Security improvements to TEXT coder broke it

Bug #1589580 reported by Dashamir Hoxha on 2016-06-06
24
This bug affects 4 people
Affects Status Importance Assigned to Milestone
imagemagick (Ubuntu)
High
Ubuntu Security Team
Precise
High
Marc Deslauriers
Trusty
High
Marc Deslauriers
Xenial
High
Marc Deslauriers
Yakkety
High
Marc Deslauriers

Bug Description

In ubuntu 16.04 (xenial):

$ convert test.txt test.pdf
convert: improper image header `test.txt' @ error/txt.c/ReadTXTImage/433.
convert: no images defined `test.pdf' @ error/convert.c/ConvertImageCommand/3210.

$ lsb_release -rd
Description: Ubuntu 16.04 LTS
Release: 16.04

$ apt-cache policy imagemagick
imagemagick:
  Installed: 8:6.8.9.9-7ubuntu5.1
  Candidate: 8:6.8.9.9-7ubuntu5.1
  Version table:
 *** 8:6.8.9.9-7ubuntu5.1 500
        500 http://archive.ubuntu.com/ubuntu xenial-updates/main amd64 Packages
        500 http://security.ubuntu.com/ubuntu xenial-security/main amd64 Packages
        100 /var/lib/dpkg/status
     8:6.8.9.9-7ubuntu5 500
        500 http://archive.ubuntu.com/ubuntu xenial/main amd64 Packages

Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in imagemagick (Ubuntu):
status: New → Confirmed
dsitze (dsitze) wrote :

See http://www.imagemagick.org/discourse-server/viewtopic.php?t=29754

Initial symptom is consistent w/ policy change. Comment out the line for text coder in /etc/ImageMagic-6.

The command now requires (per security update) text to be explicit:

convert text:test.txt test.pdf

However, now you'll get:
convert: ../../coders/txt.c:197: ReadTEXTImage: Assertion `exception != (ExceptionInfo *) NULL' failed.
Aborted (core dumped)

As indicated in the linked discussion, this has been fixed in later versions.

Mathew Hodson (mathew-hodson) wrote :
tags: added: patch-accepted-upstream regression-update xenial
Changed in imagemagick (Ubuntu):
importance: Undecided → High
summary: - Text files cannot be converted to pdf
+ Security improvements to TEXT coder broke it
tags: removed: patch-accepted-upstream
Changed in imagemagick (Ubuntu):
assignee: nobody → Ubuntu Security Team (ubuntu-security)
Changed in imagemagick (Ubuntu Precise):
assignee: nobody → Marc Deslauriers (mdeslaur)
Changed in imagemagick (Ubuntu Trusty):
assignee: nobody → Marc Deslauriers (mdeslaur)
Changed in imagemagick (Ubuntu Xenial):
assignee: nobody → Marc Deslauriers (mdeslaur)
Changed in imagemagick (Ubuntu Yakkety):
assignee: nobody → Marc Deslauriers (mdeslaur)
Changed in imagemagick (Ubuntu Precise):
status: New → Confirmed
Changed in imagemagick (Ubuntu Trusty):
status: New → Confirmed
Changed in imagemagick (Ubuntu Xenial):
status: New → Confirmed
Changed in imagemagick (Ubuntu Yakkety):
status: New → Confirmed
Changed in imagemagick (Ubuntu Precise):
importance: Undecided → High
Changed in imagemagick (Ubuntu Trusty):
importance: Undecided → High
Changed in imagemagick (Ubuntu Xenial):
importance: Undecided → High
Changed in imagemagick (Ubuntu Yakkety):
importance: Undecided → High
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package imagemagick - 8:6.8.9.9-7ubuntu8.3

---------------
imagemagick (8:6.8.9.9-7ubuntu8.3) yakkety-security; urgency=medium

  * SECURITY REGRESSION: text coder issue (LP: #1589580)
    - debian/patches/fix_text_coder.patch: add extra check to coders/mvg.c,
      fix logic in coders/txt.c.

 -- Marc Deslauriers <email address hidden> Wed, 22 Feb 2017 11:10:55 -0500

Changed in imagemagick (Ubuntu Yakkety):
status: Confirmed → Fix Released
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package imagemagick - 8:6.8.9.9-7ubuntu5.4

---------------
imagemagick (8:6.8.9.9-7ubuntu5.4) xenial-security; urgency=medium

  * SECURITY REGRESSION: text coder issue (LP: #1589580)
    - debian/patches/fix_text_coder.patch: add extra check to coders/mvg.c,
      fix logic in coders/txt.c.

 -- Marc Deslauriers <email address hidden> Wed, 22 Feb 2017 11:41:06 -0500

Changed in imagemagick (Ubuntu Xenial):
status: Confirmed → Fix Released
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package imagemagick - 8:6.7.7.10-6ubuntu3.4

---------------
imagemagick (8:6.7.7.10-6ubuntu3.4) trusty-security; urgency=medium

  * SECURITY REGRESSION: test label regression (LP: #1646485)
    - debian/patches/0161-Do-not-ignore-SetImageBias-bias-value.patch:
      updated to fix bad backport.
    - debian/patches/0162-Suspend-exception-processing-if-there-are-too-many-e.patch:
      updated to apply cleanly.
  * SECURITY REGRESSION: text coder issue (LP: #1589580)
    - debian/patches/fix_text_coder.patch: add extra check to coders/mvg.c,
      fix logic in coders/txt.c.

 -- Marc Deslauriers <email address hidden> Wed, 22 Feb 2017 10:04:25 -0500

Changed in imagemagick (Ubuntu Trusty):
status: Confirmed → Fix Released
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package imagemagick - 8:6.6.9.7-5ubuntu3.7

---------------
imagemagick (8:6.6.9.7-5ubuntu3.7) precise-security; urgency=medium

  * SECURITY REGRESSION: test label regression (LP: #1646485)
    - debian/patches/0161-Do-not-ignore-SetImageBias-bias-value.patch:
      updated to fix bad backport.
    - debian/patches/0162-Suspend-exception-processing-if-there-are-too-many-e.patch:
      updated to apply cleanly.
  * SECURITY REGRESSION: text coder issue (LP: #1589580)
    - debian/patches/fix_text_coder.patch: add extra check to coders/mvg.c,
      fix logic in coders/txt.c.

 -- Marc Deslauriers <email address hidden> Wed, 22 Feb 2017 10:08:13 -0500

Changed in imagemagick (Ubuntu Precise):
status: Confirmed → Fix Released
Changed in imagemagick (Ubuntu):
status: Confirmed → Fix Committed
Changed in imagemagick (Ubuntu):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers