This is the mail archive of the
cygwin-apps
mailing list for the Cygwin project.
SECURITY: ImageMagick, GraphicsMagick
- From: "Yaakov S (Cygwin Ports)" <yselkowitz at users dot sourceforge dot net>
- To: cygwin-apps at cygwin dot com
- Date: Tue, 28 Feb 2006 17:10:54 -0600
- Subject: SECURITY: ImageMagick, GraphicsMagick
- References: <43F1435F.3080401@users.sourceforge.net>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Yaakov S (Cygwin Ports) wrote:
> ImageMagick contains several format string vulnerabilities, which may
> allow an attacker to execute arbitrary code.
>
> Solution: update to 6.2.5.5 or 6.2.6 (our current is 6.0.4-1 !!!)
>
> More information:
> http://www.gentoo.org/security/en/glsa/glsa-200602-06.xml
> http://www.gentoo.org/security/en/glsa/glsa-200503-11.xml
First, ping.
Second, I just knew this was going to happen... GraphicsMagick is also
similarly affected.
Solution: upgrade to 1.1.7.
More information:
http://security.gentoo.org/glsa/glsa-200602-13.xml
Yaakov
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (Cygwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFEBNh+piWmPGlmQSMRAvwiAKDfqWRK3i9ca7VPCe8Sd6J0Iw/z/gCg6UGQ
msCPNAz11VIWlD0WFabS+CA=
=WtIw
-----END PGP SIGNATURE-----