SECURITY: ImageMagick, GraphicsMagick
Yaakov S (Cygwin Ports)
yselkowitz@users.sourceforge.net
Tue Feb 28 23:11:00 GMT 2006
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Yaakov S (Cygwin Ports) wrote:
> ImageMagick contains several format string vulnerabilities, which may
> allow an attacker to execute arbitrary code.
>
> Solution: update to 6.2.5.5 or 6.2.6 (our current is 6.0.4-1 !!!)
>
> More information:
> http://www.gentoo.org/security/en/glsa/glsa-200602-06.xml
> http://www.gentoo.org/security/en/glsa/glsa-200503-11.xml
First, ping.
Second, I just knew this was going to happen... GraphicsMagick is also
similarly affected.
Solution: upgrade to 1.1.7.
More information:
http://security.gentoo.org/glsa/glsa-200602-13.xml
Yaakov
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (Cygwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFEBNh+piWmPGlmQSMRAvwiAKDfqWRK3i9ca7VPCe8Sd6J0Iw/z/gCg6UGQ
msCPNAz11VIWlD0WFabS+CA=
=WtIw
-----END PGP SIGNATURE-----
More information about the Cygwin-apps
mailing list