Red Hat 9062 Published by

An ImageMagick security update is available for Red Hat Enterprise Linux 2.1 and 3

----------------------------------------------------------------------
Red Hat Security Advisory

Synopsis: Moderate: ImageMagick security update
Advisory ID: RHSA-2005:070-01
Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-070.html
Issue date: 2005-03-23
Updated on: 2005-03-23
Product: Red Hat Enterprise Linux
CVE Names: CAN-2005-0005 CAN-2005-0397 CAN-2005-0759 CAN-2005-0760 CAN-2005-0761 CAN-2005-0762
----------------------------------------------------------------------

1. Summary:

Updated ImageMagick packages that fix a heap based buffer overflow are now available.

This update has been rated as having moderate security impact by the Red Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64
Red Hat Linux Advanced Workstation 2.1 - ia64
Red Hat Enterprise Linux ES version 2.1 - i386
Red Hat Enterprise Linux WS version 2.1 - i386
Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Desktop version 3 - i386, x86_64
Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64



3. Problem description:

ImageMagick is an image display and manipulation tool for the X Window System.

Andrei Nigmatulin discovered a heap based buffer overflow flaw in the ImageMagick image handler. An attacker could create a carefully crafted Photoshop Document (PSD) image in such a way that it would cause ImageMagick to execute arbitrary code when processing the image. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0005 to this issue.

A format string bug was found in the way ImageMagick handles filenames. An attacker could execute arbitrary code on a victim's machine if they were able to trick the victim into opening a file with a specially crafted name. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0397 to this issue.

A bug was found in the way ImageMagick handles TIFF tags. It is possible that a TIFF image file with an invalid tag could cause ImageMagick to crash. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0759 to this issue.

A bug was found in ImageMagick's TIFF decoder. It is possible that a specially crafted TIFF image file could cause ImageMagick to crash. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0760 to this issue.

A bug was found in the way ImageMagick parses PSD files. It is possible that a specially crafted PSD file could cause ImageMagick to crash. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0761 to this issue.

A heap overflow bug was found in ImageMagick's SGI parser. It is possible that an attacker could execute arbitrary code by tricking a user into opening a specially crafted SGI image file. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0762 to this issue.

Users of ImageMagick should upgrade to these updated packages, which contain backported patches, and are not vulnerable to these issues.

4. Solution:

Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command:

up2date

For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system:

http://www.redhat.com/docs/manuals/enterprise/

5. Bug IDs fixed (http://bugzilla.redhat.com/):

145111 - CAN-2005-0005 buffer overflow in ImageMagick
150185 - CAN-2005-0397 ImageMagick format string flaw
150312 - CAN-2005-0759 Denial of Service in .tiff images with invalid TAG
150315 - CAN-2005-0760 Accessing memory outside of image during decoding of TIFF
150323 - CAN-2005-0761 Bug in parsing PSD files
150327 - CAN-2005-0762 Buffer overflow in SGI parser

6. RPMs required:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/ImageMagick-5.3.8-10.src.rpm
7ea876dd7ef145131e227b93c9477c3c ImageMagick-5.3.8-10.src.rpm

i386:
e79b17a0964f3242afe48ea977cba811 ImageMagick-5.3.8-10.i386.rpm
e613edc5a641b2826a17a014d23b561d ImageMagick-c++-5.3.8-10.i386.rpm
73699f8ab694fc27c901dd4b24c9bbd6 ImageMagick-c++-devel-5.3.8-10.i386.rpm
208653fea7be46c37dedb8f335d9bd29 ImageMagick-devel-5.3.8-10.i386.rpm
dfef04e0cc1b1e411a79e67b03b905ac ImageMagick-perl-5.3.8-10.i386.rpm

ia64:
de0ab5db6c53da4abc76ef97fd0983ec ImageMagick-5.3.8-10.ia64.rpm
dc987dc03c1aba45a59051c59db887e0 ImageMagick-c++-5.3.8-10.ia64.rpm
313eab6adc60421b639c2cf76714f55a ImageMagick-c++-devel-5.3.8-10.ia64.rpm
e964030f316ac822f1749352fa38a225 ImageMagick-devel-5.3.8-10.ia64.rpm
12124b283bc60518963483d957f71fb1 ImageMagick-perl-5.3.8-10.ia64.rpm

