Format: 1.8 Date: Mon, 03 Feb 2020 16:47:01 -0300 Source: graphicsmagick Binary: graphicsmagick libgraphicsmagick-q16-3 libgraphicsmagick1-dev libgraphicsmagick++-q16-12 libgraphicsmagick++1-dev libgraphics-magick-perl graphicsmagick-imagemagick-compat graphicsmagick-libmagick-dev-compat graphicsmagick-dbg Architecture: s390x Version: 1.3.23-1ubuntu0.6 Distribution: xenial Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Eduardo Barretto Description: graphicsmagick - collection of image processing tools graphicsmagick-dbg - format-independent image processing - debugging symbols graphicsmagick-imagemagick-compat - image processing tools providing ImageMagick interface graphicsmagick-libmagick-dev-compat - image processing libraries providing ImageMagick interface libgraphics-magick-perl - format-independent image processing - perl interface libgraphicsmagick++-q16-12 - format-independent image processing - C++ shared library libgraphicsmagick++1-dev - format-independent image processing - C++ development files libgraphicsmagick-q16-3 - format-independent image processing - C shared library libgraphicsmagick1-dev - format-independent image processing - C development files Changes: graphicsmagick (1.3.23-1ubuntu0.6) xenial-security; urgency=medium . * SECURITY UPDATE: Heap-based buffer over-read in ReadNewsProfile() - debian/patches/CVE-2017-17912.patch: ReadNewsProfile() was allowing reading heap data beyond the allocated size. - CVE-2017-17912 * SECURITY UPDATE: Stack-based buffer over-read in WriteWEBPImage() - debian/patches/CVE-2017-17913-1.patch: Add some assertions to verify that the image pointer provided by libwebp is valid. - debian/patches/CVE-2017-17913-2.patch: Fix stack overflow with libwebp 0.5.0+ by disabling progress indication. - CVE-2017-17913 * SECURITY UPDATE: Heap-based buffer over-read in ReadMNGImage() - debian/patches/CVE-2017-17915.patch: Check range limit before accessing byte to avoid minor heap read overflow. - CVE-2017-17915 * SECURITY UPDATE: Allocation failure in ReadOnePNGImage() - debian/patches/CVE-2017-18219.patch: check MemoryResource before attempting to allocate ping_pixels array. - CVE-2017-18219 * SECURITY UPDATE: Allocation failure in ReadTIFFImage() - debian/patches/CVE-2017-18229.patch: Rationalize scanline, strip, and tile memory allocation requests based on file size. - CVE-2017-18229 * SECURITY UPDATE: Null pointer dereference in ReadCINEONImage() - debian/patches/CVE-2017-18230.patch: Validate scandata allocation. - CVE-2017-18230 * SECURITY UPDATE: Null pointer dereference in ReadEnhMetaFile() - debian/patches/CVE-2017-18231.patch: Verify pBits memory allocation. - CVE-2017-18231 Checksums-Sha1: c134a2790d0bc7832976406d61b713fb169eb5de 3122974 graphicsmagick-dbg_1.3.23-1ubuntu0.6_s390x.deb 81d6331956707ad95e4557849cc9b0c79ad4a434 1294 graphicsmagick-dbgsym_1.3.23-1ubuntu0.6_s390x.ddeb 502faf671aa1c1c4d30d889da12da651b2bb1bb1 591640 graphicsmagick_1.3.23-1ubuntu0.6_s390x.deb c80ebdbc234e4553c0b8f498278c1baba429f4de 1290 libgraphics-magick-perl-dbgsym_1.3.23-1ubuntu0.6_s390x.ddeb 5adfb93ca69616dbb0766b7823d8646a4a2521fc 48774 libgraphics-magick-perl_1.3.23-1ubuntu0.6_s390x.deb 02a82dfedf83357a49052e5ac19297472e210971 1254 libgraphicsmagick++-q16-12-dbgsym_1.3.23-1ubuntu0.6_s390x.ddeb 6e6eae25e63f406139aac5f168e8b2435a4e1411 98588 libgraphicsmagick++-q16-12_1.3.23-1ubuntu0.6_s390x.deb 4ea214982636a101dd17765a1bde9b56da7b2383 1268 libgraphicsmagick++1-dev-dbgsym_1.3.23-1ubuntu0.6_s390x.ddeb d1d485c5a01e553577b6385590d4f9dfb72008fa 263908 