Ubuntu Security Notice USN-337-1
17th August, 2006
imagemagick vulnerability
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 6.06 LTS
- Ubuntu 5.10
- Ubuntu 5.04
Details
Damian Put discovered a buffer overflow in imagemagick's SGI file
format decoder. By tricking an user or automated system into
processing a specially crafted SGI image, this could be exploited to
execute arbitrary code with the user's privileges.
Update instructions
The problem can be corrected by updating your system to the following package version:
- Ubuntu 6.06 LTS:
- libmagick9 6:6.2.4.5-0.6ubuntu0.1
- Ubuntu 5.10:
- libmagick6 6:6.2.3.4-1ubuntu1.2
- Ubuntu 5.04:
- libmagick6 6:6.0.6.2-2.1ubuntu1.3
To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.
After a standard system upgrade you need to reboot your computer to
effect the necessary changes.