Bug#601824: imagemagick: reads config files from cwd
Hi Andreas! On Sat, Nov 6, 2010 at 6:03 PM, Andreas Metzler wrote: > This is already fixed upstream. Quoting 6.6.5-6 ChangeLog: > 2010-10-30 6.6.5-5 Cristy > * Do not read configure files in the current directory for the "installed" > version of ImageMagick. I know :-) I have contacted upstream right after the bug report and they sent me the patch. > The fix (copy attached) is pretty short, I can make a NMU if you want > me to. I am still waiting for an answer from the security team. Thank you for your attention! ;-) Best regards, Nelson -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Processed: Re: Bug#601824: imagemagick: reads config files from cwd
Processing commands for cont...@bugs.debian.org: > tags 601824 fixed-upstream patch Bug #601824 [imagemagick] imagemagick: reads config files from cwd Added tag(s) fixed-upstream and patch. > thanks Stopping processing here. Please contact me if you need assistance. -- 601824: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=601824 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#601824: imagemagick: reads config files from cwd
tags 601824 fixed-upstream patch thanks On 2010-10-30 "Nelson A. de Oliveira" wrote: > On Fri, Oct 29, 2010 at 11:43 PM, Jakub Wilk wrote: > > ImageMagick reads several configuration files[0] from the current working > > directory. Unfortunately, this allows local attackers to execute arbitrary > > code if ImageMagick is run from an untrusted directory. > I have confirmed it here and forwarded upstream. [...] Hello Nelson, This is already fixed upstream. Quoting 6.6.5-6 ChangeLog: 2010-10-30 6.6.5-5 Cristy * Do not read configure files in the current directory for the "installed" version of ImageMagick. The fix (copy attached) is pretty short, I can make a NMU if you want me to. cu andreas Description: Do not read configure files in the current directory for the "installed" version of ImageMagick. Patch pulled from upstream svn https://www.imagemagick.org/subversion/ImageMagick/trunk revision 3022. Author: Cristy Bug-Debian: http://bugs.debian.org/601824 Origin: upstream Last-Update: <2010-11-06> --- imagemagick-6.6.0.4.orig/magick/configure.c +++ imagemagick-6.6.0.4/magick/configure.c @@ -749,6 +749,10 @@ MagickExport LinkedListInfo *GetConfigur (void) AppendValueToLinkedList(paths,ConstantString(path)); #endif } + /* +Search current directory. + */ + (void) AppendValueToLinkedList(paths,ConstantString("")); #endif { char @@ -803,10 +807,6 @@ MagickExport LinkedListInfo *GetConfigur } } #endif - /* -Search current directory. - */ - (void) AppendValueToLinkedList(paths,ConstantString("")); return(paths); }
Bug#601824: imagemagick: reads config files from cwd
Hi Jakub! On Fri, Oct 29, 2010 at 11:43 PM, Jakub Wilk wrote: > ImageMagick reads several configuration files[0] from the current working > directory. Unfortunately, this allows local attackers to execute arbitrary > code if ImageMagick is run from an untrusted directory. I have confirmed it here and forwarded upstream. Thank you! Best regards, Nelson -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#601824: imagemagick: reads config files from cwd
Package: imagemagick Version: 7:6.3.7.9.dfsg2-1~lenny3 Severity: grave Tags: security Justification: user security hole ImageMagick reads several configuration files[0] from the current working directory. Unfortunately, this allows local attackers to execute arbitrary code if ImageMagick is run from an untrusted directory. Steps to reproduce this bug: 1. As an attacker, put the attached files in /tmp. 2. As a victim, in /tmp run: $ convert /path/to/foo.png /path/to/bar.png All your base are belong to us. convert: missing an image filename `/path/to/bar.png'. [0] http://www.imagemagick.org/script/resources.php -- Jakub Wilk coder.xml Description: XML document delegates.xml Description: XML document signature.asc Description: Digital signature