Debian
graphicsmagick package

graphicsmagick 1.3.26-8 source package in Debian

Changelog

graphicsmagick (1.3.26-8) unstable; urgency=high

  * Fix CVE-2017-13775: denial of service issue in ReadJNXImage() .
  * Fix CVE-2017-13776 and CVE-2017-13777: denial of service issue in
    ReadXBMImage() .
  * Fix memory leak vulnerability in ReadJNGImage() which allow attackers to
    cause a denial of service via a crafted file.
  * Fix double-free after reading a malformed JNG.
  * Fix CVE-2017-14103: the ReadJNGImage() and ReadOneJNGImage() functions do
    not properly manage image pointers after certain error conditions, which
    allows remote use-after-free attacks via a crafted file, related to a
    ReadMNGImage() out-of-order CloseBlob() call. This vulnerability exists
    because of an incomplete fix for CVE-2017-11403 .
  * Fix CVE-2017-8350: crash while reading a malformed JNG file.

 -- Laszlo Boszormenyi (GCS) <email address hidden>  Mon, 04 Sep 2017 18:50:34 +0000

Upload details

Uploaded by:
Laszlo Boszormenyi
Uploaded to:
Sid
Original maintainer:
Laszlo Boszormenyi
Architectures:
any all
Section:
graphics
Urgency:
Very Urgent

See full publishing history Publishing

Series Pocket Published Component Section

Builds

Downloads

File Size SHA-256 Checksum
graphicsmagick_1.3.26-8.dsc 2.7 KiB 3c8b6f9896fc10ccc03a52accf4a940034d968f7efe032f4e17c3adab974ca5a
graphicsmagick_1.3.26.orig.tar.xz 5.2 MiB fba015f3d5e5d5f17e57db663f1aa9d338e7b62f1d415b85d13ee366927e5f88
graphicsmagick_1.3.26-8.debian.tar.xz 150.1 KiB 98165994725228f0e2d97f3d6afb697cdd6df7db1de4dd00836340bb82fcecd2

No changes file available.

Binary packages built by this source