Red Hat Linux Advanced Workstation 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/ImageMagick-5.3.8-10.src.rpm
7ea876dd7ef145131e227b93c9477c3c ImageMagick-5.3.8-10.src.rpm

ia64:
de0ab5db6c53da4abc76ef97fd0983ec ImageMagick-5.3.8-10.ia64.rpm
dc987dc03c1aba45a59051c59db887e0 ImageMagick-c++-5.3.8-10.ia64.rpm
313eab6adc60421b639c2cf76714f55a ImageMagick-c++-devel-5.3.8-10.ia64.rpm
e964030f316ac822f1749352fa38a225 ImageMagick-devel-5.3.8-10.ia64.rpm
12124b283bc60518963483d957f71fb1 ImageMagick-perl-5.3.8-10.ia64.rpm

Red Hat Enterprise Linux ES version 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/ImageMagick-5.3.8-10.src.rpm
7ea876dd7ef145131e227b93c9477c3c ImageMagick-5.3.8-10.src.rpm

i386:
e79b17a0964f3242afe48ea977cba811 ImageMagick-5.3.8-10.i386.rpm
e613edc5a641b2826a17a014d23b561d ImageMagick-c++-5.3.8-10.i386.rpm
73699f8ab694fc27c901dd4b24c9bbd6 ImageMagick-c++-devel-5.3.8-10.i386.rpm
208653fea7be46c37dedb8f335d9bd29 ImageMagick-devel-5.3.8-10.i386.rpm
dfef04e0cc1b1e411a79e67b03b905ac ImageMagick-perl-5.3.8-10.i386.rpm

Red Hat Enterprise Linux WS version 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/ImageMagick-5.3.8-10.src.rpm
7ea876dd7ef145131e227b93c9477c3c ImageMagick-5.3.8-10.src.rpm

i386:
e79b17a0964f3242afe48ea977cba811 ImageMagick-5.3.8-10.i386.rpm
e613edc5a641b2826a17a014d23b561d ImageMagick-c++-5.3.8-10.i386.rpm
73699f8ab694fc27c901dd4b24c9bbd6 ImageMagick-c++-devel-5.3.8-10.i386.rpm
208653fea7be46c37dedb8f335d9bd29 ImageMagick-devel-5.3.8-10.i386.rpm
dfef04e0cc1b1e411a79e67b03b905ac ImageMagick-perl-5.3.8-10.i386.rpm

Red Hat Enterprise Linux AS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/ImageMagick-5.5.6-13.src.rpm
c9df74ebf9e921c9a254015e9a60da68 ImageMagick-5.5.6-13.src.rpm

i386:
e96c043b59ad808214398d62765884b3 ImageMagick-5.5.6-13.i386.rpm
ca5a5de88dbce63e4b68d0813dd0aa0b ImageMagick-c++-5.5.6-13.i386.rpm
571d4b8252cd09388e811dab7b7d420a ImageMagick-c++-devel-5.5.6-13.i386.rpm
d52da9fea241e7069834e43870d6e305 ImageMagick-devel-5.5.6-13.i386.rpm
0c410c10953a8641a2c58cdd79590318 ImageMagick-perl-5.5.6-13.i386.rpm

ia64:
57266d92716e2e72c4758df06c7078b1 ImageMagick-5.5.6-13.ia64.rpm
e96c043b59ad808214398d62765884b3 ImageMagick-5.5.6-13.i386.rpm
97caf495f60b7d27b2da35e17d91b806 ImageMagick-c++-5.5.6-13.ia64.rpm
ca5a5de88dbce63e4b68d0813dd0aa0b ImageMagick-c++-5.5.6-13.i386.rpm
439e8b7a4c60e7a8d3f21438aa400667 ImageMagick-c++-devel-5.5.6-13.ia64.rpm
50f8e9f478f5888153ddc4a5542250b0 ImageMagick-devel-5.5.6-13.ia64.rpm
99c88878747e363fcb12ba1edb15bb76 ImageMagick-perl-5.5.6-13.ia64.rpm

ppc:
f5c8817d0a4c7cfc309ffc91f88536cf ImageMagick-5.5.6-13.ppc.rpm
9d50784dc7ba6f7442d91d19d4ced50d ImageMagick-5.5.6-13.ppc64.rpm
6ec612e90b6a29e49fc9dad40632e05b ImageMagick-c++-5.5.6-13.ppc.rpm
4307b341167d18b89ec07477044da9cf ImageMagick-c++-5.5.6-13.ppc64.rpm
2a110d90ccf8fe7de4f7c21c95076d8a ImageMagick-c++-devel-5.5.6-13.ppc.rpm
b7497b642ca0781a97ada5078d8c82d3 ImageMagick-devel-5.5.6-13.ppc.rpm
f50e182783d0fe2a316e44f77813501f ImageMagick-perl-5.5.6-13.ppc.rpm

