Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 144091 - media-gfx/imagemagick: 6.2.9 fixes a ReadSGIImage() integer overflow (CVE-2006-4144)
Summary: media-gfx/imagemagick: 6.2.9 fixes a ReadSGIImage() integer overflow (CVE-200...
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High normal (vote)
Assignee: Gentoo Security
URL: http://secunia.com/advisories/21462/
Whiteboard: B2 [glsa] Falco
Keywords:
Depends on:
Blocks:
 
Reported: 2006-08-16 02:57 UTC by Raphael Marichez (Falco) (RETIRED)
Modified: 2019-12-28 12:33 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Raphael Marichez (Falco) (RETIRED) gentoo-dev 2006-08-16 02:57:39 UTC
SA 21462

Software:	ImageMagick 6.x

Description:
Damian Put has discovered a vulnerability in ImageMagick, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a user's system.

The vulnerability is caused due to an integer overflow in the "ReadSGIImage()" function when decoding SGI image files. This can be exploited to cause a heap-based buffer overflow by e.g. tricking a user into viewing a specially crafted SGI image.

Successful exploitation may allow execution of arbitrary code.

The vulnerability has been confirmed in version 6.2.6 and has also been reported in version 6.2.8. Other versions may also be affected.

Solution:
Update to version 6.2.9.
http://www.imagemagick.org/script/download.php

Provided and/or discovered by:
Damian Put

Original Advisory:
http://www.overflow.pl/adv/imsgiheap.txt
Comment 1 Raphael Marichez (Falco) (RETIRED) gentoo-dev 2006-08-16 02:58:18 UTC
Hi sekretarz, please provide a new ebuild if possible
Comment 2 Sune Kloppenborg Jeppesen gentoo-dev 2006-09-05 10:28:40 UTC
Pulling in graphics herd for advise.
Comment 3 Sune Kloppenborg Jeppesen gentoo-dev 2006-09-13 23:32:28 UTC
-dev mailed for assistance.
Comment 4 SpanKY gentoo-dev 2006-09-14 00:24:38 UTC
6.2.9.5 now in portage
Comment 5 Sune Kloppenborg Jeppesen gentoo-dev 2006-09-14 03:14:56 UTC
Thx Mike for the quick bump.

Arches please test and mark 6.2.9.5 stable.

Target keywords are:

imagemagick-6.2.9.5.ebuild:KEYWORDS="alpha amd64 arm hppa ia64 mips ppc ~ppc-macos ppc64 sh sparc x86 ~x86-fbsd"
Comment 6 Christian Faulhammer (RETIRED) gentoo-dev 2006-09-14 04:24:41 UTC
1) emerges fine so far
QA Notice: ECLASS 'base' inherited illegally in media-gfx/imagemagick-6.2.8.0

