Format: 1.8 Date: Sat, 31 Mar 2018 11:05:51 +0000 Source: graphicsmagick Binary: graphicsmagick libgraphicsmagick-q16-3 libgraphicsmagick1-dev libgraphicsmagick++-q16-12 libgraphicsmagick++1-dev libgraphics-magick-perl graphicsmagick-imagemagick-compat graphicsmagick-libmagick-dev-compat graphicsmagick-dbg Architecture: s390x Version: 1.3.28-2 Distribution: bionic-proposed Urgency: high Maintainer: Launchpad Build Daemon Changed-By: Laszlo Boszormenyi (GCS) Description: graphicsmagick - collection of image processing tools graphicsmagick-dbg - format-independent image processing - debugging symbols graphicsmagick-imagemagick-compat - image processing tools providing ImageMagick interface graphicsmagick-libmagick-dev-compat - image processing libraries providing ImageMagick interface libgraphics-magick-perl - format-independent image processing - perl interface libgraphicsmagick++-q16-12 - format-independent image processing - C++ shared library libgraphicsmagick++1-dev - format-independent image processing - C++ development files libgraphicsmagick-q16-3 - format-independent image processing - C shared library libgraphicsmagick1-dev - format-independent image processing - C development files Closes: 894396 Changes: graphicsmagick (1.3.28-2) unstable; urgency=high . * Backport security fixes: - don't use rescale map if it was not allocated, - validate number of colormap bits to avoid undefined shift behavior, - defend against partial scanf() expression matching, resulting in benign use of uninitialized data, - don't use rescale map if it was not allocated, - fix tile index overflow, - reject XPM if it contains non-whitespace control characters, - fix forged amount of frames 6755, - validate header length and offset properties, - fixed memory leak when tile overflows, - fix forged amount of frames 7076, - check for forged image that overflows file size, - validate size request prior to allocation, - validate that file size is sufficient for claimed image properties, - fix signed integer overflow when computing pixels size, - include number of FITS scenes in file size validations, - allocate space for null termination and null terminate string, - validate that samples per pixel is in valid range, - check whether datablock is really read, - verify that sufficient backing data exists before allocating memory to read it, - duplicate image check for data with fixed geometry, - CVE-2018-9018: avoid divide-by-zero if delay or timeout properties changed while ticks_per_second is zero (closes: #894396), - add checks for EOF, - validate that PICT rectangles do not have zero dimensions, - check image pixel limits before allocating memory for tile. * Backport patch to redesign ReadBlobDwordLSB() to be more effective. * Backport patch to destroy tile_image in ThrowPICTReaderException() macro to simplify logic. * Backport patch to remove shadowed tile_image variable which defeats new ThrowPICTReaderException() implementation. Checksums-Sha1: 4dc8a6fa618f5376221765321c00ee59505e0e95 3469220 graphicsmagick-dbg_1.3.28-2_s390x.deb 34d08072a5c9a2169b4afe75719e6db8faf145dd 10679 graphicsmagick_1.3.28-2_s390x.buildinfo 89387f2a5c2b0a20b957662653e71941f3f5656f 634224 graphicsmagick_1.3.28-2_s390x.deb fa29461ef81c1ecfa0fd786faeea05c6df9ed78a 48032 libgraphics-magick-perl_1.3.28-2_s390x.deb 253032ef9377578f0df67633c48d824af26a2e4e 98864 libgraphicsmagick++-q16-12_1.3.28-2_s390x.deb 42919bb237da671b43f6eca370b23d8eebea0af6 264760 libgraphicsmagick++1-dev_1.3.28-2_s390x.deb 19bee985a09ed5c8fedefe76a60313dcde1d27e8 982404 libgraphicsmagick-q16-3_1.3.28-2_s390x.deb 9e6e9ce8c4fc13c01b68dc2d4b99a650d2db2e7c 1229636 libgraphicsmagick1-dev_1.3.28-2_s390x.deb Checksums-Sha256: f3b542d5f58141133b6016081e4e4b125b993cc086df6199ecfbc27839206103 3469220 graphicsmagick-dbg_1.3.28-2_s390x.deb 09e3e7e6c1096fa807be374bcbb7cd9c915bae175f0fa64299612831d84447ef 10679 graphicsmagick_1.3.28-2_s390x.buildinfo ca5f203f108f2198d41a7a22704faa87e41f87ecca76cde31c00a82fef6276a4 634224 graphicsmagick_1.3.28-2_s390x.deb 86f42305b239d83d0e5ebf62d83be156c8f915dfbc8af4525d083cb58e881e99 48032 libgraphics-magick-perl_1.3.28-2_s390x.deb c3d30c23d16ef3efcfc1ffe38800bb91b2fa7cd61588b9c40a385cd391b4d33f 98864 libgraphicsmagick++-q16-12_1.3.28-2_s390x.deb ea61035fd6904979d4449f055710da13b84f27840312d74f9db47851bac74798 264760 libgraphicsmagick++1-dev_1.3.28-2_s390x.deb 30f61561e5725788dca8d605f8a2e5bb82a8d90195b97a4a4cc7941976f0e202 982404 libgraphicsmagick-q16-3_1.3.28-2_s390x.deb 1428060b2c650b7e6afaeb3385d8cb4eb60ce2eb9ba39b88d80f8c097150c6bc 1229636 libgraphicsmagick1-dev_1.3.28-2_s390x.deb Files: 77e48e1283468bcf74bd8a27224b70bf 3469220 debug optional graphicsmagick-dbg_1.3.28-2_s390x.deb 6a248cfa96e9ebc6582382bcd910acc0 10679 graphics optional graphicsmagick_1.3.28-2_s390x.buildinfo b7137fe03786062b67d033b25f67849a 634224 graphics optional graphicsmagick_1.3.28-2_s390x.deb dba40ac6584d8c0e84b7597193643003 48032 perl optional libgraphics-magick-perl_1.3.28-2_s390x.deb 316390e125e681d8f2e3ab10a8bd55f8 98864 libs optional libgraphicsmagick++-q16-12_1.3.28-2_s390x.deb 7b95f0708602cf37192e9ba8c35239c9 264760 libdevel optional libgraphicsmagick++1-dev_1.3.28-2_s390x.deb 8027ebc939e5094a346a01fb1ff45fd3 982404 libs optional libgraphicsmagick-q16-3_1.3.28-2_s390x.deb 714aaa4382c575158f06027551251057 1229636 libdevel optional libgraphicsmagick1-dev_1.3.28-2_s390x.deb