Format: 1.8 Date: Mon, 03 Feb 2020 16:47:01 -0300 Source: graphicsmagick Binary: graphicsmagick libgraphicsmagick-q16-3 libgraphicsmagick1-dev libgraphicsmagick++-q16-12 libgraphicsmagick++1-dev libgraphics-magick-perl graphicsmagick-imagemagick-compat graphicsmagick-libmagick-dev-compat graphicsmagick-dbg Architecture: powerpc Version: 1.3.23-1ubuntu0.6 Distribution: xenial Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Eduardo Barretto Description: graphicsmagick - collection of image processing tools graphicsmagick-dbg - format-independent image processing - debugging symbols graphicsmagick-imagemagick-compat - image processing tools providing ImageMagick interface graphicsmagick-libmagick-dev-compat - image processing libraries providing ImageMagick interface libgraphics-magick-perl - format-independent image processing - perl interface libgraphicsmagick++-q16-12 - format-independent image processing - C++ shared library libgraphicsmagick++1-dev - format-independent image processing - C++ development files libgraphicsmagick-q16-3 - format-independent image processing - C shared library libgraphicsmagick1-dev - format-independent image processing - C development files Changes: graphicsmagick (1.3.23-1ubuntu0.6) xenial-security; urgency=medium . * SECURITY UPDATE: Heap-based buffer over-read in ReadNewsProfile() - debian/patches/CVE-2017-17912.patch: ReadNewsProfile() was allowing reading heap data beyond the allocated size. - CVE-2017-17912 * SECURITY UPDATE: Stack-based buffer over-read in WriteWEBPImage() - debian/patches/CVE-2017-17913-1.patch: Add some assertions to verify that the image pointer provided by libwebp is valid. - debian/patches/CVE-2017-17913-2.patch: Fix stack overflow with libwebp 0.5.0+ by disabling progress indication. - CVE-2017-17913 * SECURITY UPDATE: Heap-based buffer over-read in ReadMNGImage() - debian/patches/CVE-2017-17915.patch: Check range limit before accessing byte to avoid minor heap read overflow. - CVE-2017-17915 * SECURITY UPDATE: Allocation failure in ReadOnePNGImage() - debian/patches/CVE-2017-18219.patch: check MemoryResource before attempting to allocate ping_pixels array. - CVE-2017-18219 * SECURITY UPDATE: Allocation failure in ReadTIFFImage() - debian/patches/CVE-2017-18229.patch: Rationalize scanline, strip, and tile memory allocation requests based on file size. - CVE-2017-18229 * SECURITY UPDATE: Null pointer dereference in ReadCINEONImage() - debian/patches/CVE-2017-18230.patch: Validate scandata allocation. - CVE-2017-18230 * SECURITY UPDATE: Null pointer dereference in ReadEnhMetaFile() - debian/patches/CVE-2017-18231.patch: Verify pBits memory allocation. - CVE-2017-18231 Checksums-Sha1: 9257d86019d852686d4e462220b9bc1f90cd6dd9 3113034 graphicsmagick-dbg_1.3.23-1ubuntu0.6_powerpc.deb cefbbd13a7e5dfd1acdadc8ada69ff5b82c10a28 1292 graphicsmagick-dbgsym_1.3.23-1ubuntu0.6_powerpc.ddeb 16f3ba34ba79953af0c40c1a69ae22ae92e2ba6a 591212 graphicsmagick_1.3.23-1ubuntu0.6_powerpc.deb 2c3a82eeb33b6f5728c2de4bffd69ed800175dd1 1288 libgraphics-magick-perl-dbgsym_1.3.23-1ubuntu0.6_powerpc.ddeb 2e67cb8efba9b3afc8c92d4a44b40d1a5b9d4a54 47186 libgraphics-magick-perl_1.3.23-1ubuntu0.6_powerpc.deb c48f34044675ec8e8f9ee5a52d0c61bbd70c6171 1256 libgraphicsmagick++-q16-12-dbgsym_1.3.23-1ubuntu0.6_powerpc.ddeb 999cf75b9311d102dab17c0a3af0632964bc0ee2 102914 libgraphicsmagick++-q16-12_1.3.23-1ubuntu0.6_powerpc.deb c13029d9fd9cae80d823bf8af8bb91bad61b594d 1268 libgraphicsmagick++1-dev-dbgsym_1.3.23-1ubuntu0.6_powerpc.ddeb 050c50eb806e8ee2c2f140767cca1a09762441f5 265558 libgraphicsmagick++1-dev_1.3.23-1ubuntu0.6_powerpc.deb 