Daniel Kobras wrote:
> On Fri, Jan 27, 2006 at 10:59:34PM +0100, Martin Schulze wrote:
> > Daniel Kobras wrote:
> > > > Gnah. You are correct. I'm extending the list of forbidden characters
> > > > by $().
> > >
> > > Upstream has reverted the blacklist and instead went for an improved
> > > ver
On Fri, Jan 27, 2006 at 10:59:34PM +0100, Martin Schulze wrote:
> Daniel Kobras wrote:
> > > Gnah. You are correct. I'm extending the list of forbidden characters
> > > by $().
> >
> > Upstream has reverted the blacklist and instead went for an improved
> > version of the symlink fix I added to
Daniel Kobras wrote:
> > Gnah. You are correct. I'm extending the list of forbidden characters
> > by $().
>
> Upstream has reverted the blacklist and instead went for an improved
> version of the symlink fix I added to ImageMagick in unstable. The patch
> is more involved, but also more robust
On Fri, Jan 27, 2006 at 10:32:51PM +0100, Martin Schulze wrote:
> Daniel Kobras wrote:
> > On Thu, Jan 05, 2006 at 01:49:11PM +0100, Daniel Kobras wrote:
> > > On Fri, Dec 30, 2005 at 02:19:27PM +0100, Florian Weimer wrote:
> > > > With some user interaction, this is exploitable through Gnus and
>
Daniel Kobras wrote:
> found 345238 4:5.4.4.5-1woody7
> found 345238 6:6.0.6.2-2.5
> thanks
>
> On Thu, Jan 05, 2006 at 01:49:11PM +0100, Daniel Kobras wrote:
> > On Fri, Dec 30, 2005 at 02:19:27PM +0100, Florian Weimer wrote:
> > > With some user interaction, this is exploitable through Gnus and
found 345238 4:5.4.4.5-1woody7
found 345238 6:6.0.6.2-2.5
thanks
On Thu, Jan 05, 2006 at 01:49:11PM +0100, Daniel Kobras wrote:
> On Fri, Dec 30, 2005 at 02:19:27PM +0100, Florian Weimer wrote:
> > With some user interaction, this is exploitable through Gnus and
> > Thunderbird. I think this warr
On Thu, Jan 05, 2006 at 02:04:39PM +0100, Florian Weimer wrote:
> A better fix would be to bypass the shell and invoke the delegate
> directly (using fork and execve). If this is not feasible, the file
> name should be translated according to this pseudo-code:
I went for an even more simple fix:
* Daniel Kobras:
> tag 345238 + patch
> thanks
>
> On Fri, Dec 30, 2005 at 02:19:27PM +0100, Florian Weimer wrote:
>> With some user interaction, this is exploitable through Gnus and
>> Thunderbird. I think this warrants increasing the severity to
>> "grave".
>
> Here's the vanilla fix from upstr
tag 345238 + patch
thanks
On Fri, Dec 30, 2005 at 02:19:27PM +0100, Florian Weimer wrote:
> With some user interaction, this is exploitable through Gnus and
> Thunderbird. I think this warrants increasing the severity to
> "grave".
Here's the vanilla fix from upstream SVN, stripped off whitespac
retitle 345238 [CVE-2005-4601] Shell command injection in delegate code (via
file names)
thanks
This issue has been assigned CVE-2005-4601. Please mention this
identifier in the changelog when fixing this bug.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Tro
severity 345238 grave
thanks
With some user interaction, this is exploitable through Gnus and
Thunderbird. I think this warrants increasing the severity to
"grave".
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Package: imagemagick
Version: 6.2.4.5-0.3
Tags: security
The delegate code in Imagemagick is vulnerable to shell command
injection, using specially crafted file names:
$ cp /usr/lib/openoffice/share/template/en-US/wizard/bitmap/germany.wmf \
'" ; echo "Hi!" >&2; : "'.gif
$ display '" ; echo "Hi
12 matches
Mail list logo
