Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 62309

Summary: media-gfx/imagemagick: BMP buffer overrun
Product: Gentoo Security Reporter: Matthias Geerdsen (RETIRED) <vorlon>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: normal CC: graphics+disabled
Priority: High    
Version: unspecified   
Hardware: All   
OS: All   
URL: http://studio.imagemagick.org/pipermail/magick-developers/2004-August/002011.html
Whiteboard: B2 [glsa] chriswhite
Package list:
Runtime testing required: ---
Bug Depends on: 62229    
Bug Blocks:    

Description Matthias Geerdsen (RETIRED) gentoo-dev 2004-08-30 16:13:37 UTC 
From the imagemagick-developer mailing list (http://studio.imagemagick.org/pipermail/magick-developers/2004-August/002011.html):

Marcus Meissner of Suse has discovered and patched a buffer overrun
bug associated with decoding runlength-encoded BMP images.  Since this
could permit a security exploit, a new release with the this bug fixed
is scheduled for release later today.  Look for ImageMagick 6.0.6 at
ftp://ftp.imageMagick.org/pub/ImageMagick by 5PM EST.  It is recommended
that all ImageMagick 6.0.? users upgrade.  We will also release
ImageMagick 5.5.7-27 with the same patch for users of the 5.5.7 series.

Thanks to Marcus Meissner and Suse for bringing this exploit to our
attention.

__________

and 
(http://studio.imagemagick.org/pipermail/magick-developers/2004-August/002012.html)

Correction, that would be ImageMagick 5.5.7-28.

__________

see also bug #62229
Comment 1 Chris White (RETIRED) gentoo-dev 2004-08-30 16:31:36 UTC 
Graphics herd:

ImageMagick 6.0.6 released.

Security team:

not a lot of details as to what the vuln is, I'll try and see what I can
come up with later.  Blank whiteboard for now.
Comment 2 Joshua J. Berry (CondorDes) (RETIRED) gentoo-dev 2004-08-30 17:18:11 UTC 
ChrisWhite asked me to look at this one briefly ... I'm going to be paranoid and mark it a B2 because it's not clear whether or not there is an ACE ("arbitrary code execution") problem.  I skimmed bmp.c in the ImageMagick code, and I didn't see anything that looked obviously ACEish.

We should perhaps send an email to upstream asking for more info.
Comment 3 Matthias Geerdsen (RETIRED) gentoo-dev 2004-08-31 02:25:32 UTC 
submitted to OSVDB:
http://www.osvdb.org/displayvuln.php?osvdb_id=9378
Comment 4 Thierry Carrez (RETIRED) gentoo-dev 2004-09-03 07:08:28 UTC 
Graphics herd please bump ImageMagick to 6.0.6.
Comment 5 Karol Wojtaszek (RETIRED) gentoo-dev 2004-09-06 06:26:04 UTC 
I've just added Imagemagick-6.0.7.1 to portage.
Comment 6 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev 2004-09-06 07:30:27 UTC 
Reopening to mark stable.

Arches please mark Imagemagick-6.0.7.1 stable.
Comment 7 Gustavo Zacarias (RETIRED) gentoo-dev 2004-09-06 08:55:51 UTC 
sparc stable.
Comment 8 Danny van Dyk (RETIRED) gentoo-dev 2004-09-06 09:35:59 UTC 
Aliz already marked stable on amd64.
Comment 9 Daniel Ahlberg (RETIRED) gentoo-dev 2004-09-06 10:41:38 UTC 
Stable on amd64
Comment 10 Olivier Crete (RETIRED) gentoo-dev 2004-09-07 14:09:16 UTC 
stable on x86
Comment 11 Bryan Østergaard (RETIRED) gentoo-dev 2004-09-07 18:06:40 UTC 
Stable on alpha.
Comment 12 SpanKY gentoo-dev 2004-09-07 20:56:54 UTC 
ppc stable
Comment 13 Thierry Carrez (RETIRED) gentoo-dev 2004-09-08 02:11:39 UTC 
GLSA 200409-12
hppa,mips,ppc64 : mark stable to benefit from GLSA
Comment 14 SpanKY gentoo-dev 2004-09-08 20:00:49 UTC 
hmm, i already had pushed hppa to stable, just forgot to comment :)
Comment 15 Tom Gall (RETIRED) gentoo-dev 2004-10-09 20:45:43 UTC 
stable on ppc64, thanks!
Comment 16 Tom Gall (RETIRED) gentoo-dev 2004-10-09 20:55:20 UTC 
oops forgot to remove ppc64
Comment 17 Hardave Riar (RETIRED) gentoo-dev 2004-10-17 01:32:14 UTC 
Stable on mips.