Linux Security
    Linux Security
    Linux Security

    Debian: ImageMagick fix arbitrary code execution DSA-646-1

    Date
    7099
    Posted By
    Andrei Nigmatulin discovered a buffer overflow in the PSD image-decoding module of ImageMagick, a commonly used image manipulation library. Remote exploition with a carefully crafted image could lead to the execution of arbitrary code.
    - --------------------------------------------------------------------------
    Debian Security Advisory DSA 646-1                     This email address is being protected from spambots. You need JavaScript enabled to view it.
    https://www.debian.org/security/                             Martin Schulze
    January 19th, 2005                      https://www.debian.org/security/faq
    - --------------------------------------------------------------------------
    
    Package        : imagemagick
    Vulnerability  : buffer overflow
    Problem-Type   : remote
    Debian-specific: no
    CVE ID         : CAN-2005-0005
    
    Andrei Nigmatulin discovered a buffer overflow in the PSD
    image-decoding module of ImageMagick, a commonly used image
    manipulation library.  Remote exploition with a carefully crafted
    image could lead to the execution of arbitrary code.
    
    For the stable distribution (woody) this problem has been fixed in
    version 5.4.4.5-1woody5.
    
    For the unstable distribution (sid) this problem has been fixed in
    version 6.0.6.2-2.
    
    We recommend that you upgrade your imagemagick packages.
    
    
    Upgrade Instructions
    - --------------------
    
    wget url
            will fetch the file for you
    dpkg -i file.deb
            will install the referenced file.
    
    If you are using the apt-get package manager, use the line for
    sources.list as given below:
    
    apt-get update
            will update the internal database
    apt-get upgrade
            will install corrected packages
    
    You may use an automated update by adding the resources from the
    footer to the proper configuration.
    
    
    Debian GNU/Linux 3.0 alias woody
    - --------------------------------
    
      Source archives:
    
        https://security.debian.org/pool/updates/main/i/imagemagick/imagemagick_5.4.4.5-1woody5.dsc
          Size/MD5 checksum:      852 7ca6886f64037e980060508a770bd777
        https://security.debian.org/pool/updates/main/i/imagemagick/imagemagick_5.4.4.5-1woody5.diff.gz
          Size/MD5 checksum:    15619 4b8192231c8975e0f83bab0bdee0f25a
        https://security.debian.org/pool/updates/main/i/imagemagick/imagemagick_5.4.4.5.orig.tar.gz
          Size/MD5 checksum:  3901237 f35e356b4ac1ebc58e3cffa7ea7abc07
    
      Alpha architecture:
    
        https://security.debian.org/pool/updates/main/i/imagemagick/imagemagick_5.4.4.5-1woody5_alpha.deb
          Size/MD5 checksum:  1309882 ddc9e1e57e1733ba68898c4d78d11ff2
        https://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5_5.4.4.5-1woody5_alpha.deb
          Size/MD5 checksum:   154212 c0cb6e3b81807a9ea8b6fcf1b3d3403e
        https://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5-dev_5.4.4.5-1woody5_alpha.deb
          Size/MD5 checksum:    56326 883322541fe624e48bd4d2f579090d27
        https://security.debian.org/pool/updates/main/i/imagemagick/libmagick5_5.4.4.5-1woody5_alpha.deb
          Size/MD5 checksum:   833384 4a6b6198ca41453dd989e65f68d7d3be
        https://security.debian.org/pool/updates/main/i/imagemagick/libmagick5-dev_5.4.4.5-1woody5_alpha.deb
          Size/MD5 checksum:    67370 a7487a31ee8afcf6e8dbc942d9eb7226
        https://security.debian.org/pool/updates/main/i/imagemagick/perlmagick_5.4.4.5-1woody5_alpha.deb
          Size/MD5 checksum:   113864 815d027cfec793000bb6eafd54b6c6d4
    
