Red Hat 9041 Published by

Red Hat has released the following security updates:

- [RHSA-2010:0653-01] Moderate: ImageMagick security update
- [RHSA-2010:0651-01] Moderate: spice-xpi security and bug fix update
- [RHSA-2010:0632-03] Moderate: qspice-client security update
- [RHSA-2010:0652-01] Moderate: ImageMagick security and bug fix update



[RHSA-2010:0653-01] Moderate: ImageMagick security update
=====================================================================
Red Hat Security Advisory

Synopsis: Moderate: ImageMagick security update
Advisory ID: RHSA-2010:0653-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2010-0653.html
Issue date: 2010-08-25
CVE Names: CVE-2009-1882
=====================================================================

1. Summary:

Updated ImageMagick packages that fix one security issue are now available
for Red Hat Enterprise Linux 4.

The Red Hat Security Response Team has rated this update as having moderate
security impact. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available from the CVE link in
the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64

3. Description:

ImageMagick is an image display and manipulation tool for the X Window
System that can read and write multiple image formats.

An integer overflow flaw, leading to a heap-based buffer overflow, was
found in the ImageMagick routine responsible for creating X11 images. An
attacker could create a specially-crafted image file that, when opened by a
victim, would cause ImageMagick to crash or, potentially, execute arbitrary
code. (CVE-2009-1882)

Users of ImageMagick are advised to upgrade to these updated packages,
which contain a backported patch to correct this issue. All running
instances of ImageMagick must be restarted for this update to take effect.

4. Solution:

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

5. Bugs fixed (http://bugzilla.redhat.com/):

503017 - CVE-2009-1882 ImageMagick, GraphicsMagick: Integer overflow in the routine creating X11 images

6. Package List:

Red Hat Enterprise Linux AS version 4:

Source:
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/ImageMagick-6.0.7.1-20.el4_8.1.src.rpm

i386:
ImageMagick-6.0.7.1-20.el4_8.1.i386.rpm
ImageMagick-c++-6.0.7.1-20.el4_8.1.i386.rpm
ImageMagick-c++-devel-6.0.7.1-20.el4_8.1.i386.rpm
ImageMagick-debuginfo-6.0.7.1-20.el4_8.1.i386.rpm
ImageMagick-devel-6.0.7.1-20.el4_8.1.i386.rpm
ImageMagick-perl-6.0.7.1-20.el4_8.1.i386.rpm

ia64:
ImageMagick-6.0.7.1-20.el4_8.1.ia64.rpm
ImageMagick-c++-6.0.7.1-20.el4_8.1.ia64.rpm
ImageMagick-c++-devel-6.0.7.1-20.el4_8.1.ia64.rpm
ImageMagick-debuginfo-6.0.7.1-20.el4_8.1.ia64.rpm
ImageMagick-devel-6.0.7.1-20.el4_8.1.ia64.rpm
ImageMagick-perl-6.0.7.1-20.el4_8.1.ia64.rpm

ppc:
ImageMagick-6.0.7.1-20.el4_8.1.ppc.rpm
ImageMagick-c++-6.0.7.1-20.el4_8.1.ppc.rpm
ImageMagick-c++-devel-6.0.7.1-20.el4_8.1.ppc.rpm
ImageMagick-debuginfo-6.0.7.1-20.el4_8.1.ppc.rpm
ImageMagick-devel-6.0.7.1-20.el4_8.1.ppc.rpm
ImageMagick-perl-6.0.7.1-20.el4_8.1.ppc.rpm

s390:
ImageMagick-6.0.7.1-20.el4_8.1.s390.rpm
ImageMagick-c++-6.0.7.1-20.el4_8.1.s390.rpm
ImageMagick-c++-devel-6.0.7.1-20.el4_8.1.s390.rpm
ImageMagick-debuginfo-6.0.7.1-20.el4_8.1.s390.rpm
ImageMagick-devel-6.0.7.1-20.el4_8.1.s390.rpm
ImageMagick-perl-6.0.7.1-20.el4_8.1.s390.rpm

