Ubuntu Security Notice USN-340-1
6th September, 2006
imagemagick vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 6.06 LTS
- Ubuntu 5.10
- Ubuntu 5.04
Details
Tavis Ormandy discovered several buffer overflows in imagemagick's Sun
Raster and XCF (Gimp) image decoders. By tricking a user or automated
system into processing a specially crafted image, this could be
exploited to execute arbitrary code with the users' privileges.
Update instructions
The problem can be corrected by updating your system to the following package version:
- Ubuntu 6.06 LTS:
- libmagick9 6:6.2.4.5-0.6ubuntu0.2
- Ubuntu 5.10:
- libmagick6 6:6.2.3.4-1ubuntu1.3
- Ubuntu 5.04:
- libmagick6 6:6.0.6.2-2.1ubuntu1.4
To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.
In general, a standard system upgrade is sufficient to effect the
necessary changes.