      ARM architecture:
    
        https://security.debian.org/pool/updates/main/i/imagemagick/imagemagick_5.4.4.5-1woody5_arm.deb
          Size/MD5 checksum:  1297154 08cf4503548d7b4f594b19dbbbc9b620
        https://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5_5.4.4.5-1woody5_arm.deb
          Size/MD5 checksum:   118778 7ea1c8496ba2f9b10e173136d7646b19
        https://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5-dev_5.4.4.5-1woody5_arm.deb
          Size/MD5 checksum:    56372 5b58a6cfa9f0585b7dbcb2a6a079f5bb
        https://security.debian.org/pool/updates/main/i/imagemagick/libmagick5_5.4.4.5-1woody5_arm.deb
          Size/MD5 checksum:   898716 4cbae243299cab78d9c7189d57b5f5e5
        https://security.debian.org/pool/updates/main/i/imagemagick/libmagick5-dev_5.4.4.5-1woody5_arm.deb
          Size/MD5 checksum:    67398 9f7051f05c9f6339f29c814e6800c5a8
        https://security.debian.org/pool/updates/main/i/imagemagick/perlmagick_5.4.4.5-1woody5_arm.deb
          Size/MD5 checksum:   109992 feded00d7fa37064e447fd140a06b861
    
      Intel IA-32 architecture:
    
        https://security.debian.org/pool/updates/main/i/imagemagick/imagemagick_5.4.4.5-1woody5_i386.deb
          Size/MD5 checksum:  1295194 4c860486ff0284c0f3a02e6db73d2729
        https://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5_5.4.4.5-1woody5_i386.deb
          Size/MD5 checksum:   122838 1fa97dc730589c4d2405cfb1daf65d58
        https://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5-dev_5.4.4.5-1woody5_i386.deb
          Size/MD5 checksum:    56348 f6f1831bc53050fed4be4a779f617d85
        https://security.debian.org/pool/updates/main/i/imagemagick/libmagick5_5.4.4.5-1woody5_i386.deb
          Size/MD5 checksum:   772594 bc095d6fc212c57e76682d2e908e645f
        https://security.debian.org/pool/updates/main/i/imagemagick/libmagick5-dev_5.4.4.5-1woody5_i386.deb
          Size/MD5 checksum:    67380 77bbc19b74af8f4ec6a423ca2cb8519f
        https://security.debian.org/pool/updates/main/i/imagemagick/perlmagick_5.4.4.5-1woody5_i386.deb
          Size/MD5 checksum:   106994 893011a405b1e248c75f9c2e2e43cdf6
    
      Intel IA-64 architecture:
    
        https://security.debian.org/pool/updates/main/i/imagemagick/imagemagick_5.4.4.5-1woody5_ia64.deb
          Size/MD5 checksum:  1336218 0da64c0ceb2ae9c2841ce4686c81ebbf
        https://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5_5.4.4.5-1woody5_ia64.deb
          Size/MD5 checksum:   137108 a2353ec66b50f90e3738aedde81e5093
        https://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5-dev_5.4.4.5-1woody5_ia64.deb
          Size/MD5 checksum:    56312 044edaa6a7185e0e26a98a90748f1a7b
        https://security.debian.org/pool/updates/main/i/imagemagick/libmagick5_5.4.4.5-1woody5_ia64.deb
          Size/MD5 checksum:  1360062 471ec0c40753bb7eac7e45385b0c96f0
        https://security.debian.org/pool/updates/main/i/imagemagick/libmagick5-dev_5.4.4.5-1woody5_ia64.deb
          Size/MD5 checksum:    67354 17efc0247ef95e3c38d170ed2f61a743
        https://security.debian.org/pool/updates/main/i/imagemagick/perlmagick_5.4.4.5-1woody5_ia64.deb
          Size/MD5 checksum:   132964 bacf380322370e7ced619ca4c76388f0
    
      HP Precision architecture:
    
        https://security.debian.org/pool/updates/main/i/imagemagick/imagemagick_5.4.4.5-1woody5_hppa.deb
          Size/MD5 checksum:  1297430 d70abbbe6d475d60fc2a34e2778c12f2
        https://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5_5.4.4.5-1woody5_hppa.deb
          Size/MD5 checksum:   132930 fedc55e4a005b28e00b54c993887e209
        https://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5-dev_5.4.4.5-1woody5_hppa.deb
          Size/MD5 checksum:    56362 8ec84f2f0a57a4c7f4289a652a4528ba
        https://security.debian.org/pool/updates/main/i/imagemagick/libmagick5_5.4.4.5-1woody5_hppa.deb
          Size/MD5 checksum:   859932 43a200eb3b9a70b8de1227e99820fb01
        https://security.debian.org/pool/updates/main/i/imagemagick/libmagick5-dev_5.4.4.5-1woody5_hppa.deb
          Size/MD5 checksum:    67394 b1d4e146818947a44af16f15a1451a18
        https://security.debian.org/pool/updates/main/i/imagemagick/perlmagick_5.4.4.5-1woody5_hppa.deb
          Size/MD5 checksum:   117242 fc089bd83662c0fcc49cc0b569bb1c30
    
