SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for imagemagick-6.3.5.10-1tr.i586.rpm :
Wed Sep 26 14:00:00 2007 Nived Gopalan 6.3.5.10-1tr
- New Upstream.
- SECURITY Fix: Some vulnerabilities have been reported in ImageMagick,
which can be exploited by malicious people to conduct DoS attacks or
compromise a user\'s system.
- Includes fix for CVE-2007-4986, CVE-2007-4987 and CVE-2007-4988.

Thu Apr 5 14:00:00 2007 Nived Gopalan 6.3.3.5-1tr
- New Upstream.
- SECURITY Fix: Some vulnerabilities have been reported in ImageMagick,
which can be exploited by malicious people to compromise a vulnerable
system.
- A integer overflow error within the \"ReadDCMImage()\" function can be
exploited to cause a heap-based buffer overflow when processing
specially crafted DCM images.
- Two integer overflows within the \"ReadXWDImage()\" function when
calculating the amount of memory to be allocated for the \'colors\' or
\'comment\' fields can be exploited to cause heap-based buffer overflows
when processing specially crafted XWD images.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CVE-2007-1797 to this issue.

Mon Nov 13 13:00:00 2006 Bipin S 6.3.0.1-2tr
- Fixed undefined symbols, Bug #2035.

Wed Nov 1 13:00:00 2006 Bipin S 6.3.0.1-1tr
- New upstream.

Fri Aug 25 14:00:00 2006 Nived Gopalan 6.2.9.1-1tr
- New Upstream.
- SECURITY Fix: Tavis Ormandy has reported some vulnerabilities in
ImageMagick, which potentially can be exploited by malicious people
to compromise a vulnerable system.
- Fix boundary errors within the \"DecodeBitmap()\" function and the
\"ReadSUNImage()\" function in sun.c which can be exploited to cause
heap-based buffer overflows when processing specially crafted
Sun Rasterfile images.
- Fix boundary errors within the XCF image decoder which can be
exploited to cause a stack-based and a heap-based overflow when
processing specially crafted XCF image files.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the names CVE-2006-3744 and CVE-2006-3743 to this issue.

Thu Aug 17 14:00:00 2006 Nived Gopalan 6.2.9-1tr
- New Upstream.
- SECURITY Fix: Damian Put has discovered a vulnerability in ImageMagick,
which can be exploited by malicious people to cause a DoS (Denial of
Service) or potentially compromise a user\'s system. The vulnerability
is caused due to an integer overflow in the \"ReadSGIImage()\" function
when decoding SGI image files.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CVE-2006-4144 to this issue.

Fri Jan 27 13:00:00 2006 Bipin S 6.2.6-1tr
- New Upstream.
- Removed /usr/lib/libltdl.
* from spec.
- Added with-perl-options in configure

Wed Jun 29 14:00:00 2005 Ajith Thampi 6.2.3-4tr
- Multiple Bug Fixes

Tue Jun 7 14:00:00 2005 Ajith Thampi 6.2.3-3tr
- Rebuilt to make changes with perl-5.8.7

Tue May 31 14:00:00 2005 Ajith Thampi 6.2.3-1tr
- New Upstream
- Fixed an obscure heap-overflow vulnerability in the PNM reader reported by Damian Put
- Eliminate seg-fault when pinging images not recognised by ImageMagick.
- Fixed memory overflow computation.

Mon May 23 14:00:00 2005 Ajith Thampi 6.2.2-4tr
- Fix DOS, Tavis Ormandy has reported a weakness in ImageMagick, which can be
exploited by malicious people to cause a DoS (Denial of Service).The problem
is caused due to an infinite loop in the XWD decoder when setting a colour mask
and can be exploited to consume a large amount of CPU resources via a specially
crafted image. (SA15130)

Tue Apr 26 14:00:00 2005 Ajith Thampi 6.2.2-2tr
- Remote exploitation of a heap overflow vulnerability could allow
execution of arbitrary code or couse denial of service.A heap overflow
exists in ReadPNMImage() function, that is used to decode a PNM image files.

Tue Apr 26 14:00:00 2005 Ajith Thampi 6.2.2-1tr
- New Upstream
- Fixes Heap Overflow Vulnerability

Fri Apr 1 14:00:00 2005 Bipin S 6.2.1-1tr
- Imported from tsl-2.2 contribs.
- minor cleanup, fixed unpackaged file list

Tue Feb 8 13:00:00 2005 Raghu 6.1.8-1ra
- New Upstream

Tue Nov 16 13:00:00 2004 Chr. Toldnes 6.1.4-2ct
- Cleanup for official contrib

Sun Nov 14 13:00:00 2004 Morten Nilsen
- Upgrade and clean up package

Mon Oct 20 14:00:00 2003 Morten Nilsen
- made initial cut


  
ICM