=========================================================== Ubuntu Security Notice USN-337-1 August 16, 2006 imagemagick vulnerability CVE-2006-4144 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 5.04 Ubuntu 5.10 Ubuntu 6.06 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 5.04: libmagick6 6:6.0.6.2-2.1ubuntu1.3 Ubuntu 5.10: libmagick6 6:6.2.3.4-1ubuntu1.2 Ubuntu 6.06 LTS: libmagick9 6:6.2.4.5-0.6ubuntu0.1 After a standard system upgrade you need to reboot your computer to effect the necessary changes. Details follow: Damian Put discovered a buffer overflow in imagemagick's SGI file format decoder. By tricking an user or automated system into processing a specially crafted SGI image, this could be exploited to execute arbitrary code with the user's privileges. Updated packages for Ubuntu 5.04: Source archives: http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/imagemagick_6.0.6.2-2.1ubuntu1.3.diff.gz Size/MD5: 142677 fd571adfe56408f991b2c816017cf99a http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/imagemagick_6.0.6.2-2.1ubuntu1.3.dsc Size/MD5: 899 03499d79b2598188aeed4d675a781621 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/imagemagick_6.0.6.2.orig.tar.gz Size/MD5: 6824001 477a361ba0154cc2423726fab4a3f57c amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/imagemagick_6.0.6.2-2.1ubuntu1.3_amd64.deb Size/MD5: 1466446 951c781851cb2023629084c320f27f31 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++6-dev_6.0.6.2-2.1ubuntu1.3_amd64.deb Size/MD5: 228950 2ae0b0323dd8d49423ccc99d5293509f http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++6_6.0.6.2-2.1ubuntu1.3_amd64.deb Size/MD5: 163766 32b42d2a5886308665b81757e7cc9fea http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick6-dev_6.0.6.2-2.1ubuntu1.3_amd64.deb Size/MD5: 1550996 b8c5784d2a408c51976a51efb64b91cb http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick6_6.0.6.2-2.1ubuntu1.3_amd64.deb Size/MD5: 1195008 3a44a8aa41e632c0165bb92417ec8e8e http://security.ubuntu.com/ubuntu/pool/universe/i/imagemagick/perlmagick_6.0.6.2-2.1ubuntu1.3_amd64.deb Size/MD5: 231998 fb35a4c87a61fd940bad44e1ac252bc6 i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/imagemagick_6.0.6.2-2.1ubuntu1.3_i386.deb Size/MD5: 1465132 ac647b62c6e5f9e34771c53ea4f95b3a http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++6-dev_6.0.6.2-2.1ubuntu1.3_i386.deb Size/MD5: 209004 090e70f26210c13b757f22e92b4a7715 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++6_6.0.6.2-2.1ubuntu1.3_i386.deb Size/MD5: 164444 028ef96e5345d9ff5076ffdca282f7cf http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick6-dev_6.0.6.2-2.1ubuntu1.3_i386.deb Size/MD5: 1453742 f22685b0fa9c4a95c75c18e86da2f6f7 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick6_6.0.6.2-2.1ubuntu1.3_i386.deb Size/MD5: 1140388 23dee77028dcadda74f88e593f74667f http://security.ubuntu.com/ubuntu/pool/universe/i/imagemagick/perlmagick_6.0.6.2-2.1ubuntu1.3_i386.deb Size/MD5: 232380 2069490a09127e7716e07db3388fcd5e powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/imagemagick_6.0.6.2-2.1ubuntu1.3_powerpc.deb Size/MD5: 1471902 e0e5b999a4855b1e68025ea1ae0ed6bd http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++6-dev_6.0.6.2-2.1ubuntu1.3_powerpc.deb Size/MD5: 227950 c9b575d8457e3959ddba0dd10702c6c4 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++6_6.0.6.2-2.1ubuntu1.3_powerpc.deb Size/MD5: 156916 de040332421f78eb8b9ce9990d9bef6e http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick6-dev_6.0.6.2-2.1ubuntu1.3_powerpc.deb Size/MD5: 1685878 d5aebf65a7ae1e6281ccad831c0a7e4c http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick6_6.0.6.2-2.1ubuntu1.3_powerpc.deb Size/MD5: 1169788 b5defbd03f07d943029244120ae3c2d0 http://security.ubuntu.com/ubuntu/pool/universe/i/imagemagick/perlmagick_6.0.6.2-2.1ubuntu1.3_powerpc.deb Size/MD5: 270738 60bc3332ec1b6c371e0fa38798968776 Updated packages for Ubuntu 5.