s390x:
ImageMagick-6.0.7.1-20.el4_8.1.s390x.rpm
ImageMagick-c++-6.0.7.1-20.el4_8.1.s390x.rpm
ImageMagick-c++-devel-6.0.7.1-20.el4_8.1.s390x.rpm
ImageMagick-debuginfo-6.0.7.1-20.el4_8.1.s390x.rpm
ImageMagick-devel-6.0.7.1-20.el4_8.1.s390x.rpm
ImageMagick-perl-6.0.7.1-20.el4_8.1.s390x.rpm

x86_64:
ImageMagick-6.0.7.1-20.el4_8.1.x86_64.rpm
ImageMagick-c++-6.0.7.1-20.el4_8.1.x86_64.rpm
ImageMagick-c++-devel-6.0.7.1-20.el4_8.1.x86_64.rpm
ImageMagick-debuginfo-6.0.7.1-20.el4_8.1.x86_64.rpm
ImageMagick-devel-6.0.7.1-20.el4_8.1.x86_64.rpm
ImageMagick-perl-6.0.7.1-20.el4_8.1.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

Source:
ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/ImageMagick-6.0.7.1-20.el4_8.1.src.rpm

i386:
ImageMagick-6.0.7.1-20.el4_8.1.i386.rpm
ImageMagick-c++-6.0.7.1-20.el4_8.1.i386.rpm
ImageMagick-c++-devel-6.0.7.1-20.el4_8.1.i386.rpm
ImageMagick-debuginfo-6.0.7.1-20.el4_8.1.i386.rpm
ImageMagick-devel-6.0.7.1-20.el4_8.1.i386.rpm
ImageMagick-perl-6.0.7.1-20.el4_8.1.i386.rpm

x86_64:
ImageMagick-6.0.7.1-20.el4_8.1.x86_64.rpm
ImageMagick-c++-6.0.7.1-20.el4_8.1.x86_64.rpm
ImageMagick-c++-devel-6.0.7.1-20.el4_8.1.x86_64.rpm
ImageMagick-debuginfo-6.0.7.1-20.el4_8.1.x86_64.rpm
ImageMagick-devel-6.0.7.1-20.el4_8.1.x86_64.rpm
ImageMagick-perl-6.0.7.1-20.el4_8.1.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

Source:
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/ImageMagick-6.0.7.1-20.el4_8.1.src.rpm

i386:
ImageMagick-6.0.7.1-20.el4_8.1.i386.rpm
ImageMagick-c++-6.0.7.1-20.el4_8.1.i386.rpm
ImageMagick-c++-devel-6.0.7.1-20.el4_8.1.i386.rpm
ImageMagick-debuginfo-6.0.7.1-20.el4_8.1.i386.rpm
ImageMagick-devel-6.0.7.1-20.el4_8.1.i386.rpm
ImageMagick-perl-6.0.7.1-20.el4_8.1.i386.rpm

ia64:
ImageMagick-6.0.7.1-20.el4_8.1.ia64.rpm
ImageMagick-c++-6.0.7.1-20.el4_8.1.ia64.rpm
ImageMagick-c++-devel-6.0.7.1-20.el4_8.1.ia64.rpm
ImageMagick-debuginfo-6.0.7.1-20.el4_8.1.ia64.rpm
ImageMagick-devel-6.0.7.1-20.el4_8.1.ia64.rpm
ImageMagick-perl-6.0.7.1-20.el4_8.1.ia64.rpm

x86_64:
ImageMagick-6.0.7.1-20.el4_8.1.x86_64.rpm
ImageMagick-c++-6.0.7.1-20.el4_8.1.x86_64.rpm
ImageMagick-c++-devel-6.0.7.1-20.el4_8.1.x86_64.rpm
ImageMagick-debuginfo-6.0.7.1-20.el4_8.1.x86_64.rpm
ImageMagick-devel-6.0.7.1-20.el4_8.1.x86_64.rpm
ImageMagick-perl-6.0.7.1-20.el4_8.1.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

