[ubuntu/hardy-security] imagemagick, imagemagick (delayed) 7:6.3.7.9.dfsg1-2ubuntu1.2 (Accepted)
Ubuntu Installer
archive at ubuntu.com
Tue Dec 7 19:04:53 GMT 2010
imagemagick (7:6.3.7.9.dfsg1-2ubuntu1.2) hardy-security; urgency=low
* SECURITY UPDATE: arbitrary code execution via config files in the
current directory.
- debian/patches/CVE-2010-4167.patch: don't read config files from
the current directory for the "installed" version.
- CVE-2010-4167
Date: Thu, 02 Dec 2010 15:08:44 -0500
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Core developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/hardy/+source/imagemagick/7:6.3.7.9.dfsg1-2ubuntu1.2
-------------- next part --------------
Format: 1.7
Date: Thu, 02 Dec 2010 15:08:44 -0500
Source: imagemagick
Binary: imagemagick libmagick10 libmagick9-dev libmagick++10 libmagick++9-dev perlmagick
Architecture: source
Version: 7:6.3.7.9.dfsg1-2ubuntu1.2
Distribution: hardy-security
Urgency: low
Maintainer: Ubuntu Core developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
imagemagick - image manipulation programs
libmagick++10 - C++ API to the ImageMagick library
libmagick++9-dev - C++ API to the ImageMagick library - development files
libmagick10 - image manipulation library
libmagick9-dev - image manipulation library - development files
perlmagick - Perl interface to the libMagick graphics routines
Changes:
imagemagick (7:6.3.7.9.dfsg1-2ubuntu1.2) hardy-security; urgency=low
.
* SECURITY UPDATE: arbitrary code execution via config files in the
current directory.
- debian/patches/CVE-2010-4167.patch: don't read config files from
the current directory for the "installed" version.
- CVE-2010-4167
Files:
ce7176e40236686799c83220863be81b 2002 graphics optional imagemagick_6.3.7.9.dfsg1-2ubuntu1.2.dsc
d0cce9adb56ecc3678a3f624ae4b61a8 148538 graphics optional imagemagick_6.3.7.9.dfsg1-2ubuntu1.2.diff.gz
Original-Maintainer: Luciano Bello <luciano at debian.org>
More information about the Hardy-changes
mailing list