This is the mail archive of the cygwin-apps mailing list for the Cygwin project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Security vulnerability: ImageMagick

From: "Yaakov S (Cygwin Ports)" <yselkowitz at users dot sourceforge dot net>
To: cygwin-apps at cygwin dot com
Date: Mon, 13 Feb 2006 20:41:35 -0600
Subject: Security vulnerability: ImageMagick

ImageMagick contains several format string vulnerabilities, which may allow an attacker to execute arbitrary code.

Solution: update to 6.2.5.5 or 6.2.6 (our current is 6.0.4-1 !!!)

More information:
http://www.gentoo.org/security/en/glsa/glsa-200602-06.xml
http://www.gentoo.org/security/en/glsa/glsa-200503-11.xml

Yaakov

Follow-Ups:
- SECURITY: ImageMagick, GraphicsMagick
  - From: Yaakov S (Cygwin Ports)

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]