Ubuntu
imagemagick package

imagemagick 6:6.0.6.2-2.1ubuntu1.2 source package in Ubuntu

Changelog

imagemagick (6:6.0.6.2-2.1ubuntu1.2) hoary-security; urgency=low


  * SECURITY UPDATE: Arbitrary code execution with malicious file names.
  * Patch backported from Debian Sid upload (thanks to Daniel Kobras).
  * magick/{animate.c,blob.c,display.c,image.c,log.c,montage.c,string.c,
    string_.h}: Implement new utility function FormatMagickStringNumeric()
    to securely expand a user-supplied format string with a single numeric
    argument. Adjust code to use this function where appropriate.
    (CVE-2006-0082) Closes: #345876
  * coders/pdf.c,coders/ps.c,magick/delegate.c,magick/delegate.h,
    magick/methods.h: Do not call external delegates with user-supplied
    filename, but with securely named symlinks only to prevent shell command
    injection (CVE-2005-4601). Closes: #345238
  * magick/display.c: In DisplayImageCommand(), expand command line before
    allocating ressources based on argc. Patch and analysis thanks to
    Eero Häkkinen. Closes: #345595
  * Add missing CVE to previous changelog.

 -- Martin Pitt <email address hidden>  Tue, 24 Jan 2006 14:04:21 +0000

Upload details

Uploaded by:
Ubuntu Archive Auto-Sync
Uploaded to:
Hoary
Original maintainer:
Ryuichi Arafune
Architectures:
any
Section:
graphics
Urgency:
Low Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
imagemagick_6.0.6.2-2.1ubuntu1.2.dsc 899 bytes 871c4bcee38bafcda0e54aff1cb8fc8438af9b06f23bf5c3e5738ac0dccdc3ac
imagemagick_6.0.6.2.orig.tar.gz 6.5 MiB 0d4623b00693458031ad6d5417a6a774c038cba4567db397d485bfd1298da755
imagemagick_6.0.6.2-2.1ubuntu1.2.diff.gz 139.1 KiB 9e45555937e12ffc63e36650b8ad02679cec1d3eab46fd4c9315de1c86a5cb78

No changes file available.

Binary packages built by this source

imagemagick: No summary available for imagemagick in ubuntu hoary.

No description available for imagemagick in ubuntu hoary.

libmagick++6: No summary available for libmagick++6 in ubuntu hoary.

No description available for libmagick++6 in ubuntu hoary.

libmagick++6-dev: No summary available for libmagick++6-dev in ubuntu hoary.

No description available for libmagick++6-dev in ubuntu hoary.

libmagick6: No summary available for libmagick6 in ubuntu hoary.

No description available for libmagick6 in ubuntu hoary.

libmagick6-dev: No summary available for libmagick6-dev in ubuntu hoary.

No description available for libmagick6-dev in ubuntu hoary.

perlmagick: No summary available for perlmagick in ubuntu hoary.

No description available for perlmagick in ubuntu hoary.