      Motorola 680x0 architecture:
    
        https://security.debian.org/pool/updates/main/i/imagemagick/imagemagick_5.4.4.5-1woody5_m68k.deb
          Size/MD5 checksum:  1292622 a87e2eb868de28f78bf59d001468aedb
        https://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5_5.4.4.5-1woody5_m68k.deb
          Size/MD5 checksum:   134082 9ea7de99c48a5dc768fa8224aa0238d5
        https://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5-dev_5.4.4.5-1woody5_m68k.deb
          Size/MD5 checksum:    56392 c2059fc2455faa9c1d0a2f6f95fe5ba7
        https://security.debian.org/pool/updates/main/i/imagemagick/libmagick5_5.4.4.5-1woody5_m68k.deb
          Size/MD5 checksum:   751912 e80a1f4e2544d275fda1551b57d0246a
        https://security.debian.org/pool/updates/main/i/imagemagick/libmagick5-dev_5.4.4.5-1woody5_m68k.deb
          Size/MD5 checksum:    67420 db7a3156415f665889b025a154e2e9f5
        https://security.debian.org/pool/updates/main/i/imagemagick/perlmagick_5.4.4.5-1woody5_m68k.deb
          Size/MD5 checksum:   107482 54a1926ff755f825afa4b89efbadfd76
    
      Big endian MIPS architecture:
    
        https://security.debian.org/pool/updates/main/i/imagemagick/imagemagick_5.4.4.5-1woody5_mips.deb
          Size/MD5 checksum:  1294936 67ca29a49ab0c8e515e4810ece9ab409
        https://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5_5.4.4.5-1woody5_mips.deb
          Size/MD5 checksum:   120352 99578089369ea2a003d0a56aec6d34b2
        https://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5-dev_5.4.4.5-1woody5_mips.deb
          Size/MD5 checksum:    56362 98ecbc125c9451d9e885bb325997a73b
        https://security.debian.org/pool/updates/main/i/imagemagick/libmagick5_5.4.4.5-1woody5_mips.deb
          Size/MD5 checksum:   733120 641218d8281d38b3b55fb6d787e68760
        https://security.debian.org/pool/updates/main/i/imagemagick/libmagick5-dev_5.4.4.5-1woody5_mips.deb
          Size/MD5 checksum:    67404 3d0714b089cd5de5e4471aaf760a831e
        https://security.debian.org/pool/updates/main/i/imagemagick/perlmagick_5.4.4.5-1woody5_mips.deb
          Size/MD5 checksum:   103404 1517f93c042c60907d9bcc98ab7a70c8
    
      Little endian MIPS architecture:
    
        https://security.debian.org/pool/updates/main/i/imagemagick/imagemagick_5.4.4.5-1woody5_mipsel.deb
          Size/MD5 checksum:  1294920 a4ecbf6a8abbd0e18e0b3c2d896e2dcc
        https://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5_5.4.4.5-1woody5_mipsel.deb
          Size/MD5 checksum:   113950 5cfad22c7d0beec13255e148ca11783d
        https://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5-dev_5.4.4.5-1woody5_mipsel.deb
          Size/MD5 checksum:    56390 599616ef7a5869f65f65d4e1a493160c
        https://security.debian.org/pool/updates/main/i/imagemagick/libmagick5_5.4.4.5-1woody5_mipsel.deb
          Size/MD5 checksum:   721098 084defe73c73603e61b69419e1374f8e
        https://security.debian.org/pool/updates/main/i/imagemagick/libmagick5-dev_5.4.4.5-1woody5_mipsel.deb
          Size/MD5 checksum:    67414 1e8aa5e91cf61883a0c046f2d734c12c
        https://security.debian.org/pool/updates/main/i/imagemagick/perlmagick_5.4.4.5-1woody5_mipsel.deb
          Size/MD5 checksum:   102940 78c33b91bf9214e4caaa39eaf0679df7
    
