LISTSERV - SCIENTIFIC-LINUX-ERRATA Archives

Synopsis:	Moderate: ImageMagick security update
Issue date:	2010-08-25
CVE Names:	CVE-2009-1882

An integer overflow flaw, leading to a heap-based buffer overflow, was
found in the ImageMagick routine responsible for creating X11 images. An
attacker could create a specially-crafted image file that, when opened 
by a victim, would cause ImageMagick to crash or, potentially, execute 
arbitrary code. (CVE-2009-1882)

All running instances of ImageMagick must be restarted for this update 
to take effect.

SL 4.x

     SRPMS:
ImageMagick-6.0.7.1-20.el4_8.1.src.rpm
     i386:
ImageMagick-6.0.7.1-20.el4_8.1.i386.rpm
ImageMagick-c++-6.0.7.1-20.el4_8.1.i386.rpm
ImageMagick-c++-devel-6.0.7.1-20.el4_8.1.i386.rpm
ImageMagick-devel-6.0.7.1-20.el4_8.1.i386.rpm
ImageMagick-perl-6.0.7.1-20.el4_8.1.i386.rpm
     x86_64:
ImageMagick-6.0.7.1-20.el4_8.1.x86_64.rpm
ImageMagick-c++-6.0.7.1-20.el4_8.1.x86_64.rpm
ImageMagick-c++-devel-6.0.7.1-20.el4_8.1.x86_64.rpm
ImageMagick-devel-6.0.7.1-20.el4_8.1.x86_64.rpm
ImageMagick-perl-6.0.7.1-20.el4_8.1.x86_64.rpm

-Connie Sieh
-Troy Dawson