0357de419a58ca57f5378106c861b2ae391e5ffc 1246 libgraphicsmagick-q16-3-dbgsym_1.3.23-1ubuntu0.6_powerpc.ddeb a539f915bfcb75c170f6fe9e851a92fb6943037a 951076 libgraphicsmagick-q16-3_1.3.23-1ubuntu0.6_powerpc.deb 68d30301ce4df44714b301216035ef21d4b2bafc 1258 libgraphicsmagick1-dev-dbgsym_1.3.23-1ubuntu0.6_powerpc.ddeb b79f615cb5a460387f532152437706fe31dcce2d 1221370 libgraphicsmagick1-dev_1.3.23-1ubuntu0.6_powerpc.deb Checksums-Sha256: 38e814695f19059180f7511badc78d3fd798ed98edb6eba093d703b57485e528 3113034 graphicsmagick-dbg_1.3.23-1ubuntu0.6_powerpc.deb 8f24289993e1ced936fa1b202e713356e1a3ae3b03c7f13cff226b5ca9752cf9 1292 graphicsmagick-dbgsym_1.3.23-1ubuntu0.6_powerpc.ddeb c6f67d0feb1ad44f89cfd9f2a911165ab35bc98efcc16fb21df94e4fcd3d9896 591212 graphicsmagick_1.3.23-1ubuntu0.6_powerpc.deb f573c2a1f863d72b802b8a2812e65cda3764d6a2b1f36874c81b0915085ea92b 1288 libgraphics-magick-perl-dbgsym_1.3.23-1ubuntu0.6_powerpc.ddeb 7a45b86e24e0ba5b6d3c6387382058d1e23c880ed90a51bdca1e52f2ffb38623 47186 libgraphics-magick-perl_1.3.23-1ubuntu0.6_powerpc.deb 1f120afbf9db74429acdaf1b09a61231d901eb1e37d7855b8c2c17728742eca6 1256 libgraphicsmagick++-q16-12-dbgsym_1.3.23-1ubuntu0.6_powerpc.ddeb 915de8a79f184ea23f83a698b68c08ff9fe72e08e72111b1fac8158474d28e16 102914 libgraphicsmagick++-q16-12_1.3.23-1ubuntu0.6_powerpc.deb 15a570fc4ad8f930c9524daf6141a8224bdf3842fa7535d1e6c29ad1b2a942dd 1268 libgraphicsmagick++1-dev-dbgsym_1.3.23-1ubuntu0.6_powerpc.ddeb 855f7675806658b54ebc29b1737139701b7df48ca65dd1058146516cb0a0ef10 265558 libgraphicsmagick++1-dev_1.3.23-1ubuntu0.6_powerpc.deb d91ff763a36310ad42ca64382a8e772aec72af3b809dae0504c66fb3727b991c 1246 libgraphicsmagick-q16-3-dbgsym_1.3.23-1ubuntu0.6_powerpc.ddeb 1ed306dbd9f4fe8a17ce56b71b6a1070823a5a32593356de4bd7202ca6b97631 951076 libgraphicsmagick-q16-3_1.3.23-1ubuntu0.6_powerpc.deb 9348b80e5323045a08930dc51fc32fc95cb2606deb24f5cf34bcf73ee2146432 1258 libgraphicsmagick1-dev-dbgsym_1.3.23-1ubuntu0.6_powerpc.ddeb 1d502e05b3487d35aeedebe11ac892e1553db429ba43a031a3332fb80038c487 1221370 libgraphicsmagick1-dev_1.3.23-1ubuntu0.6_powerpc.deb Files: 0e2cea2f75ebfa00b80119d215608d91 3113034 debug extra graphicsmagick-dbg_1.3.23-1ubuntu0.6_powerpc.deb e6f1ecc86241cb2f4aa33b5dd42e7631 1292 graphics extra graphicsmagick-dbgsym_1.3.23-1ubuntu0.6_powerpc.ddeb 9c69dff41b1a328a51c4326ab830e1a6 591212 graphics optional graphicsmagick_1.3.23-1ubuntu0.6_powerpc.deb 6202188331c0af9e33af2345aa9e3a72 1288 perl extra libgraphics-magick-perl-dbgsym_1.3.23-1ubuntu0.6_powerpc.ddeb 976d9372551674457a5d1b7c1e6ed8c4 47186 perl optional libgraphics-magick-perl_1.3.23-1ubuntu0.6_powerpc.deb f576bcd949b94a1b3d51ebe03b0ba509 1256 libs extra libgraphicsmagick++-q16-12-dbgsym_1.3.23-1ubuntu0.6_powerpc.ddeb c2cb588124a97939c999b7d83abfa30c 102914 libs optional libgraphicsmagick++-q16-12_1.3.23-1ubuntu0.6_powerpc.deb a5841d6a3682a965088c4d4330f5ff1e 1268 libdevel extra libgraphicsmagick++1-dev-dbgsym_1.3.23-1ubuntu0.6_powerpc.ddeb e497be49ea3e57253b81e46d83c4fce2 265558 libdevel optional libgraphicsmagick++1-dev_1.3.23-1ubuntu0.6_powerpc.deb e569762f7562c69609f63d4d669bb20b 1246 libs extra libgraphicsmagick-q16-3-dbgsym_1.3.23-1ubuntu0.6_powerpc.ddeb cfbbf6475796e1ca5e6eed3d6dd66838 951076 libs optional libgraphicsmagick-q16-3_1.3.23-1ubuntu0.6_powerpc.deb cb8d566a10446dff0440c0caf78839f4 1258 libdevel extra libgraphicsmagick1-dev-dbgsym_1.3.23-1ubuntu0.6_powerpc.ddeb d4ad7efea3f1a9567e4811ae729e5f3d 1221370 libdevel optional libgraphicsmagick1-dev_1.3.23-1ubuntu0.6_powerpc.deb Original-Maintainer: Laszlo Boszormenyi (GCS)