=========================================================== Ubuntu Security Notice USN-386-1 November 28, 2006 imagemagick vulnerability CVE-2006-5868 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 5.10 Ubuntu 6.06 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 5.10: libmagick6 6:6.2.3.4-1ubuntu1.5 Ubuntu 6.06 LTS: libmagick9 6:6.2.4.5-0.6ubuntu0.4 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: Daniel Kobras discovered multiple buffer overflows in ImageMagick's SGI file format decoder. By tricking a user or an automated system into processing a specially crafted SGI image, this could be exploited to execute arbitrary code with the user's privileges. Updated packages for Ubuntu 5.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/imagemagick_6.2.3.4-1ubuntu1.5.diff.gz Size/MD5: 144276 f71b4df055bac9231c6d4794256d5732 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/imagemagick_6.2.3.4-1ubuntu1.5.dsc Size/MD5: 899 0d1a0c35f2564b75e27af6a0a757f4c5 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/imagemagick_6.2.3.4.orig.tar.gz Size/MD5: 5769194 7e9a3edd467a400a74126eb4a18e31ef amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/imagemagick_6.2.3.4-1ubuntu1.5_amd64.deb Size/MD5: 1334044 f1442ba90c54cfdd1dd0266828407376 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++6-dev_6.2.3.4-1ubuntu1.5_amd64.deb Size/MD5: 259516 52c4772274427c11fe93dbc2ddb7445a http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++6c2_6.2.3.4-1ubuntu1.5_amd64.deb Size/MD5: 171564 65bdac06e239398ee62f9ca67ce67e81 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick6-dev_6.2.3.4-1ubuntu1.5_amd64.deb Size/MD5: 1671240 27f858940a212d836d37f197e1d558a7 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick6_6.2.3.4-1ubuntu1.5_amd64.deb Size/MD5: 1320974 c92c95369bd473aacb1741aa986df746 http://security.ubuntu.com/ubuntu/pool/universe/i/imagemagick/perlmagick_6.2.3.4-1ubuntu1.5_amd64.deb Size/MD5: 169642 7a89a61459b01be5af738d7694b6977c i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/imagemagick_6.2.3.4-1ubuntu1.5_i386.deb Size/MD5: 1333074 ea2b1d5399c1a419ed9267f3ac8ec3e4 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++6-dev_6.2.3.4-1ubuntu1.5_i386.deb Size/MD5: 236018 c3b15c5532ce75a066bd7acb21053d42 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++6c2_6.2.3.4-1ubuntu1.5_i386.deb Size/MD5: 170892 9bb90b14ddfe5b083402b55220523ae7 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick6-dev_6.2.3.4-1ubuntu1.5_i386.deb Size/MD5: 1522170 254d36fb51155e07a65cf50f601fb90e http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick6_6.2.3.4-1ubuntu1.5_i386.deb Size/MD5: 1224904 55afca2d998171a389b0f485660361ab http://security.ubuntu.com/ubuntu/pool/universe/i/imagemagick/perlmagick_6.2.3.4-1ubuntu1.5_i386.deb Size/MD5: 164948 c366d85731e2bfe7e7d7d89586c094f6 powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/imagemagick_6.2.3.4-1ubuntu1.5_powerpc.deb Size/MD5: 1338026 a2df1ca024545fe1063712634f2fe411 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++6-dev_6.2.3.4-1ubuntu1.5_powerpc.deb Size/MD5: 260500 65b4ac7834603aef286b67c2bb3909e1 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++6c2_6.2.3.4-1ubuntu1.5_powerpc.deb Size/MD5: 164128 e5994c1f4c2820c2ce1fbb181cc608da http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick6-dev_6.2.3.4-1ubuntu1.5_powerpc.deb Size/MD5: 1874614 5e3a953a21b30afd852e0e3d4f847329 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick6_6.2.3.4-1ubuntu1.5_powerpc.deb Size/MD5: 1258432 3e2222299d98ae6b102fa55f4f2879a7 http://security.ubuntu.com/ubuntu/pool/universe/i/imagemagick/perlmagick_6.2.3.4-1ubuntu1.5_powerpc.deb Size/MD5: 164090 419ffc1569e88008d0ce592d84fd09f0 sparc architecture (Sun SPARC/UltraSPARC) http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/imagemagick_6.2.3.4-1ubuntu1.5_sparc.deb Size/MD5: 1333274 89495b2b8d2a0ccda003983c7aa4f6db http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++6-dev_6.2.3.4-1ubuntu1.5_sparc.deb Size/MD5: 237160 0fa436044e24fbd7fd46668adf54d4d8 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++6c2_6.2.3.4-1ubuntu1.5_sparc.deb Size/MD5: 169068 21ddda496ae6571fd253f620c1f413ff http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick6-dev_6.2.3.4-1ubuntu1.5_sparc.deb Size/MD5: 1782496 c334cad8f7c7c61261e3b6f260f5642b