Gentoo Archives: gentoo-announce

From: Thierry Carrez <koon@g.o>
To: gentoo-announce@l.g.o
Cc: bugtraq@×××××××××××××.com, full-disclosure@××××××××××××.com, security-alerts@×××××××××××××.com
Subject: [gentoo-announce] [ GLSA 200409-12 ] ImageMagick, imlib, imlib2: BMP decoding buffer overflows
Date: Wed, 08 Sep 2004 09:10:06
Message-Id: 413ECAD7.2080203@gentoo.org
1 -----BEGIN PGP SIGNED MESSAGE-----
2 Hash: SHA1
3
4 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
5 Gentoo Linux Security Advisory GLSA 200409-12
6 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
7 http://security.gentoo.org/
8 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
9
10 Severity: Normal
11 Title: ImageMagick, imlib, imlib2: BMP decoding buffer overflows
12 Date: September 08, 2004
13 Bugs: #62309, #62487
14 ID: 200409-12
15
16 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
17
18 Synopsis
19 ========
20
21 ImageMagick, imlib and imlib2 contain exploitable buffer overflow
22 vulnerabilities in the BMP image processing code.
23
24 Background
25 ==========
26
27 ImageMagick is a suite of image manipulation utilities and libraries
28 used for a wide variety of image formats. imlib is a general image
29 loading and rendering library.
30
31 Affected packages
32 =================
33
34 -------------------------------------------------------------------
35 Package / Vulnerable / Unaffected
36 -------------------------------------------------------------------
37 1 media-gfx/imagemagick < 6.0.7.1 >= 6.0.7.1
38 2 media-libs/imlib < 1.9.14-r2 >= 1.9.14-r2
39 3 media-libs/imlib2 < 1.1.2 >= 1.1.2
40 -------------------------------------------------------------------
41 3 affected packages on all of their supported architectures.
42 -------------------------------------------------------------------
43
44 Description
45 ===========
46
47 Due to improper bounds checking, ImageMagick and imlib are vulnerable
48 to a buffer overflow when decoding runlength-encoded bitmaps. This bug
49 can be exploited using a specially-crafted BMP image and could
50 potentially allow remote code execution when this image is decoded by
51 the user.
52
53 Impact
54 ======
55
56 A specially-crafted runlength-encoded BMP could lead ImageMagick and
57 imlib to crash or potentially execute arbitrary code.
58
59 Workaround
60 ==========
61
62 There is no known workaround at this time.
63
64 Resolution
65 ==========
66
67 All ImageMagick users should upgrade to the latest version:
68
69 # emerge sync
70
71 # emerge -pv ">=media-gfx/imagemagick-6.0.7.1"
72 # emerge ">=media-gfx/imagemagick-6.0.7.1"
73
74 All imlib users should upgrade to the latest version:
75
76 # emerge sync
77
78 # emerge -pv ">=media-libs/imlib-1.9.14-r2"
79 # emerge ">=media-libs/imlib-1.9.14-r2"
80
81 All imlib2 users should upgrade to the latest version:
82
83 # emerge sync
84
85 # emerge -pv ">=media-libs/imlib2-1.1.2"
86 # emerge ">=media-libs/imlib2-1.1.2"
87
88 References
89 ==========
90
91 [ 1 ] CAN-2004-0817
92 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0817
93 [ 2 ] CAN-2004-0802
94 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0802
95 [ 3 ] ImageMagick Mailing List
96
97 http://studio.imagemagick.org/pipermail/magick-developers/2004-August/002011.html
98 [ 4 ] SecurityTracker #1011104
99 http://securitytracker.com/alerts/2004/Aug/1011104.html
100 [ 5 ] SecurityTracker #1011105
101 http://securitytracker.com/alerts/2004/Aug/1011105.html
102
103 Availability
104 ============
105
106 This GLSA and any updates to it are available for viewing at
107 the Gentoo Security Website:
108
109 http://security.gentoo.org/glsa/glsa-200409-12.xml
110
111 Concerns?
112 =========
113
114 Security is a primary focus of Gentoo Linux and ensuring the
115 confidentiality and security of our users machines is of utmost
116 importance to us. Any security concerns should be addressed to
117 security@g.o or alternatively, you may file a bug at
118 http://bugs.gentoo.org.
119
120 License
121 =======
122
123 Copyright 2004 Gentoo Foundation, Inc; referenced text
124 belongs to its owner(s).
125
126 The contents of this document are licensed under the
127 Creative Commons - Attribution / Share Alike license.
128
129 http://creativecommons.org/licenses/by-sa/1.0
130
131 -----BEGIN PGP SIGNATURE-----
132 Version: GnuPG v1.2.4 (GNU/Linux)
133 Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
134
135 iD8DBQFBPsrXvcL1obalX08RAiMWAJ9jRgAsJDcmL5JF/EZrn0BREPo5egCgpomO
136 W24qtwrG1lisZYBSGyyWrRI=
137 =XLhl
138 -----END PGP SIGNATURE-----