s390:
ffdc5754ae7f12c66b1f4dba743678df ImageMagick-5.5.6-13.s390.rpm
5ab787e7742193fd5ab09d70306afda1 ImageMagick-c++-5.5.6-13.s390.rpm
fa6a3166f01de5e3af7f6dffa4c61378 ImageMagick-c++-devel-5.5.6-13.s390.rpm
a4efd895558315a4b37b977c07e392c2 ImageMagick-devel-5.5.6-13.s390.rpm
8ef03012a946a11d29c8990d782f5160 ImageMagick-perl-5.5.6-13.s390.rpm

s390x:
29cb46983c1f8e6efe0663b0a2b8a6d4 ImageMagick-5.5.6-13.s390x.rpm
ffdc5754ae7f12c66b1f4dba743678df ImageMagick-5.5.6-13.s390.rpm
68fba7343df00dad18bfd44da9fd86fc ImageMagick-c++-5.5.6-13.s390x.rpm
5ab787e7742193fd5ab09d70306afda1 ImageMagick-c++-5.5.6-13.s390.rpm
b2856e4eea04fc5113213361ae38e492 ImageMagick-c++-devel-5.5.6-13.s390x.rpm
159972f15e0e249ab2ef742400f7fedd ImageMagick-devel-5.5.6-13.s390x.rpm
aabd863febeffaafb913d0513f9152c4 ImageMagick-perl-5.5.6-13.s390x.rpm

x86_64:
d4e3cfc3f690b5f0a96660eb8f15857f ImageMagick-5.5.6-13.x86_64.rpm
e96c043b59ad808214398d62765884b3 ImageMagick-5.5.6-13.i386.rpm
aabcec7ef0e8545b170a86246114bc64 ImageMagick-c++-5.5.6-13.x86_64.rpm
ca5a5de88dbce63e4b68d0813dd0aa0b ImageMagick-c++-5.5.6-13.i386.rpm
70e707a934f7c674180d144dc54750c7 ImageMagick-c++-devel-5.5.6-13.x86_64.rpm
3a17b125eb8909661f2d0790c788cf4b ImageMagick-devel-5.5.6-13.x86_64.rpm
9581f193326fb69a826aba2db00c6d98 ImageMagick-perl-5.5.6-13.x86_64.rpm

Red Hat Desktop version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/ImageMagick-5.5.6-13.src.rpm
c9df74ebf9e921c9a254015e9a60da68 ImageMagick-5.5.6-13.src.rpm

i386:
e96c043b59ad808214398d62765884b3 ImageMagick-5.5.6-13.i386.rpm
ca5a5de88dbce63e4b68d0813dd0aa0b ImageMagick-c++-5.5.6-13.i386.rpm
571d4b8252cd09388e811dab7b7d420a ImageMagick-c++-devel-5.5.6-13.i386.rpm
d52da9fea241e7069834e43870d6e305 ImageMagick-devel-5.5.6-13.i386.rpm
0c410c10953a8641a2c58cdd79590318 ImageMagick-perl-5.5.6-13.i386.rpm

x86_64:
d4e3cfc3f690b5f0a96660eb8f15857f ImageMagick-5.5.6-13.x86_64.rpm
e96c043b59ad808214398d62765884b3 ImageMagick-5.5.6-13.i386.rpm
aabcec7ef0e8545b170a86246114bc64 ImageMagick-c++-5.5.6-13.x86_64.rpm
ca5a5de88dbce63e4b68d0813dd0aa0b ImageMagick-c++-5.5.6-13.i386.rpm
70e707a934f7c674180d144dc54750c7 ImageMagick-c++-devel-5.5.6-13.x86_64.rpm
3a17b125eb8909661f2d0790c788cf4b ImageMagick-devel-5.5.6-13.x86_64.rpm
9581f193326fb69a826aba2db00c6d98 ImageMagick-perl-5.5.6-13.x86_64.rpm