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/imagemagick_6.2.3.4-1ubuntu1.2.diff.gz Size/MD5: 142085 7b973398b10d82e4fdb7be54445622e4 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/imagemagick_6.2.3.4-1ubuntu1.2.dsc Size/MD5: 899 2f7b1b60ea31054cf86e1accd4a8c535 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/imagemagick_6.2.3.4.orig.tar.gz Size/MD5: 5769194 7e9a3edd467a400a74126eb4a18e31ef amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/imagemagick_6.2.3.4-1ubuntu1.2_amd64.deb Size/MD5: 1333828 402c5bb86216403a41d90eb3f50c3f9e http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++6-dev_6.2.3.4-1ubuntu1.2_amd64.deb Size/MD5: 259204 19feb46464c2e7767a93e0718ece6b5e http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++6c2_6.2.3.4-1ubuntu1.2_amd64.deb Size/MD5: 171276 397c42b13ca901fbc8206a658d9e1b0b http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick6-dev_6.2.3.4-1ubuntu1.2_amd64.deb Size/MD5: 1670248 a58147070a17de32543ea27e86296c97 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick6_6.2.3.4-1ubuntu1.2_amd64.deb Size/MD5: 1320174 66faa4b1c3a5d728d5452cdf8cab677d http://security.ubuntu.com/ubuntu/pool/universe/i/imagemagick/perlmagick_6.2.3.4-1ubuntu1.2_amd64.deb Size/MD5: 169260 7414698558a84813a6eb8adc6a6a9ff1 i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/imagemagick_6.2.3.4-1ubuntu1.2_i386.deb Size/MD5: 1332758 331c360e7294118a3050b6c580f239d2 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++6-dev_6.2.3.4-1ubuntu1.2_i386.deb Size/MD5: 235606 77a528c49d267b58012325b95b95523a http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++6c2_6.2.3.4-1ubuntu1.2_i386.deb Size/MD5: 170498 75d10d65910d7e9d3154055e3c4eb1c9 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick6-dev_6.2.3.4-1ubuntu1.2_i386.deb Size/MD5: 1521498 dd23d471046d8f8b982a449855128451 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick6_6.2.3.4-1ubuntu1.2_i386.deb Size/MD5: 1223932 a1e841bb95b79a0631f85fc1a4417b8d http://security.ubuntu.com/ubuntu/pool/universe/i/imagemagick/perlmagick_6.2.3.4-1ubuntu1.2_i386.deb Size/MD5: 164586 ca6858f8f25c20cf595ba5c67ec5e457 powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/imagemagick_6.2.3.4-1ubuntu1.2_powerpc.deb Size/MD5: 1337520 21e4af590f132720b28fbb7801ca438c http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++6-dev_6.2.3.4-1ubuntu1.2_powerpc.deb Size/MD5: 260106 09071a2b088d7bc3b1dae6fc1aff1853 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++6c2_6.2.3.4-1ubuntu1.2_powerpc.deb Size/MD5: 163746 fdbd89a612677917ce7aa593496732ce http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick6-dev_6.2.3.4-1ubuntu1.2_powerpc.deb Size/MD5: 1873692 cea3f005f04ccdca23794df31635eef6 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick6_6.2.3.4-1ubuntu1.2_powerpc.deb Size/MD5: 1257712 6ffa12effbf8a79609eb8a607ed17011 http://security.ubuntu.com/ubuntu/pool/universe/i/imagemagick/perlmagick_6.2.3.4-1ubuntu1.2_powerpc.deb Size/MD5: 163730 001f9604308b314a0b73ef292ab46c67 sparc architecture (Sun SPARC/UltraSPARC) http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/imagemagick_6.2.3.4-1ubuntu1.2_sparc.deb Size/MD5: 1332974 3cf85ba36a8ff1a29cf4ed8291e1c6c8 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++6-dev_6.2.3.4-1ubuntu1.2_sparc.deb Size/MD5: 236742 51e90aed374892c075b71ccc8c190d8e http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++6c2_6.2.3.4-1ubuntu1.2_sparc.deb Size/MD5: 168570 df4a23e51a57e81c720780cef8008c42 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick6-dev_6.2.3.4-1ubuntu1.2_sparc.deb Size/MD5: 1781720 2c6e2b5d2a4cb72fb48ee43b006f6a80 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick6_6.2.3.4-1ubuntu1.2_sparc.deb Size/MD5: 1323248 820b125811aceb6254c91619ccee28da http://security.ubuntu.com/ubuntu/pool/universe/i/imagemagick/perlmagick_6.2.3.4-1ubuntu1.2_sparc.deb Size/MD5: 166050 52e45dbd665d7cfa99c86751074fb6bf Updated packages for Ubuntu 6.06 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/imagemagick_6.2.4.5-0.6ubuntu0.1.diff.gz