Format: 1.8 Date: Sat, 31 Mar 2018 11:05:51 +0000 Source: graphicsmagick Binary: graphicsmagick libgraphicsmagick-q16-3 libgraphicsmagick1-dev libgraphicsmagick++-q16-12 libgraphicsmagick++1-dev libgraphics-magick-perl graphicsmagick-imagemagick-compat graphicsmagick-libmagick-dev-compat graphicsmagick-dbg Architecture: arm64 Version: 1.3.28-2 Distribution: bionic-proposed Urgency: high Maintainer: Launchpad Build Daemon Changed-By: Laszlo Boszormenyi (GCS) Description: graphicsmagick - collection of image processing tools graphicsmagick-dbg - format-independent image processing - debugging symbols graphicsmagick-imagemagick-compat - image processing tools providing ImageMagick interface graphicsmagick-libmagick-dev-compat - image processing libraries providing ImageMagick interface libgraphics-magick-perl - format-independent image processing - perl interface libgraphicsmagick++-q16-12 - format-independent image processing - C++ shared library libgraphicsmagick++1-dev - format-independent image processing - C++ development files libgraphicsmagick-q16-3 - format-independent image processing - C shared library libgraphicsmagick1-dev - format-independent image processing - C development files Closes: 894396 Changes: graphicsmagick (1.3.28-2) unstable; urgency=high . * Backport security fixes: - don't use rescale map if it was not allocated, - validate number of colormap bits to avoid undefined shift behavior, - defend against partial scanf() expression matching, resulting in benign use of uninitialized data, - don't use rescale map if it was not allocated, - fix tile index overflow, - reject XPM if it contains non-whitespace control characters, - fix forged amount of frames 6755, - validate header length and offset properties, - fixed memory leak when tile overflows, - fix forged amount of frames 7076, - check for forged image that overflows file size, - validate size request prior to allocation, - validate that file size is sufficient for claimed image properties, - fix signed integer overflow when computing pixels size, - include number of FITS scenes in file size validations, - allocate space for null termination and null terminate string, - validate that samples per pixel is in valid range, - check whether datablock is really read, - verify that sufficient backing data exists before allocating memory to read it, - duplicate image check for data with fixed geometry, - CVE-2018-9018: avoid divide-by-zero if delay or timeout properties changed while ticks_per_second is zero (closes: #894396), - add checks for EOF, - validate that PICT rectangles do not have zero dimensions, - check image pixel limits before allocating memory for tile. * Backport patch to redesign ReadBlobDwordLSB() to be more effective. * Backport patch to destroy tile_image in ThrowPICTReaderException() macro to simplify logic. * Backport patch to remove shadowed tile_image variable which defeats new ThrowPICTReaderException() implementation. Checksums-Sha1: 76407484b9fbf4d115719159378e8e10d10d1cdd 3334132 graphicsmagick-dbg_1.3.28-2_arm64.deb 72e303471ac0025c5c8ee1868cb3644835a069a8 10751 graphicsmagick_1.3.28-2_arm64.buildinfo 0ff9121ce4ce69b9eea2d0bfba68bf354e7de8fc 634048 graphicsmagick_1.3.28-2_arm64.deb c9f2953101be04ae2832f46fa57580420d8f0f6f 45876 libgraphics-magick-perl_1.3.28-2_arm64.deb d1a3db63679810b407ce92773aed390937a1e03a 96948 libgraphicsmagick++-q16-12_1.3.28-2_arm64.deb 42fa1fc6d4c2428a7a39e0ce18c2cb9382940f91 269284 libgraphicsmagick++1-dev_1.3.28-2_arm64.deb 86c7fb65a049df1e5084a01e5648dfa3032643ec 923664 libgraphicsmagick-q16-3_1.3.28-2_arm64.deb 5cd89ab87c4e63d7cdd4477818efe804afb6f819 1214248 libgraphicsmagick1-dev_1.3.28-2_arm64.deb Checksums-Sha256: 27ed69a0f623216847dab1954ca229e9bfc81a7197688c839eb17ef9012dcbea 3334132 graphicsmagick-dbg_1.3.28-2_arm64.deb a6d603ec0c29b2749d8606cc9611e5fe6b061e2ea283eb0e7725272dbfb8225b 10751 graphicsmagick_1.3.28-2_arm64.buildinfo 0a8685fd6259e3462dd1017b03c864289e4f7e21e6bc4905f7073775f626d60f 634048 graphicsmagick_1.3.28-2_arm64.deb ca681ff51702187bc71e1cfc94015379a389b2a22284b2ec369a313bf4d3021f 45876 libgraphics-magick-perl_1.3.28-2_arm64.deb c5248ed40bae49e03c2e39048b9096d0a612bf6ad484eca3bd7a91d2db18896d 96948 libgraphicsmagick++-q16-12_1.3.28-2_arm64.deb 3998052e8f6b9aafdfdc886e47ccd82ad3fba81a963be9992c25cac63403f0c5 269284 libgraphicsmagick++1-dev_1.3.28-2_arm64.deb 69a6d006ec1ef45285394a927a25c0fa0a5071604803fc2f5897748bd1e91632 923664 libgraphicsmagick-q16-3_1.3.28-2_arm64.deb 67b3863fbf28df7548b2542c6e4c23d3e96ef4b9385d6181a3154a72b4795d62 1214248 libgraphicsmagick1-dev_1.3.28-2_arm64.deb Files: 1a4710f265ff8aec66bf3e515ccd86f5 3334132 debug optional graphicsmagick-dbg_1.3.28-2_arm64.deb 87d11019172a4244f609c31b97e63bde 10751 graphics optional graphicsmagick_1.3.28-2_arm64.buildinfo e946e0061fc64f5ddaf79d31d3dda8fa 634048 graphics optional graphicsmagick_1.3.28-2_arm64.deb 990faeda4fb577f035675ff679678220 45876 perl optional libgraphics-magick-perl_1.3.28-2_arm64.deb 54648e38d3d276d2516dcb292ea3d931 96948 libs optional libgraphicsmagick++-q16-12_1.3.28-2_arm64.deb 2b5893da772249e654c2dae8075c63c9 269284 libdevel optional libgraphicsmagick++1-dev_1.3.28-2_arm64.deb ea4ba67e4713d3bf8bc2f3d77ceafebd 923664 libs optional libgraphicsmagick-q16-3_1.3.28-2_arm64.deb 4652f032e1d6a4b682b4cc079096492c 1214248 libdevel optional libgraphicsmagick1-dev_1.3.28-2_arm64.deb