libgraphicsmagick++1-dev_1.3.23-1ubuntu0.6_s390x.deb b438cdd76154d60a38bfebb4ed60e2a90860e277 1248 libgraphicsmagick-q16-3-dbgsym_1.3.23-1ubuntu0.6_s390x.ddeb 922c263b2f748051c72d3c609657392f2bbc2350 1001536 libgraphicsmagick-q16-3_1.3.23-1ubuntu0.6_s390x.deb 98c5d95b84d26f997e8cbecc970bb727521a8d4f 1258 libgraphicsmagick1-dev-dbgsym_1.3.23-1ubuntu0.6_s390x.ddeb 64f3dd0a1bce2c88bbba64b0b15ed59f2537fcf8 1256636 libgraphicsmagick1-dev_1.3.23-1ubuntu0.6_s390x.deb Checksums-Sha256: 671c10b367c24ea8c10c6c4e587421a5b2802e293553ef5f7700f17c04da6f06 3122974 graphicsmagick-dbg_1.3.23-1ubuntu0.6_s390x.deb 6a1975a427825489994903c6b0de7b8c3d847d773c49805cad70537f3724cae3 1294 graphicsmagick-dbgsym_1.3.23-1ubuntu0.6_s390x.ddeb 7f5fb3385eb0770adf8aba4ebc04e6291a2ffeef1b3ec8297138137d24ee7d14 591640 graphicsmagick_1.3.23-1ubuntu0.6_s390x.deb 635d404d5886bbf96d27d56c9c8ec92eb2711d8a93d11706070549c142e02db4 1290 libgraphics-magick-perl-dbgsym_1.3.23-1ubuntu0.6_s390x.ddeb 330c80689b8fb72f3b1b502282443a708331aa329e7c24d85c7679280bfde4fd 48774 libgraphics-magick-perl_1.3.23-1ubuntu0.6_s390x.deb b0b902d746082e8264f8309ee2714aeb3623d5047ad3abfd763364cca033bdfc 1254 libgraphicsmagick++-q16-12-dbgsym_1.3.23-1ubuntu0.6_s390x.ddeb 01a8fe27d178c3d7318b16447201c49ee236deb9c7ab6f4639971df1db2cbf02 98588 libgraphicsmagick++-q16-12_1.3.23-1ubuntu0.6_s390x.deb 428d4be9979f0ee369b330125f6504cc10e4a8b4f5be56ffd2538c524b98d45f 1268 libgraphicsmagick++1-dev-dbgsym_1.3.23-1ubuntu0.6_s390x.ddeb 534e2d1932d012b09c2f04dc087ae1ab48857373158429bf1105a48be0cd0ac7 263908 libgraphicsmagick++1-dev_1.3.23-1ubuntu0.6_s390x.deb 8b0b0f031ddddb60a527260dd2a44150a295ac7cb5c32169e63a3482ecdbafcf 1248 libgraphicsmagick-q16-3-dbgsym_1.3.23-1ubuntu0.6_s390x.ddeb 948fbf746d4273b677c0bcbfaa0c149b1bf9ecad08e42631fb0a189f7c5b8b66 1001536 libgraphicsmagick-q16-3_1.3.23-1ubuntu0.6_s390x.deb bf1d53a85a6f1ef9dbac5753c63ac5f6eea510d001fec8751dae22fa2f8daff9 1258 libgraphicsmagick1-dev-dbgsym_1.3.23-1ubuntu0.6_s390x.ddeb 4f6b8c5c61b952ecd0c7b3e2a89a184b0ad25173d784d7f82457a130eb6c35b9 1256636 libgraphicsmagick1-dev_1.3.23-1ubuntu0.6_s390x.deb Files: a10d415054c0bba2e5593196e125ce86 3122974 debug extra graphicsmagick-dbg_1.3.23-1ubuntu0.6_s390x.deb 1507a36fc9c5558fbe388390db961ac1 1294 graphics extra graphicsmagick-dbgsym_1.3.23-1ubuntu0.6_s390x.ddeb 8f9398c8c39077483db67bfa19de7a3d 591640 graphics optional graphicsmagick_1.3.23-1ubuntu0.6_s390x.deb c627e8dc8923cdc93aa177d531f9f660 1290 perl extra libgraphics-magick-perl-dbgsym_1.3.23-1ubuntu0.6_s390x.ddeb 65268f736bd54db496d978f1b55b4ae5 48774 perl optional libgraphics-magick-perl_1.3.23-1ubuntu0.6_s390x.deb 6ed7567fcb2ec289642c0096ec380ada 1254 libs extra libgraphicsmagick++-q16-12-dbgsym_1.3.23-1ubuntu0.6_s390x.ddeb 6f10292a45c725dfc2177df433799fed 98588 libs optional libgraphicsmagick++-q16-12_1.3.23-1ubuntu0.6_s390x.deb b51e2729ec25f0084bee5ce6924da288 1268 libdevel extra libgraphicsmagick++1-dev-dbgsym_1.3.23-1ubuntu0.6_s390x.ddeb 7571d13874fa459a5e8c683eca026bac 263908 libdevel optional libgraphicsmagick++1-dev_1.3.23-1ubuntu0.6_s390x.deb 722c00726c10e901cc7caa9bc8d66a82 1248 libs extra libgraphicsmagick-q16-3-dbgsym_1.3.23-1ubuntu0.6_s390x.ddeb e97de281942c23e92841970049ab5e82 1001536 libs optional libgraphicsmagick-q16-3_1.3.23-1ubuntu0.6_s390x.deb 451872b08a6fbfec17ece4e537ede69c 1258 libdevel extra libgraphicsmagick1-dev-dbgsym_1.3.23-1ubuntu0.6_s390x.ddeb c34f65687a212c4b9445187a9c63613c 1256636 libdevel optional libgraphicsmagick1-dev_1.3.23-1ubuntu0.6_s390x.deb Original-Maintainer: Laszlo Boszormenyi (GCS)