Bug 5310

Summary: imagemagick new security issues CVE-2012-0247 and CVE-2012-0248
Product: Mageia Reporter: David Walser <luigiwalser>
Component: SecurityAssignee: QA Team <qa-bugs>
Status: RESOLVED FIXED QA Contact:
Severity: normal    
Priority: Normal CC: andr55, davidwhodgins, fundawang, olivier.delaune, sysadmin-bugs, tmb
Version: 1Keywords: validated_update
Target Milestone: ---   
Hardware: i586   
OS: Linux   
Whiteboard:
Source RPM: imagemagick-6.6.6.10-5.mga1.src.rpm CVE:
Status comment:

Description David Walser 2012-04-09 16:00:35 CEST 
Debian has issued this advisory on March 6:
http://www.debian.org/security/2012/dsa-2427

Cauldron is not vulnerable.

There is some more information here:
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-0248
David Walser 2012-04-09 16:00:47 CEST

CC: (none) => fundawang

Comment 1 Remco Rijnders 2012-04-10 09:54:16 CEST 
Assigning to maintainer.

Assignee: bugsquad => stormi

Samuel Verschelde 2012-04-10 22:36:18 CEST

Assignee: stormi => andre999mga

Comment 2 David Walser 2012-04-14 04:53:08 CEST 
Patched package uploaded.

Advisory:
========================

Updated imagemagick packages fix security vulnerabilities:

When parsing a maliciously crafted image with incorrect offset and
count in the ResolutionUnit tag in EXIF IFD0, ImageMagick writes two
bytes to an invalid address (CVE-2012-0247, CVE-2012-1185).

Parsing a maliciously crafted image with an IFD whose all IOP tags
value offsets point to the beginning of the IFD itself results in an
endless loop and a denial of service (CVE-2012-0248, CVE-2012-1186).

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0247
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0248
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1185
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1186
http://www.debian.org/security/2012/dsa-2427
========================

Updated packages in core/updates_testing:
========================
imagemagick-6.6.6.10-5.1.mga1
imagemagick-desktop-6.6.6.10-5.1.mga1
libmagick4-6.6.6.10-5.1.mga1
libmagick-devel-6.6.6.10-5.1.mga1
perl-Image-Magick-6.6.6.10-5.1.mga1
imagemagick-doc-6.6.6.10-5.1.mga1

from imagemagick-6.6.6.10-5.1.mga1.src.rpm

CC: (none) => andre999mga
Assignee: andre999mga => qa-bugs

Comment 3 Olivier Delaune 2012-04-19 11:11:22 CEST 
Installed on x86_64.
I did rudimentary test (convert essentially) and it works fine.

CC: (none) => olivier.delaune

Comment 4 Dave Hodgins 2012-04-20 21:00:09 CEST 
Testing complete on i586.

Testing various effects etc. on several image formats.

Could someone from the sysadmin team push the srpm
imagemagick-6.6.6.10-5.1.mga1.src.rpm
from Core Updates Testing to Core Updates.

Advisory: Updated imagemagick packages fix security vulnerabilities:

When parsing a maliciously crafted image with incorrect offset and
count in the ResolutionUnit tag in EXIF IFD0, ImageMagick writes two
bytes to an invalid address (CVE-2012-0247, CVE-2012-1185).

Parsing a maliciously crafted image with an IFD whose all IOP tags
value offsets point to the beginning of the IFD itself results in an
endless loop and a denial of service (CVE-2012-0248, CVE-2012-1186).

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0247
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0248
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1185
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1186
http://www.debian.org/security/2012/dsa-2427

https://bugs.mageia.org/show_bug.cgi?id=5310

Keywords: (none) => validated_update
CC: (none) => davidwhodgins, sysadmin-bugs

Comment 5 Thomas Backlund 2012-04-22 19:16:07 CEST 
Update pushed

Status: NEW => RESOLVED
CC: (none) => tmb
Resolution: (none) => FIXED