      PowerPC architecture:
    
        https://security.debian.org/pool/updates/main/i/imagemagick/imagemagick_5.4.4.5-1woody5_powerpc.deb
          Size/MD5 checksum:  1291544 7b362ea5200d9f6e9d2721cd94f2c0d0
        https://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5_5.4.4.5-1woody5_powerpc.deb
          Size/MD5 checksum:   135970 01a05f7cd212b3fa7ed76c0a0525c7b3
        https://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5-dev_5.4.4.5-1woody5_powerpc.deb
          Size/MD5 checksum:    56354 07ec4a9182761c19fd19090d0fdcaa04
        https://security.debian.org/pool/updates/main/i/imagemagick/libmagick5_5.4.4.5-1woody5_powerpc.deb
          Size/MD5 checksum:   786292 5415dfec8fbed3256fd306a727408d15
        https://security.debian.org/pool/updates/main/i/imagemagick/libmagick5-dev_5.4.4.5-1woody5_powerpc.deb
          Size/MD5 checksum:    67400 644db38acce431e9b42baf87691232d7
        https://security.debian.org/pool/updates/main/i/imagemagick/perlmagick_5.4.4.5-1woody5_powerpc.deb
          Size/MD5 checksum:   111994 9723784a9a5d0da539449356f2437dbb
    
      IBM S/390 architecture:
    
        https://security.debian.org/pool/updates/main/i/imagemagick/imagemagick_5.4.4.5-1woody5_s390.deb
          Size/MD5 checksum:  1292246 2f71ab873e1756bd046a2321835a94b4
        https://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5_5.4.4.5-1woody5_s390.deb
          Size/MD5 checksum:   132088 7d757d128832809a4d151013bb5cd488
        https://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5-dev_5.4.4.5-1woody5_s390.deb
          Size/MD5 checksum:    56364 375a050c6067239cdc4bbf6effca8132
        https://security.debian.org/pool/updates/main/i/imagemagick/libmagick5_5.4.4.5-1woody5_s390.deb
          Size/MD5 checksum:   778100 e5185091f6cd9e27d71580fb38fc8690
        https://security.debian.org/pool/updates/main/i/imagemagick/libmagick5-dev_5.4.4.5-1woody5_s390.deb
          Size/MD5 checksum:    67390 26dc5601e55ead50a24df92aa115e44e
        https://security.debian.org/pool/updates/main/i/imagemagick/perlmagick_5.4.4.5-1woody5_s390.deb
          Size/MD5 checksum:   109050 4c65dcbf5625457c3fe1aa91f6664045
    
      Sun Sparc architecture:
    
        https://security.debian.org/pool/updates/main/i/imagemagick/imagemagick_5.4.4.5-1woody5_sparc.deb
          Size/MD5 checksum:  1295258 21cd0e05b94c92089329dd5668835e0d
        https://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5_5.4.4.5-1woody5_sparc.deb
          Size/MD5 checksum:   123926 2555c9f3c2b04fb3158ba1013b66f2f2
        https://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5-dev_5.4.4.5-1woody5_sparc.deb
          Size/MD5 checksum:    56360 0d0cbbb1bd4c1ba9ab5a843097f5d194
        https://security.debian.org/pool/updates/main/i/imagemagick/libmagick5_5.4.4.5-1woody5_sparc.deb
          Size/MD5 checksum:   802740 5636ffd8e41544e1495668221c448cdf
        https://security.debian.org/pool/updates/main/i/imagemagick/libmagick5-dev_5.4.4.5-1woody5_sparc.deb
          Size/MD5 checksum:    67386 165565fb0f4519388893f2f8548b0535
        https://security.debian.org/pool/updates/main/i/imagemagick/perlmagick_5.4.4.5-1woody5_sparc.deb
          Size/MD5 checksum:   112954 c7a6faee63c2c8b59a30585245e4c2a1
    
    
      These files will probably be moved into the stable distribution on
      its next update.
    
    - ---------------------------------------------------------------------------------
    For apt-get: deb https://security.debian.org/ stable/updates main
    For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
    Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.
    

    LinuxSecurity Poll

    I agree with Linus Torvalds - Apple's new M1-powered laptops should run on Linux.

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 2 answer(s).
    /main-polls/45-i-agree-with-linus-torvalds-apple-s-new-m1-powered-laptops-should-run-on-linux?task=poll.vote&format=json
    45
    radio
    [{"id":"158","title":"True","votes":"8","type":"x","order":"1","pct":100,"resources":[]},{"id":"159","title":"False","votes":"0","type":"x","order":"2","pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350

    Please vote first in order to view vote results.


    VIEW MORE POLLS

    bottom 200

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.