On Tue, Jan 18, 2005 at 05:34:08PM +0100, Daniel Kobras wrote:
> Okay, I've sent updated packages to the security team. Debdiff to the
> previous version in stable is attached. While preparing the stable
> update, I noted that the patch applied in 6.0.6.2-2 only fixes part of
> the issue because it missed the second boundary check applied (and
> well-hidden in a pile of unrelated changes) by upstream. Unless you get
> around to it sooner than me, I'll try to fix this up in a 6.0.6.2-2.1
> upload as soon as possible.
Here's the necessary change for the sid version. I intend to upload the
NMU right away as this should gain us a day in getting the complete fix
into testing. (I also removed the file nohup.out that seems to have
slipped in by mistake in -1.6.)
Regards,
Daniel.
diff -u imagemagick-6.0.6.2/coders/psd.c imagemagick-6.0.6.2/coders/psd.c
--- imagemagick-6.0.6.2/coders/psd.c
+++ imagemagick-6.0.6.2/coders/psd.c
@@ -850,6 +850,8 @@
layer_info[i].page.x, layer_info[i].page.y,
layer_info[i].page.height, layer_info[i].page.width,
layer_info[i].channels);
+ if (layer_info[i].channels > MaxPSDChannels)
+ ThrowReaderException(CorruptImageError,"MaximumChannelsExceeded");
for (j=0; j < (long) layer_info[i].channels; j++)
{
layer_info[i].channel_info[j].type=(short)
diff -u imagemagick-6.0.6.2/debian/changelog
imagemagick-6.0.6.2/debian/changelog
--- imagemagick-6.0.6.2/debian/changelog
+++ imagemagick-6.0.6.2/debian/changelog
@@ -1,3 +1,12 @@
+imagemagick (6:6.0.6.2-2.1) unstable; urgency=high
+
+ * Non-maintainer upload.
+ * coders/psd.c: Apply further boundary check to completely plug
+ buffer overflow when reading Photoshop images (CAN-2005-0005).
+ Closes: #291033
+
+ -- Daniel Kobras <[EMAIL PROTECTED]> Tue, 18 Jan 2005 18:20:05 +0100
+
imagemagick (6:6.0.6.2-2) unstable; urgency=high
* Fixes a buffer overflow in the PSD image-decoding.
reverted:
--- imagemagick-6.0.6.2/nohup.out
+++ imagemagick-6.0.6.2.orig/nohup.out
@@ -1,28 +0,0 @@
-dpkg-buildpackage: source package is imagemagick
-dpkg-buildpackage: source version is 6:6.0.6.2-1.6
-dpkg-buildpackage: source maintainer is Andreas Tille <[EMAIL PROTECTED]>
-dpkg-buildpackage: host architecture is i386
- fakeroot debian/rules clean
-dh_testdir
-dh_testroot
-rm -f build-stamp
-# Add here commands to clean up after the build process.
-cd PerlMagick && /usr/bin/make distclean
-make[1]: Entering directory
`/home/tillea/tmp/imagemagick/imagemagick-6.0.6.2/PerlMagick'
-make[1]: *** Keine Regel, um »distclean« zu erstellen. Schluss.
-make[1]: Leaving directory
`/home/tillea/tmp/imagemagick/imagemagick-6.0.6.2/PerlMagick'
-make: [clean] Fehler 2 (ignoriert)
-/usr/bin/make distclean
-make[1]: Entering directory `/home/tillea/tmp/imagemagick/imagemagick-6.0.6.2'
-make[1]: *** Keine Regel, um »distclean« zu erstellen. Schluss.
-make[1]: Leaving directory `/home/tillea/tmp/imagemagick/imagemagick-6.0.6.2'
-make: [clean] Fehler 2 (ignoriert)
-cd Magick++ && /usr/bin/make distclean
-make[1]: Entering directory
`/home/tillea/tmp/imagemagick/imagemagick-6.0.6.2/Magick++'
-make[1]: *** Keine Regel, um »distclean« zu erstellen. Schluss.
-make[1]: Leaving directory
`/home/tillea/tmp/imagemagick/imagemagick-6.0.6.2/Magick++'
-make: [clean] Fehler 2 (ignoriert)
-dh_clean
- dpkg-source -b imagemagick-6.0.6.2
-dpkg-source: building imagemagick using existing
imagemagick_6.0.6.2.orig.tar.gz
-dpkg-source: building imagemagick in imagemagick_6.0.6.2-1.6.diff.gz