Source:
ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/ImageMagick-6.0.7.1-20.el4_8.1.src.rpm

i386:
ImageMagick-6.0.7.1-20.el4_8.1.i386.rpm
ImageMagick-c++-6.0.7.1-20.el4_8.1.i386.rpm
ImageMagick-c++-devel-6.0.7.1-20.el4_8.1.i386.rpm
ImageMagick-debuginfo-6.0.7.1-20.el4_8.1.i386.rpm
ImageMagick-devel-6.0.7.1-20.el4_8.1.i386.rpm
ImageMagick-perl-6.0.7.1-20.el4_8.1.i386.rpm

ia64:
ImageMagick-6.0.7.1-20.el4_8.1.ia64.rpm
ImageMagick-c++-6.0.7.1-20.el4_8.1.ia64.rpm
ImageMagick-c++-devel-6.0.7.1-20.el4_8.1.ia64.rpm
ImageMagick-debuginfo-6.0.7.1-20.el4_8.1.ia64.rpm
ImageMagick-devel-6.0.7.1-20.el4_8.1.ia64.rpm
ImageMagick-perl-6.0.7.1-20.el4_8.1.ia64.rpm

x86_64:
ImageMagick-6.0.7.1-20.el4_8.1.x86_64.rpm
ImageMagick-c++-6.0.7.1-20.el4_8.1.x86_64.rpm
ImageMagick-c++-devel-6.0.7.1-20.el4_8.1.x86_64.rpm
ImageMagick-debuginfo-6.0.7.1-20.el4_8.1.x86_64.rpm
ImageMagick-devel-6.0.7.1-20.el4_8.1.x86_64.rpm
ImageMagick-perl-6.0.7.1-20.el4_8.1.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

https://www.redhat.com/security/data/cve/CVE-2009-1882.html
http://www.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is . More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2010 Red Hat, Inc.
[RHSA-2010:0651-01] Moderate: spice-xpi security and bug fix update
=====================================================================
Red Hat Security Advisory

Synopsis: Moderate: spice-xpi security and bug fix update
Advisory ID: RHSA-2010:0651-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2010-0651.html
Issue date: 2010-08-25
CVE Names: CVE-2010-2792 CVE-2010-2794
=====================================================================

1. Summary:

An updated spice-xpi package that fixes two security issues and three bugs
is now available for Red Hat Enterprise Linux 5.

The Red Hat Security Response Team has rated this update as having moderate
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.

2. Relevant releases/architectures:

RHEL Optional Productivity Applications (v. 5 server) - i386, x86_64
Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64

3. Description:

The Simple Protocol for Independent Computing Environments (SPICE) is a
remote display protocol used in Red Hat Enterprise Linux for viewing
virtualized guests running on the Kernel-based Virtual Machine (KVM)
hypervisor, or on Red Hat Enterprise Virtualization Hypervisor.

The spice-xpi package provides a plug-in that allows the SPICE client to
run from within Mozilla Firefox.

A race condition was found in the way the SPICE Firefox plug-in and the
SPICE client communicated. A local attacker could use this flaw to trick
the plug-in and the SPICE client into communicating over an
attacker-controlled socket, possibly gaining access to authentication
details, or resulting in a man-in-the-middle attack on the SPICE
connection. (CVE-2010-2792)

It was found that the SPICE Firefox plug-in used a predictable name for its
log file. A local attacker could use this flaw to conduct a symbolic link
attack, allowing them to overwrite arbitrary files accessible to the user
running Firefox. (CVE-2010-2794)

This update also fixes the following bugs:

* a bug prevented users of Red Hat Enterprise Linux 5.5, with all updates
applied, from running the SPICE Firefox plug-in when using Firefox 3.6.4.
With this update, the plug-in works correctly with Firefox 3.6.4 and the
latest version in Red Hat Enterprise Linux 5.5, Firefox 3.6.7. (BZ#618244)

* unused code has been removed during source code refactoring. This also
resolves a bug in the SPICE Firefox plug-in that caused it to close random
file descriptors. (BZ#594006, BZ#619067)

Note: This update should be installed together with the RHSA-2010:0632
qspice-client update: https://rhn.redhat.com/errata/RHSA-2010-0632.html

Users of spice-xpi should upgrade to this updated package, which contains
backported patches to correct these issues. After installing the update,
Firefox must be restarted for the changes to take effect.