http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick6_6.2.3.4-1ubuntu1.5_sparc.deb Size/MD5: 1324138 7964183b384bb4499af877946ca17617 http://security.ubuntu.com/ubuntu/pool/universe/i/imagemagick/perlmagick_6.2.3.4-1ubuntu1.5_sparc.deb Size/MD5: 166410 9b29cba341a3c614306c5cf79fdf6a32 Updated packages for Ubuntu 6.06 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/imagemagick_6.2.4.5-0.6ubuntu0.4.diff.gz Size/MD5: 35503 22a98409b1626040601ef609b2422565 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/imagemagick_6.2.4.5-0.6ubuntu0.4.dsc Size/MD5: 914 ce09e6ff2f5312abe01eb8c2519ba982 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/imagemagick_6.2.4.5.orig.tar.gz Size/MD5: 6085147 8d790a280f355489d0cfb6d36ce6751f amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/imagemagick_6.2.4.5-0.6ubuntu0.4_amd64.deb Size/MD5: 1616098 5aff32ee6d06a4ffae450b8e24d72cab http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++9-dev_6.2.4.5-0.6ubuntu0.4_amd64.deb Size/MD5: 249280 e479fe98f23010e188aa4223d95a74e1 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++9c2a_6.2.4.5-0.6ubuntu0.4_amd64.deb Size/MD5: 170144 4f476605b89a199ac213167dd1d5477e http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick9-dev_6.2.4.5-0.6ubuntu0.4_amd64.deb Size/MD5: 1702592 0dac576b130935bca9cb63b6c73a38a9 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick9_6.2.4.5-0.6ubuntu0.4_amd64.deb Size/MD5: 1347986 2aeafd90dcb307d49aeac231dcbcef66 http://security.ubuntu.com/ubuntu/pool/universe/i/imagemagick/perlmagick_6.2.4.5-0.6ubuntu0.4_amd64.deb Size/MD5: 171946 ca96ca3cfec1dc1bd78e45f3b198f88d i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/imagemagick_6.2.4.5-0.6ubuntu0.4_i386.deb Size/MD5: 1614892 7ddc2989b4ebf3841fa9e06f2d7794a7 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++9-dev_6.2.4.5-0.6ubuntu0.4_i386.deb Size/MD5: 227128 ca9829f99fd35e1f8fbe1344d2cbabc7 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++9c2a_6.2.4.5-0.6ubuntu0.4_i386.deb Size/MD5: 168498 23d8ffe52e57c13a20cc1aecc08a439e http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick9-dev_6.2.4.5-0.6ubuntu0.4_i386.deb Size/MD5: 1555966 bd23debc4d7803cf8b2ab5ead32e4d7b http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick9_6.2.4.5-0.6ubuntu0.4_i386.deb Size/MD5: 1247120 2c59b3f89970d4c77312948a30ebaa12 http://security.ubuntu.com/ubuntu/pool/universe/i/imagemagick/perlmagick_6.2.4.5-0.6ubuntu0.4_i386.deb Size/MD5: 167310 a9ed294c57834eb2228ea32b85af28eb powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/imagemagick_6.2.4.5-0.6ubuntu0.4_powerpc.deb Size/MD5: 1619732 97cb89c8ce5e0e8378a29434f93c725e http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++9-dev_6.2.4.5-0.6ubuntu0.4_powerpc.deb Size/MD5: 251472 7ff2a19b6112bdf2341ad83b6c8180d7 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++9c2a_6.2.4.5-0.6ubuntu0.4_powerpc.deb Size/MD5: 162446 19ceac2db725b255eb53cfef09122732 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick9-dev_6.2.4.5-0.6ubuntu0.4_powerpc.deb Size/MD5: 1905982 dd93d9deb2d3c73df4a99f26e2b38cb8 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick9_6.2.4.5-0.6ubuntu0.4_powerpc.deb Size/MD5: 1283844 c74d5c533e5473fa2f7355f006786ad4 http://security.ubuntu.com/ubuntu/pool/universe/i/imagemagick/perlmagick_6.2.4.5-0.6ubuntu0.4_powerpc.deb Size/MD5: 166318 06e8b7a4327f7c8b916c8a1ddbed28b6 sparc architecture (Sun SPARC/UltraSPARC) http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/imagemagick_6.2.4.5-0.6ubuntu0.4_sparc.deb Size/MD5: 1615414 01bb86d55782b5fd8740374c9e591f8d http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++9-dev_6.2.4.5-0.6ubuntu0.4_sparc.deb Size/MD5: 229276 08e0696804312268381fb7ff9d68a567 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++9c2a_6.2.4.5-0.6ubuntu0.4_sparc.deb Size/MD5: 167300 92fb400448110ffa689136e60c8e42d1 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick9-dev_6.2.4.5-0.6ubuntu0.4_sparc.deb Size/MD5: 1807446 be2efd78d9b95b8610e40efa51068589 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick9_6.2.4.5-0.6ubuntu0.4_sparc.deb Size/MD5: 1343858 df210de3e91f2391b5a811b896266a3a http://security.ubuntu.com/ubuntu/pool/universe/i/imagemagick/perlmagick_6.2.4.5-0.6ubuntu0.4_sparc.deb Size/MD5: 169028 370a73f08c265367fb29e86cdc2139b0
Attachment:
signature.asc
Description: Digital signature