Daniel Kobras discovered that Imagemagick is vulnerable to format
string attacks in the filename parsing code.
CVE-2006-4144
Damian Put discovered that Imagemagick is vulnerable to buffer
overflows in the module for SGI images.
CVE-2006-5456
M Joonas Pihlaja discovered that Imagemagick is vulnerable to buffer
overflows in the module for DCM and PALM images.
CVE-2006-5868
Daniel Kobras discovered that Imagemagick is vulnerable to buffer
overflows in the module for SGI images.
This update also adresses regressions in the XCF codec, which were
introduced in the previous security update.
For the stable distribution (sarge) these problems have been fixed in
version 6:6.0.6.2-2.8.
For the upcoming stable distribution (etch) these problems have been
fixed in version 7:6.2.4.5.dfsg1-0.11.
For the unstable distribution (sid) these problems have been fixed in
version 7:6.2.4.5.dfsg1-0.11.
We recommend that you upgrade your imagemagick packages.
Up...
Get the latest Linux and open source security news straight to your inbox.