Bug#601824: imagemagick: reads config files from cwd
Hi Andreas! On Sat, Nov 6, 2010 at 6:03 PM, Andreas Metzler wrote: > This is already fixed upstream. Quoting 6.6.5-6 ChangeLog: > 2010-10-30 6.6.5-5 Cristy > * Do not read configure files in the current directory for the "installed" > version of ImageMagick. I know :-) I have contacted upstream right after the bug report and they sent me the patch. > The fix (copy attached) is pretty short, I can make a NMU if you want > me to. I am still waiting for an answer from the security team. Thank you for your attention! ;-) Best regards, Nelson -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Processed: Re: Bug#601824: imagemagick: reads config files from cwd
Processing commands for cont...@bugs.debian.org: > tags 601824 fixed-upstream patch Bug #601824 [imagemagick] imagemagick: reads config files from cwd Added tag(s) fixed-upstream and patch. > thanks Stopping processing here. Please contact me if you need assistance. -- 601824: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=601824 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#601824: imagemagick: reads config files from cwd
tags 601824 fixed-upstream patch
thanks
On 2010-10-30 "Nelson A. de Oliveira" wrote:
> On Fri, Oct 29, 2010 at 11:43 PM, Jakub Wilk wrote:
> > ImageMagick reads several configuration files[0] from the current working
> > directory. Unfortunately, this allows local attackers to execute arbitrary
> > code if ImageMagick is run from an untrusted directory.
> I have confirmed it here and forwarded upstream.
[...]
Hello Nelson,
This is already fixed upstream. Quoting 6.6.5-6 ChangeLog:
2010-10-30 6.6.5-5 Cristy
* Do not read configure files in the current directory for the "installed"
version of ImageMagick.
The fix (copy attached) is pretty short, I can make a NMU if you want
me to.
cu andreas
Description: Do not read configure files in the current directory for
the "installed" version of ImageMagick.
Patch pulled from upstream svn
https://www.imagemagick.org/subversion/ImageMagick/trunk
revision 3022.
Author: Cristy
Bug-Debian: http://bugs.debian.org/601824
Origin: upstream
Last-Update: <2010-11-06>
--- imagemagick-6.6.0.4.orig/magick/configure.c
+++ imagemagick-6.6.0.4/magick/configure.c
@@ -749,6 +749,10 @@ MagickExport LinkedListInfo *GetConfigur
(void) AppendValueToLinkedList(paths,ConstantString(path));
#endif
}
+ /*
+Search current directory.
+ */
+ (void) AppendValueToLinkedList(paths,ConstantString(""));
#endif
{
char
@@ -803,10 +807,6 @@ MagickExport LinkedListInfo *GetConfigur
}
}
#endif
- /*
-Search current directory.
- */
- (void) AppendValueToLinkedList(paths,ConstantString(""));
return(paths);
}
Bug#601824: imagemagick: reads config files from cwd
Hi Jakub! On Fri, Oct 29, 2010 at 11:43 PM, Jakub Wilk wrote: > ImageMagick reads several configuration files[0] from the current working > directory. Unfortunately, this allows local attackers to execute arbitrary > code if ImageMagick is run from an untrusted directory. I have confirmed it here and forwarded upstream. Thank you! Best regards, Nelson -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#601824: imagemagick: reads config files from cwd
Package: imagemagick Version: 7:6.3.7.9.dfsg2-1~lenny3 Severity: grave Tags: security Justification: user security hole ImageMagick reads several configuration files[0] from the current working directory. Unfortunately, this allows local attackers to execute arbitrary code if ImageMagick is run from an untrusted directory. Steps to reproduce this bug: 1. As an attacker, put the attached files in /tmp. 2. As a victim, in /tmp run: $ convert /path/to/foo.png /path/to/bar.png All your base are belong to us. convert: missing an image filename `/path/to/bar.png'. [0] http://www.imagemagick.org/script/resources.php -- Jakub Wilk coder.xml Description: XML document delegates.xml Description: XML document signature.asc Description: Digital signature
