imagemagick 6:6.0.6.2-2.1ubuntu1.2 source package in Ubuntu
Changelog
imagemagick (6:6.0.6.2-2.1ubuntu1.2) hoary-security; urgency=low * SECURITY UPDATE: Arbitrary code execution with malicious file names. * Patch backported from Debian Sid upload (thanks to Daniel Kobras). * magick/{animate.c,blob.c,display.c,image.c,log.c,montage.c,string.c, string_.h}: Implement new utility function FormatMagickStringNumeric() to securely expand a user-supplied format string with a single numeric argument. Adjust code to use this function where appropriate. (CVE-2006-0082) Closes: #345876 * coders/pdf.c,coders/ps.c,magick/delegate.c,magick/delegate.h, magick/methods.h: Do not call external delegates with user-supplied filename, but with securely named symlinks only to prevent shell command injection (CVE-2005-4601). Closes: #345238 * magick/display.c: In DisplayImageCommand(), expand command line before allocating ressources based on argc. Patch and analysis thanks to Eero Häkkinen. Closes: #345595 * Add missing CVE to previous changelog. -- Martin Pitt <email address hidden> Tue, 24 Jan 2006 14:04:21 +0000
Upload details
- Uploaded by:
- Ubuntu Archive Auto-Sync
- Uploaded to:
- Hoary
- Original maintainer:
- Ryuichi Arafune
- Architectures:
- any
- Section:
- graphics
- Urgency:
- Low Urgency
See full publishing history Publishing
Series | Published | Component | Section |
---|
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
imagemagick_6.0.6.2-2.1ubuntu1.2.dsc | 899 bytes | 871c4bcee38bafcda0e54aff1cb8fc8438af9b06f23bf5c3e5738ac0dccdc3ac |
imagemagick_6.0.6.2.orig.tar.gz | 6.5 MiB | 0d4623b00693458031ad6d5417a6a774c038cba4567db397d485bfd1298da755 |
imagemagick_6.0.6.2-2.1ubuntu1.2.diff.gz | 139.1 KiB | 9e45555937e12ffc63e36650b8ad02679cec1d3eab46fd4c9315de1c86a5cb78 |
No changes file available.
Binary packages built by this source
- imagemagick: No summary available for imagemagick in ubuntu hoary.
No description available for imagemagick in ubuntu hoary.
- libmagick++6: No summary available for libmagick++6 in ubuntu hoary.
No description available for libmagick++6 in ubuntu hoary.
- libmagick++6-dev: No summary available for libmagick++6-dev in ubuntu hoary.
No description available for libmagick++6-dev in ubuntu hoary.
- libmagick6: No summary available for libmagick6 in ubuntu hoary.
No description available for libmagick6 in ubuntu hoary.
- libmagick6-dev: No summary available for libmagick6-dev in ubuntu hoary.
No description available for libmagick6-dev in ubuntu hoary.
- perlmagick: No summary available for perlmagick in ubuntu hoary.
No description available for perlmagick in ubuntu hoary.