Red Hat Enterprise Linux ES version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/ImageMagick-5.5.6-13.src.rpm
c9df74ebf9e921c9a254015e9a60da68 ImageMagick-5.5.6-13.src.rpm

i386:
e96c043b59ad808214398d62765884b3 ImageMagick-5.5.6-13.i386.rpm
ca5a5de88dbce63e4b68d0813dd0aa0b ImageMagick-c++-5.5.6-13.i386.rpm
571d4b8252cd09388e811dab7b7d420a ImageMagick-c++-devel-5.5.6-13.i386.rpm
d52da9fea241e7069834e43870d6e305 ImageMagick-devel-5.5.6-13.i386.rpm
0c410c10953a8641a2c58cdd79590318 ImageMagick-perl-5.5.6-13.i386.rpm

ia64:
57266d92716e2e72c4758df06c7078b1 ImageMagick-5.5.6-13.ia64.rpm
e96c043b59ad808214398d62765884b3 ImageMagick-5.5.6-13.i386.rpm
97caf495f60b7d27b2da35e17d91b806 ImageMagick-c++-5.5.6-13.ia64.rpm
ca5a5de88dbce63e4b68d0813dd0aa0b ImageMagick-c++-5.5.6-13.i386.rpm
439e8b7a4c60e7a8d3f21438aa400667 ImageMagick-c++-devel-5.5.6-13.ia64.rpm
50f8e9f478f5888153ddc4a5542250b0 ImageMagick-devel-5.5.6-13.ia64.rpm
99c88878747e363fcb12ba1edb15bb76 ImageMagick-perl-5.5.6-13.ia64.rpm

x86_64:
d4e3cfc3f690b5f0a96660eb8f15857f ImageMagick-5.5.6-13.x86_64.rpm
e96c043b59ad808214398d62765884b3 ImageMagick-5.5.6-13.i386.rpm
aabcec7ef0e8545b170a86246114bc64 ImageMagick-c++-5.5.6-13.x86_64.rpm
ca5a5de88dbce63e4b68d0813dd0aa0b ImageMagick-c++-5.5.6-13.i386.rpm
70e707a934f7c674180d144dc54750c7 ImageMagick-c++-devel-5.5.6-13.x86_64.rpm
3a17b125eb8909661f2d0790c788cf4b ImageMagick-devel-5.5.6-13.x86_64.rpm
9581f193326fb69a826aba2db00c6d98 ImageMagick-perl-5.5.6-13.x86_64.rpm

Red Hat Enterprise Linux WS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/ImageMagick-5.5.6-13.src.rpm
c9df74ebf9e921c9a254015e9a60da68 ImageMagick-5.5.6-13.src.rpm

i386:
e96c043b59ad808214398d62765884b3 ImageMagick-5.5.6-13.i386.rpm
ca5a5de88dbce63e4b68d0813dd0aa0b ImageMagick-c++-5.5.6-13.i386.rpm
571d4b8252cd09388e811dab7b7d420a ImageMagick-c++-devel-5.5.6-13.i386.rpm
d52da9fea241e7069834e43870d6e305 ImageMagick-devel-5.5.6-13.i386.rpm
0c410c10953a8641a2c58cdd79590318 ImageMagick-perl-5.5.6-13.i386.rpm

ia64:
57266d92716e2e72c4758df06c7078b1 ImageMagick-5.5.6-13.ia64.rpm
e96c043b59ad808214398d62765884b3 ImageMagick-5.5.6-13.i386.rpm
97caf495f60b7d27b2da35e17d91b806 ImageMagick-c++-5.5.6-13.ia64.rpm
ca5a5de88dbce63e4b68d0813dd0aa0b ImageMagick-c++-5.5.6-13.i386.rpm
439e8b7a4c60e7a8d3f21438aa400667 ImageMagick-c++-devel-5.5.6-13.ia64.rpm
50f8e9f478f5888153ddc4a5542250b0 ImageMagick-devel-5.5.6-13.ia64.rpm
99c88878747e363fcb12ba1edb15bb76 ImageMagick-perl-5.5.6-13.ia64.rpm

x86_64:
d4e3cfc3f690b5f0a96660eb8f15857f ImageMagick-5.5.6-13.x86_64.rpm
e96c043b59ad808214398d62765884b3 ImageMagick-5.5.6-13.i386.rpm
aabcec7ef0e8545b170a86246114bc64 ImageMagick-c++-5.5.6-13.x86_64.rpm
ca5a5de88dbce63e4b68d0813dd0aa0b ImageMagick-c++-5.5.6-13.i386.rpm
70e707a934f7c674180d144dc54750c7 ImageMagick-c++-devel-5.5.6-13.x86_64.rpm
3a17b125eb8909661f2d0790c788cf4b ImageMagick-devel-5.5.6-13.x86_64.rpm
9581f193326fb69a826aba2db00c6d98 ImageMagick-perl-5.5.6-13.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0005
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0397
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0759
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0760
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0761
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0762

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2005 Red Hat, Inc.