4. Solution:

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

5. Bugs fixed (http://bugzilla.redhat.com/):

618244 - SPICE-XPI : Spice cannot be opened from RHEL5.5 client user-portal using FireFox 3.6.4.
620350 - CVE-2010-2792 spice-xpi/qspice-client unix socket race
620356 - CVE-2010-2794 spice-xpi symlink attack

6. Package List:

Red Hat Enterprise Linux Desktop (v. 5 client):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/spice-xpi-2.2-2.3.el5_5.src.rpm

i386:
spice-xpi-2.2-2.3.el5_5.i386.rpm
spice-xpi-debuginfo-2.2-2.3.el5_5.i386.rpm

x86_64:
spice-xpi-2.2-2.3.el5_5.x86_64.rpm
spice-xpi-debuginfo-2.2-2.3.el5_5.x86_64.rpm

RHEL Optional Productivity Applications (v. 5 server):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/spice-xpi-2.2-2.3.el5_5.src.rpm

i386:
spice-xpi-2.2-2.3.el5_5.i386.rpm
spice-xpi-debuginfo-2.2-2.3.el5_5.i386.rpm

x86_64:
spice-xpi-2.2-2.3.el5_5.x86_64.rpm
spice-xpi-debuginfo-2.2-2.3.el5_5.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

https://www.redhat.com/security/data/cve/CVE-2010-2792.html
https://www.redhat.com/security/data/cve/CVE-2010-2794.html
http://www.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is . More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2010 Red Hat, Inc.
[RHSA-2010:0632-03] Moderate: qspice-client security update
=====================================================================
Red Hat Security Advisory

Synopsis: Moderate: qspice-client security update
Advisory ID: RHSA-2010:0632-03
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2010-0632.html
Issue date: 2010-08-25
CVE Names: CVE-2010-2792
=====================================================================

1. Summary:

An updated qspice-client package that fixes one security issue is now
available for Red Hat Enterprise Linux 5.

The Red Hat Security Response Team has rated this update as having moderate
security impact. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available from the CVE link in
the References section.

2. Relevant releases/architectures:

RHEL Optional Productivity Applications (v. 5 server) - i386, x86_64
Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64

3. Description:

The Simple Protocol for Independent Computing Environments (SPICE) is a
remote display protocol used in Red Hat Enterprise Linux for viewing
virtualized guests running on the Kernel-based Virtual Machine (KVM)
hypervisor, or on Red Hat Enterprise Virtualization Hypervisor.

The qspice-client package provides the client side of the SPICE protocol.

A race condition was found in the way the SPICE Mozilla Firefox plug-in and
the SPICE client communicated. A local attacker could use this flaw to
trick the plug-in and the SPICE client into communicating over an
attacker-controlled socket, possibly gaining access to authentication
details, or resulting in a man-in-the-middle attack on the SPICE
connection. (CVE-2010-2792)

Users of qspice-client should upgrade to this updated package, which
contains a backported patch to correct this issue.

4. Solution:

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

5. Bugs fixed (http://bugzilla.redhat.com/):

620350 - CVE-2010-2792 spice-xpi/qspice-client unix socket race

6. Package List:

Red Hat Enterprise Linux Desktop (v. 5 client):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/qspice-client-0.3.0-4.el5_5.src.rpm

i386:
qspice-client-0.3.0-4.el5_5.i386.rpm
qspice-client-debuginfo-0.3.0-4.el5_5.i386.rpm

x86_64:
qspice-client-0.3.0-4.el5_5.x86_64.rpm
qspice-client-debuginfo-0.3.0-4.el5_5.x86_64.rpm

RHEL Optional Productivity Applications (v. 5 server):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/qspice-client-0.3.0-4.el5_5.src.rpm

i386:
qspice-client-0.3.0-4.el5_5.i386.rpm
qspice-client-debuginfo-0.3.0-4.el5_5.i386.rpm

x86_64:
qspice-client-0.3.0-4.el5_5.x86_64.rpm
qspice-client-debuginfo-0.3.0-4.el5_5.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

https://www.redhat.com/security/data/cve/CVE-2010-2792.html
http://www.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is . More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2010 Red Hat, Inc.
[RHSA-2010:0652-01] Moderate: ImageMagick security and bug fix update
=====================================================================
Red Hat Security Advisory

Synopsis: Moderate: ImageMagick security and bug fix update
Advisory ID: RHSA-2010:0652-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2010-0652.html
Issue date: 2010-08-25
CVE Names: CVE-2009-1882
=====================================================================

1. Summary:

Updated ImageMagick packages that fix one security issue and one bug are
now available for Red Hat Enterprise Linux 5.

