryuichi Arafune
- Architectures:
- any
- Section:
- graphics
- Urgency:
- Low Urgency
See full publishing history Publishing
Series | Published | Component | Section |
---|
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
imagemagick_6.0.2.5-1ubuntu1.6.dsc | 874 bytes | 9d30c8598d3237912d5cea411f12aa2d439d122a98d3e4183d95984e9a6cce12 |
imagemagick_6.0.2.5.orig.tar.gz | 6.4 MiB | a75b95e76001f8daee11b675b3f76645983c48e4f91db6e2abd7599a2d4a3ba8 |
imagemagick_6.0.2.5-1ubuntu1.6.diff.gz | 131.5 KiB | 6abfd6255d6525a79e041f22257bb38511632f072a0bc011eb9f8dfe2cc61ee6 |
No changes file available.
Binary packages built by this source
- imagemagick: No summary available for imagemagick in ubuntu warty.
No description available for imagemagick in ubuntu warty.
- libmagick++6: No summary available for libmagick++6 in ubuntu warty.
No description available for libmagick++6 in ubuntu warty.
- libmagick++6-dev: No summary available for libmagick++6-dev in ubuntu warty.
No description available for libmagick++6-dev in ubuntu warty.
- libmagick6: No summary available for libmagick6 in ubuntu warty.
No description available for libmagick6 in ubuntu warty.
- libmagick6-dev: No summary available for libmagick6-dev in ubuntu warty.
No description available for libmagick6-dev in ubuntu warty.
- perlmagick: No summary available for perlmagick in ubuntu warty.
No description available for perlmagick in ubuntu warty.