graphicsmagick 1.3.26-1 source package in Ubuntu
Changelog
graphicsmagick (1.3.26-1) unstable; urgency=high * New upstream release, fixing the following security issues among others: - META: Fix heap overflow while parsing 8BIM chunk (CVE-2016-7800). - WPG: Fix heap overflow (CVE-2016-7996). Fix assertion crash (CVE-2016-7997). - PNG: Enforce spec requirement that the dimensions of the JPEG embedded in a JDAT chunk must match the JHDR dimensions (CVE-2016-9830). - TIFF: Fix out of bounds read when reading CMYKA TIFF which claims to have only 2 samples per pixel (CVE-2017-6335). - JNG: Fix memory leak when reading invalid JNG image (CVE-2017-8350). - TIFF: Fix out of bounds read when reading RGB TIFF which claims to have only 1 sample per pixel (CVE-2017-10794) (closes: #867085). - DPX: Fix excessive use of memory (DOS issue) due to file header claiming large image dimensions but insufficient backing data. (CVE-2017-10799) (closes: #867077). - MAT: Fix excessive use of memory (DOS issue) due to continuing processing with insufficient data and claimed large image size. Verify each file extent to make sure that it is within range of file size. (CVE-2017-10800) (closes: #867060). * Remove previously backported security patches. * Self-tests build hack no longer needed. * Update library symbols for this release. * Update Standards-Version to 4.0.0 and debhelper level to 10 . -- Laszlo Boszormenyi (GCS) <email address hidden> Wed, 05 Jul 2017 16:14:40 +0000
Upload details
- Uploaded by:
- Laszlo Boszormenyi
- Uploaded to:
- Sid
- Original maintainer:
- Laszlo Boszormenyi
- Architectures:
- any all
- Section:
- graphics
- Urgency:
- Very Urgent
See full publishing history Publishing
Series | Published | Component | Section |
---|
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
graphicsmagick_1.3.26-1.dsc | 2.7 KiB | 9b64964c43fc2b8b531fa301123bc0641938ea40e1f6e70433b548e8f71ad49f |
graphicsmagick_1.3.26.orig.tar.xz | 5.2 MiB | fba015f3d5e5d5f17e57db663f1aa9d338e7b62f1d415b85d13ee366927e5f88 |
graphicsmagick_1.3.26-1.debian.tar.xz | 135.2 KiB | f5406b60636193a6304597c75a89300c2a87a260bb954d1765c57dae42cd696c |
No changes file available.
Binary packages built by this source
- graphicsmagick: No summary available for graphicsmagick in ubuntu artful.
No description available for graphicsmagick in ubuntu artful.
- graphicsmagick-dbg: No summary available for graphicsmagick-dbg in ubuntu artful.
No description available for graphicsmagick-dbg in ubuntu artful.
- graphicsmagick-imagemagick-compat: No summary available for graphicsmagick-imagemagick-compat in ubuntu artful.
No description available for graphicsmagick-
imagemagick- compat in ubuntu artful.
- graphicsmagick-libmagick-dev-compat: No summary available for graphicsmagick-libmagick-dev-compat in ubuntu artful.
No description available for graphicsmagick-
libmagick- dev-compat in ubuntu artful.
- libgraphics-magick-perl: No summary available for libgraphics-magick-perl in ubuntu artful.
No description available for libgraphics-
magick- perl in ubuntu artful.
- libgraphicsmagick++-q16-12: No summary available for libgraphicsmagick++-q16-12 in ubuntu artful.
No description available for libgraphicsmagi
ck++-q16- 12 in ubuntu artful.
- libgraphicsmagick++1-dev: No summary available for libgraphicsmagick++1-dev in ubuntu artful.
No description available for libgraphicsmagi
ck++1-dev in ubuntu artful.
- libgraphicsmagick-q16-3: No summary available for libgraphicsmagick-q16-3 in ubuntu artful.
No description available for libgraphicsmagi
ck-q16- 3 in ubuntu artful.
- libgraphicsmagick1-dev: No summary available for libgraphicsmagick1-dev in ubuntu artful.
No description available for libgraphicsmagi
ck1-dev in ubuntu artful.