The Red Hat Security Response Team has rated this update as having moderate
security impact. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available from the CVE link in
the References section.

2. Relevant releases/architectures:

RHEL Desktop Workstation (v. 5 client) - i386, x86_64
Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64
Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64

3. Description:

ImageMagick is an image display and manipulation tool for the X Window
System that can read and write multiple image formats.

An integer overflow flaw, leading to a heap-based buffer overflow, was
found in the ImageMagick routine responsible for creating X11 images. An
attacker could create a specially-crafted image file that, when opened by a
victim, would cause ImageMagick to crash or, potentially, execute arbitrary
code. (CVE-2009-1882)

This update also fixes the following bug:

* previously, portions of certain RGB images on the right side were not
rendered and left black when converting or displaying them. With this
update, RGB images display correctly. (BZ#625058)

Users of ImageMagick are advised to upgrade to these updated packages,
which contain backported patches to correct these issues. All running
instances of ImageMagick must be restarted for this update to take effect.

4. Solution:

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

5. Bugs fixed (http://bugzilla.redhat.com/):

503017 - CVE-2009-1882 ImageMagick, GraphicsMagick: Integer overflow in the routine creating X11 images
625058 - CRM.1902920 - Issue displaying SGI image with ImageMagick

6. Package List:

Red Hat Enterprise Linux Desktop (v. 5 client):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/ImageMagick-6.2.8.0-4.el5_5.2.src.rpm

i386:
ImageMagick-6.2.8.0-4.el5_5.2.i386.rpm
ImageMagick-c++-6.2.8.0-4.el5_5.2.i386.rpm
ImageMagick-debuginfo-6.2.8.0-4.el5_5.2.i386.rpm
ImageMagick-perl-6.2.8.0-4.el5_5.2.i386.rpm

x86_64:
ImageMagick-6.2.8.0-4.el5_5.2.i386.rpm
ImageMagick-6.2.8.0-4.el5_5.2.x86_64.rpm
ImageMagick-c++-6.2.8.0-4.el5_5.2.i386.rpm
ImageMagick-c++-6.2.8.0-4.el5_5.2.x86_64.rpm
ImageMagick-debuginfo-6.2.8.0-4.el5_5.2.i386.rpm
ImageMagick-debuginfo-6.2.8.0-4.el5_5.2.x86_64.rpm
ImageMagick-perl-6.2.8.0-4.el5_5.2.x86_64.rpm

RHEL Desktop Workstation (v. 5 client):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/ImageMagick-6.2.8.0-4.el5_5.2.src.rpm

i386:
ImageMagick-c++-devel-6.2.8.0-4.el5_5.2.i386.rpm
ImageMagick-debuginfo-6.2.8.0-4.el5_5.2.i386.rpm
ImageMagick-devel-6.2.8.0-4.el5_5.2.i386.rpm

x86_64:
ImageMagick-c++-devel-6.2.8.0-4.el5_5.2.i386.rpm
ImageMagick-c++-devel-6.2.8.0-4.el5_5.2.x86_64.rpm
ImageMagick-debuginfo-6.2.8.0-4.el5_5.2.i386.rpm
ImageMagick-debuginfo-6.2.8.0-4.el5_5.2.x86_64.rpm
ImageMagick-devel-6.2.8.0-4.el5_5.2.i386.rpm
ImageMagick-devel-6.2.8.0-4.el5_5.2.x86_64.rpm

