Bug List: (This bug is not in your last search results)   Show last search results      Search page      Enter new bug
Bug#: 83542
Alias:
Product:
Component:
Status: RESOLVED
Resolution: FIXED
Assigned To: Gentoo Security <security@gentoo.org>
Hardware:
OS:
Version:
Priority:
Severity:
Reporter: Tavis Ormandy (RETIRED) <taviso@gentoo.org>
Add CC:
CC:
Remove selected CCs
URL:
Summary:
Status Whiteboard:
Keywords:
Flags: Requestee:
 
 
  ()

Filename Description Type Creator Created Size Actions
imagick-6.1.8-filename-format-string.diff filename handling format string patch patch Tavis Ormandy (RETIRED) 2005-03-01 02:20 0000 562 bytes Details | Diff
imagemagick_formatstring_new.diff imagemagick_formatstring_new.diff patch Thierry Carrez (RETIRED) 2006-01-04 06:33 0000 834 bytes Details | Diff
Create a New Attachment (proposed patch, testcase, etc.) View All

Bug 83542 depends on: Show dependency tree
Bug 83542 blocks:

Additional Comments: (this is where you put emerge --info)


Not eligible to see or edit group visibility for this bug.






View Bug Activity   |   Format For Printing   |   XML   |   Clone This Bug

Description:   Opened: 2005-02-28 04:55 0000 
there's a problem handling filenames in imagemagick, this could potentially
cause problems in webapps that use the utilities (mediawiki, gallery, etc).

I reported the problem (in SetImageInfo()) upstream who say a fix will be
present in 6.2.0-3.

eg, 
convert /dev/null %n
convert /dev/null "%.03%hn%hn:%x%x%"
etc.


Reproducible: Always
Steps to Reproduce:
1.
2.
3.

------- Comment #1 From Tavis Ormandy (RETIRED) 2005-03-01 02:20:39 0000 ------- 
Created an attachment (id=52363) [details]
filename handling format string patch

oneliner patch for image magick filename handling issue.

------- Comment #2 From Thierry Carrez (RETIRED) 2005-03-02 08:56:08 0000 ------- 
Graphics team, please bump to 6.2.0-3 or apply provided patch to current.

------- Comment #3 From solar 2005-03-02 09:26:21 0000 ------- 
This will be CAN-2005-0397

------- Comment #4 From Karol Wojtaszek (RETIRED) 2005-03-02 15:09:51 0000 ------- 
Imagemagick and perlmagick bumped to 6.0.2.4.
***Please, update keywords of dev-perl/perlmagick to match imagemagick***

------- Comment #5 From Sune Kloppenborg Jeppesen 2005-03-02 22:30:20 0000 ------- 
sekretarz I presume you mean 6.2.0.4:-)

Arches please test and mark imagemagick and perlmagick stable.

------- Comment #6 From Karol Wojtaszek (RETIRED) 2005-03-02 22:38:49 0000 ------- 
yeah, sorry, bumped to 6.2.0.4, of course ;)

------- Comment #7 From Gustavo Zacarias (RETIRED) 2005-03-03 06:49:10 0000 ------- 
sparc stable.

------- Comment #8 From Jan Brinkmann (RETIRED) 2005-03-03 06:52:13 0000 ------- 
stable on amd64

------- Comment #9 From Markus Rothe 2005-03-03 09:01:00 0000 ------- 
stable on ppc64

------- Comment #10 From Michael Hanselmann (hansmi) (RETIRED) 2005-03-03 13:45:30 0000 ------- 
Stable on ppc.

------- Comment #11 From Olivier Crete 2005-03-05 22:44:30 0000 ------- 
x86 stable

------- Comment #12 From Bryan Østergaard (RETIRED) 2005-03-06 01:30:51 0000 ------- 
Alpha stable.

------- Comment #13 From Thierry Carrez (RETIRED) 2005-03-06 05:08:29 0000 ------- 
GLSA 200503-11
hppa, ia64, mips: please mark stable to benefit from GLSA

------- Comment #14 From Hardave Riar (RETIRED) 2005-03-13 14:49:23 0000 ------- 
Stable on mips.

------- Comment #15 From René Nussbaumer 2005-06-26 06:00:29 0000 ------- 
Already stable on hppa

------- Comment #16 From Thierry Carrez (RETIRED) 2006-01-04 06:33:00 0000 ------- 
Debian says the patch is not sufficient.
See http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=345876

Tavis, your opinion ?

------- Comment #17 From Thierry Carrez (RETIRED) 2006-01-04 06:33:34 0000 ------- 
Created an attachment (id=76159) [details]
imagemagick_formatstring_new.diff

New proposed patch, from Debian

------- Comment #18 From Thierry Carrez (RETIRED) 2006-01-04 08:08:40 0000 ------- 
graphics, please repatch ?

------- Comment #19 From Thierry Carrez (RETIRED) 2006-01-05 00:44:57 0000 ------- 
*** Bug 117843 has been marked as a duplicate of this bug. ***

------- Comment #20 From Thierry Carrez (RETIRED) 2006-01-05 01:14:45 0000 ------- 
New one is CVE-2006-0082

------- Comment #21 From Thierry Carrez (RETIRED) 2006-01-12 08:24:20 0000 ------- 
Anyone in graphics herd ?

------- Comment #22 From Karol Wojtaszek (RETIRED) 2006-01-18 12:28:22 0000 ------- 
I checked imagemagick-6.2.5.5 code and i think that they fixed this flow. They
didn't apply patch from debian but current code doesn't expand % chars. I
advise to push imagemagick-6.2.5.5 stable.

------- Comment #23 From Sune Kloppenborg Jeppesen 2006-01-30 13:40:38 0000 ------- 
Calling arches _very_ late.

------- Comment #24 From Markus Rothe 2006-01-30 14:18:27 0000 ------- 
stable on ppc64

------- Comment #25 From Patrick McLean 2006-01-30 20:22:16 0000 ------- 
stable on amd64

------- Comment #26 From Joshua Jackson 2006-01-30 21:12:26 0000 ------- 
x86 stable

------- Comment #27 From René Nussbaumer 2006-01-31 01:37:39 0000 ------- 
Stable on hppa

------- Comment #28 From Tobias Scherbaum 2006-01-31 07:04:25 0000 ------- 
ppc stable

------- Comment #29 From Gustavo Zacarias (RETIRED) 2006-01-31 09:05:16 0000 ------- 
sparc stable.

------- Comment #30 From Jose Luis Rivero (yoswink) 2006-01-31 18:35:06 0000 ------- 
stable on alpha

------- Comment #31 From Stefan Cornelius (RETIRED) 2006-02-01 06:53:36 0000 ------- 
ready for glsa

------- Comment #32 From Thierry Carrez (RETIRED) 2006-02-13 12:40:59 0000 ------- 
GLSA 200602-06
arm  and mips should mark stable to benefit from GLSA

------- Comment #33 From Joshua Kinard 2006-09-03 22:21:21 0000 ------- 
6.2.8.0 stable on mips (took us long enough I guess....)
Bug List: (This bug is not in your last search results)   Show last search results      Search page      Enter new bug