Size/MD5: 33405 9a7333ad2f858b0f4083454bea41fd29 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/imagemagick_6.2.4.5-0.6ubuntu0.1.dsc Size/MD5: 916 d13b569997564965e8a38027d6a0baad http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/imagemagick_6.2.4.5.orig.tar.gz Size/MD5: 6085147 8d790a280f355489d0cfb6d36ce6751f amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/imagemagick_6.2.4.5-0.6ubuntu0.1_amd64.deb Size/MD5: 1615680 69c1b5e2a368a2815bbea930c6b16252 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++9-dev_6.2.4.5-0.6ubuntu0.1_amd64.deb Size/MD5: 249044 32d1db6495f67b72a0677045e78ffe1e http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++9c2a_6.2.4.5-0.6ubuntu0.1_amd64.deb Size/MD5: 169968 a6d4579db19d4071a9a1fe0f34bc3c72 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick9-dev_6.2.4.5-0.6ubuntu0.1_amd64.deb Size/MD5: 1701710 8c21c485e94c8d81825afc4ef7a818f2 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick9_6.2.4.5-0.6ubuntu0.1_amd64.deb Size/MD5: 1347256 7230a771c47d3c6fa10badb9a73c78f4 http://security.ubuntu.com/ubuntu/pool/universe/i/imagemagick/perlmagick_6.2.4.5-0.6ubuntu0.1_amd64.deb Size/MD5: 171570 ec88df84e25772a2ce62072c69804f59 i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/imagemagick_6.2.4.5-0.6ubuntu0.1_i386.deb Size/MD5: 1614438 a5cf3ad68425e26344c2f19641bcbc60 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++9-dev_6.2.4.5-0.6ubuntu0.1_i386.deb Size/MD5: 226744 fb3b93cdadc5780e22e7236d7ccac921 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++9c2a_6.2.4.5-0.6ubuntu0.1_i386.deb Size/MD5: 167962 9345792bd76fd8424d6f89a58a9097a0 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick9-dev_6.2.4.5-0.6ubuntu0.1_i386.deb Size/MD5: 1555220 2d9570bf3abc226ca92897cdef24705e http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick9_6.2.4.5-0.6ubuntu0.1_i386.deb Size/MD5: 1246256 d914887f1bb4288e002a0b511067f235 http://security.ubuntu.com/ubuntu/pool/universe/i/imagemagick/perlmagick_6.2.4.5-0.6ubuntu0.1_i386.deb Size/MD5: 166952 93f3889de4c7b8fbc4ba54ba27287e28 powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/imagemagick_6.2.4.5-0.6ubuntu0.1_powerpc.deb Size/MD5: 1619400 65c17bd1137517aa5e5a0f26d78647ba http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++9-dev_6.2.4.5-0.6ubuntu0.1_powerpc.deb Size/MD5: 251182 72a7340ebe060b2f629b77ce2c04cbee http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++9c2a_6.2.4.5-0.6ubuntu0.1_powerpc.deb Size/MD5: 162052 f66d02bdcc0a0192f904d6eb3ab3572a http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick9-dev_6.2.4.5-0.6ubuntu0.1_powerpc.deb Size/MD5: 1905114 c35174459aac69cbb71d940aefad7907 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick9_6.2.4.5-0.6ubuntu0.1_powerpc.deb Size/MD5: 1283172 78487bcc3bdcf4fbdf6b5f79ede47b22 http://security.ubuntu.com/ubuntu/pool/universe/i/imagemagick/perlmagick_6.2.4.5-0.6ubuntu0.1_powerpc.deb Size/MD5: 165948 d1571d99fc1d4409654d6593d9d1b53b sparc architecture (Sun SPARC/UltraSPARC) http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/imagemagick_6.2.4.5-0.6ubuntu0.1_sparc.deb Size/MD5: 1615006 5df74bd1f2cb4b95d3678cc002147b60 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++9-dev_6.2.4.5-0.6ubuntu0.1_sparc.deb Size/MD5: 228940 446764f3422c267060b1641ba3d8c283 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++9c2a_6.2.4.5-0.6ubuntu0.1_sparc.deb Size/MD5: 166876 443b722a2b9611bc56c80837b2f136a5 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick9-dev_6.2.4.5-0.6ubuntu0.1_sparc.deb Size/MD5: 1807002 1a8632bec32036edf891741a4d74e73e http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick9_6.2.4.5-0.6ubuntu0.1_sparc.deb Size/MD5: 1342918 0dfb85040b849e217481b73f3a7fd071 http://security.ubuntu.com/ubuntu/pool/universe/i/imagemagick/perlmagick_6.2.4.5-0.6ubuntu0.1_sparc.deb Size/MD5: 168660 64db6bc04cb5ca2f73988d1670a9193e
Attachment:
signature.asc
Description: Digital signature