Red Hat Enterprise Linux (v. 5 server):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/ImageMagick-6.2.8.0-4.el5_5.2.src.rpm

i386:
ImageMagick-6.2.8.0-4.el5_5.2.i386.rpm
ImageMagick-c++-6.2.8.0-4.el5_5.2.i386.rpm
ImageMagick-c++-devel-6.2.8.0-4.el5_5.2.i386.rpm
ImageMagick-debuginfo-6.2.8.0-4.el5_5.2.i386.rpm
ImageMagick-devel-6.2.8.0-4.el5_5.2.i386.rpm
ImageMagick-perl-6.2.8.0-4.el5_5.2.i386.rpm

ia64:
ImageMagick-6.2.8.0-4.el5_5.2.ia64.rpm
ImageMagick-c++-6.2.8.0-4.el5_5.2.ia64.rpm
ImageMagick-c++-devel-6.2.8.0-4.el5_5.2.ia64.rpm
ImageMagick-debuginfo-6.2.8.0-4.el5_5.2.ia64.rpm
ImageMagick-devel-6.2.8.0-4.el5_5.2.ia64.rpm
ImageMagick-perl-6.2.8.0-4.el5_5.2.ia64.rpm

ppc:
ImageMagick-6.2.8.0-4.el5_5.2.ppc.rpm
ImageMagick-6.2.8.0-4.el5_5.2.ppc64.rpm
ImageMagick-c++-6.2.8.0-4.el5_5.2.ppc.rpm
ImageMagick-c++-6.2.8.0-4.el5_5.2.ppc64.rpm
ImageMagick-c++-devel-6.2.8.0-4.el5_5.2.ppc.rpm
ImageMagick-c++-devel-6.2.8.0-4.el5_5.2.ppc64.rpm
ImageMagick-debuginfo-6.2.8.0-4.el5_5.2.ppc.rpm
ImageMagick-debuginfo-6.2.8.0-4.el5_5.2.ppc64.rpm
ImageMagick-devel-6.2.8.0-4.el5_5.2.ppc.rpm
ImageMagick-devel-6.2.8.0-4.el5_5.2.ppc64.rpm
ImageMagick-perl-6.2.8.0-4.el5_5.2.ppc.rpm

s390x:
ImageMagick-6.2.8.0-4.el5_5.2.s390.rpm
ImageMagick-6.2.8.0-4.el5_5.2.s390x.rpm
ImageMagick-c++-6.2.8.0-4.el5_5.2.s390.rpm
ImageMagick-c++-6.2.8.0-4.el5_5.2.s390x.rpm
ImageMagick-c++-devel-6.2.8.0-4.el5_5.2.s390.rpm
ImageMagick-c++-devel-6.2.8.0-4.el5_5.2.s390x.rpm
ImageMagick-debuginfo-6.2.8.0-4.el5_5.2.s390.rpm
ImageMagick-debuginfo-6.2.8.0-4.el5_5.2.s390x.rpm
ImageMagick-devel-6.2.8.0-4.el5_5.2.s390.rpm
ImageMagick-devel-6.2.8.0-4.el5_5.2.s390x.rpm
ImageMagick-perl-6.2.8.0-4.el5_5.2.s390x.rpm

x86_64:
ImageMagick-6.2.8.0-4.el5_5.2.i386.rpm
ImageMagick-6.2.8.0-4.el5_5.2.x86_64.rpm
ImageMagick-c++-6.2.8.0-4.el5_5.2.i386.rpm
ImageMagick-c++-6.2.8.0-4.el5_5.2.x86_64.rpm
ImageMagick-c++-devel-6.2.8.0-4.el5_5.2.i386.rpm
ImageMagick-c++-devel-6.2.8.0-4.el5_5.2.x86_64.rpm
ImageMagick-debuginfo-6.2.8.0-4.el5_5.2.i386.rpm
ImageMagick-debuginfo-6.2.8.0-4.el5_5.2.x86_64.rpm
ImageMagick-devel-6.2.8.0-4.el5_5.2.i386.rpm
ImageMagick-devel-6.2.8.0-4.el5_5.2.x86_64.rpm
ImageMagick-perl-6.2.8.0-4.el5_5.2.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

https://www.redhat.com/security/data/cve/CVE-2009-1882.html
http://www.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is . More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2010 Red Hat, Inc.