Bug 5310 - imagemagick new security issues CVE-2012-0247 and CVE-2012-0248
Summary: imagemagick new security issues CVE-2012-0247 and CVE-2012-0248
Status: RESOLVED FIXED
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: 1
Hardware: i586 Linux
Priority: Normal normal
Target Milestone: ---
Assignee: QA Team
QA Contact:
URL:
Whiteboard:
Keywords: validated_update
Depends on:
Blocks:
 
Reported: 2012-04-09 16:00 CEST by David Walser
Modified: 2012-04-22 19:16 CEST (History)
6 users (show)

See Also:
Source RPM: imagemagick-6.6.6.10-5.mga1.src.rpm
CVE:
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description David Walser 2012-04-09 16:00:35 CEST 
Debian has issued this advisory on March 6:
http://www.debian.org/security/2012/dsa-2427

Cauldron is not vulnerable.

There is some more information here:
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-0248
David Walser 2012-04-09 16:00:47 CEST

CC: (none) => fundawang

Comment 1 Remco Rijnders 2012-04-10 09:54:16 CEST 
Assigning to maintainer.

Assignee: bugsquad => stormi

Samuel Verschelde 2012-04-10 22:36:18 CEST

Assignee: stormi => andre999mga

Comment 2 David Walser 2012-04-14 04:53:08 CEST 
Patched package uploaded.

Advisory:
========================

Updated imagemagick packages fix security vulnerabilities:

When parsing a maliciously crafted image with incorrect offset and
count in the ResolutionUnit tag in EXIF IFD0, ImageMagick writes two
bytes to an invalid address (CVE-2012-0247, CVE-2012-1185).

Parsing a maliciously crafted image with an IFD whose all IOP tags
value offsets point to the beginning of the IFD itself results in an
endless loop and a denial of service (CVE-2012-0248, CVE-2012-1186).

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0247
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0248
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1185
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1186
http://www.debian.org/security/2012/dsa-2427
========================

Updated packages in core/updates_testing:
========================
imagemagick-6.6.6.10-5.1.mga1
imagemagick-desktop-6.6.6.10-5.1.mga1
libmagick4-6.6.6.10-5.1.mga1
libmagick-devel-6.6.6.10-5.1.mga1
perl-Image-Magick-6.6.6.10-5.1.mga1
imagemagick-doc-6.6.6.10-5.1.mga1

from imagemagick-6.6.6.10-5.1.mga1.src.rpm

CC: (none) => andre999mga
Assignee: andre999mga => qa-bugs

Comment 3 Olivier Delaune 2012-04-19 11:11:22 CEST 
Installed on x86_64.
I did rudimentary test (convert essentially) and it works fine.

CC: (none) => olivier.delaune

Comment 4 Dave Hodgins 2012-04-20 21:00:09 CEST 
Testing complete on i586.

Testing various effects etc. on several image formats.

Could someone from the sysadmin team push the srpm
imagemagick-6.6.6.10-5.1.mga1.src.rpm
from Core Updates Testing to Core Updates.

Advisory: Updated imagemagick packages fix security vulnerabilities:

When parsing a maliciously crafted image with incorrect offset and
count in the ResolutionUnit tag in EXIF IFD0, ImageMagick writes two
bytes to an invalid address (CVE-2012-0247, CVE-2012-1185).

Parsing a maliciously crafted image with an IFD whose all IOP tags
value offsets point to the beginning of the IFD itself results in an
endless loop and a denial of service (CVE-2012-0248, CVE-2012-1186).

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0247
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0248
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1185
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1186
http://www.debian.org/security/2012/dsa-2427

https://bugs.mageia.org/show_bug.cgi?id=5310

Keywords: (none) => validated_update
CC: (none) => davidwhodgins, sysadmin-bugs

Comment 5 Thomas Backlund 2012-04-22 19:16:07 CEST 
Update pushed

Status: NEW => RESOLVED
CC: (none) => tmb
Resolution: (none) => FIXED
Note You need to log in before you can comment on or make changes to this bug.