2) passes collision test
3) works

Portage 2.1.1 (default-linux/x86/2006.1/desktop, gcc-4.1.1, glibc-2.4-r3, 2.6.17-gentoo-r8 i686)
=================================================================
System uname: 2.6.17-gentoo-r8 i686 AMD Athlon(tm) XP 2500+
Gentoo Base System version 1.12.4
Last Sync: Thu, 14 Sep 2006 10:20:01 +0000
app-admin/eselect-compiler: [Not Present]
dev-lang/python:     2.4.3-r1
dev-python/pycrypto: 2.0.1-r5
dev-util/ccache:     [Not Present]
dev-util/confcache:  [Not Present]
sys-apps/sandbox:    1.2.17
sys-devel/autoconf:  2.13, 2.59-r7
sys-devel/automake:  1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2
sys-devel/binutils:  2.16.1-r3
sys-devel/gcc-config: 1.3.13-r3
sys-devel/libtool:   1.5.22
virtual/os-headers:  2.6.11-r5
ACCEPT_KEYWORDS="x86"
AUTOCLEAN="yes"
CBUILD="i686-pc-linux-gnu"
CFLAGS="-O2"
CHOST="i686-pc-linux-gnu"
CONFIG_PROTECT="/etc /usr/kde/3.5/env /usr/kde/3.5/share/config /usr/kde/3.5/shutdown /usr/share/X11/xkb /usr/share/config /usr/share/texmf/dvipdfm/config/ /usr/share/texmf/dvips/config/ /usr/share/texmf/tex/generic/config/ /usr/share/texmf/tex/platex/config/ /usr/share/texmf/xdvi/"
CONFIG_PROTECT_MASK="/etc/env.d /etc/gconf /etc/revdep-rebuild /etc/splash /etc/terminfo"
CXXFLAGS="-O2"
DISTDIR="/usr/portage/distfiles"
FEATURES="autoconfig ccache collision-protect distlocks metadata-transfer parallel-fetch sandbox sfperms strict test"
GENTOO_MIRRORS="ftp://sunsite.informatik.rwth-aachen.de/pub/Linux/gentoo/"
LANG="de_DE@euro"
LC_ALL="de_DE@euro"
LINGUAS="de"
MAKEOPTS="-j2"
PKGDIR="/usr/portage/packages"
PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --delete-after --stats --timeout=180 --exclude='/distfiles' --exclude='/local' --exclude='/packages'"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/usr/portage"
PORTDIR_OVERLAY="/usr/local/portage"
SYNC="rsync://rsync.informatik.rwth-aachen.de/gentoo-portage"
USE="x86 3dnow 3dnowext X Xaw3d a52 alsa arts artworkextra asf audiofile bash-completion beagle berkdb bidi bitmap-fonts bootsplash branding bzip2 cairo cdda cddb cdparanoia cdr cli cracklib crypt css cups curl custom-cflags dbus dga directfb divx4linux dlloader dri dts dvd dvdr dvdread dvi eds elibc_glibc emacs emboss encode esd evo exif expat fam fat fbcon ffmpeg firefox fortran ftp gb gcj gdbm gif gnome gpm gstreamer gtk gtk2 gtkhtml hal icq idn imagemagick imap input_devices_keyboard input_devices_mouse ipv6 isdnlog java javascript jikes jpeg jpeg2k kernel_linux ldap leim libg++ linguas_de lm_sensors mad maildir matroska mbox mikmod mime mmx mmxext mng mono mp3 mpeg mpeg2 mule nautilus ncurses nforce2 nls nocardbus nptl nptlonly nsplugin nvidia objc ogg opengl pam pcre pdf perl plotutils pmu png ppds pppd preview-latex print python qt3 qt4 quicktime readline reflection reiserfs samba sdk session slang spell spl sse ssl svg svga t1lib tcltk tcpd tetex theora thunderbird tiff truetype truetype-fonts type1-fonts udev usb userland_GNU vcd video_cards_fbdev video_cards_radeon video_cards_vesa videos vorbis win32codecs wmf wxwindows xine xml xorg xosd xv xvid zlib"
Unset:  CTARGET, EMERGE_DEFAULT_OPTS, INSTALL_MASK, LDFLAGS, PORTAGE_RSYNC_EXTRA_OPTS
Comment 7 Markus Rothe (RETIRED) gentoo-dev 2006-09-14 05:56:24 UTC
ppc64 stable
Comment 8 Gustavo Zacarias (RETIRED) gentoo-dev 2006-09-14 07:22:57 UTC
sparc stable.
Comment 9 Chris Gianelloni (RETIRED) gentoo-dev 2006-09-14 07:47:00 UTC
x86/amd64 done
Comment 10 Thomas Cort (RETIRED) gentoo-dev 2006-09-14 08:11:51 UTC
alpha stable.
Comment 11 Gustavo Zacarias (RETIRED) gentoo-dev 2006-09-15 11:14:45 UTC
hppa stable.
Comment 12 Gustavo Zacarias (RETIRED) gentoo-dev 2006-09-15 11:15:12 UTC
bleh silly mouse!
Comment 13 Tobias Scherbaum (RETIRED) gentoo-dev 2006-09-15 11:29:52 UTC
ppc stable
Comment 14 Sune Kloppenborg Jeppesen gentoo-dev 2006-09-26 08:41:00 UTC
Thx everyone.

GLSA 200609-14

arm, ia64, mips don't forget to mark stable to benifit from the GLSA.