Debian
imagemagick package

imagemagick 8:6.8.9.9-4 source package in Debian

Changelog

imagemagick (8:6.8.9.9-4) unstable; urgency=high


  * Fix a few security bugs (Closes: #773834):
  - Avoid a DOS in vision.c due to an infinite loop.
  - Avoid a SEGV due to a corrupted pnm file.
  - Do not leak fd due to corrupted file.
  - Fix a double free in pdb coder.
  - Fix a SEGV due to corrupted dpc and xwd images.
  - Fix a SEGV in dpx file handler.
  - Fix a SEGV in malformed xwd file handler.
  - Avoid a NULL pointer dereference in ps file handling.
  - Fix a crash with corrupted viff file.
  - Fix a NULL pointer dereference in wpg file handling.
  - Do not continue on corrupted wpg file.
  - Avoid an out of bound access in viff image.
  - Avoid a heap buffer overflow in pdb file handling.
  - Avoid an out of bound acess on malformed sun file.
  - Avoid heap overflow in palm, pnm and xpm files.
  - Fix heap overflow in quantum, palm and psd file.
  - Fix handling of corrupted of psd, sun and xpm file.
  - Fix corrupted (too many colors) psd file.
  - Fix an out of bound acess in sun file.
  - Fix handling of corrupted sun and wpg file.
  - Fix heap overflow in pcx file, psd, pict and wpf files
    and DOS in xpm files.
  - Add additional PNM sanity checks.
  - Avoid a crash to out of memory in magick/cache.c
  - Fix a theorical out of bound access in magick/colormap-private.h
  - Fix an out of bound access in palm file.
  - Fixed throwing of exceptions in psd handling and fix a memory leak.
  - Fixed boundary checks in DecodePSDPixels.
  - Fix another out of bound problem in rle file.
  - Fix crash due to corrupted dib file.
  - Added checks to prevent overflow in rle file.
  - Impose a limit of 10 million columns or rows in an input PNG
  - Don't try to handle a "previous" image in the JNG decoder.
  - Avoid a memory leak in quantum management.
  - Avoid a crash in png coder.
  - Thread limit should be at least 1 in order to be efficient.
  - In psd file handling fixed parsing resource block and
    avoid a crash.
  - In cache fix usage of object after it has been destroyed.
  - Avoid a memory leak in rle file handling.
  - During identification of image do not fill memory

 -- Bastien Roucariès <email address hidden>  Tue, 23 Dec 2014 22:02:08 +0100

Upload details

Uploaded by:
ImageMagick Packaging Team
Uploaded to:
Sid
Original maintainer:
ImageMagick Packaging Team
Architectures:
any all
Section:
graphics
Urgency:
Very Urgent

See full publishing history Publishing

Series Pocket Published Component Section

Builds

Downloads

File Size SHA-256 Checksum
imagemagick_6.8.9.9-4.dsc 3.8 KiB dc5dca3bf57f2d0c473e5742fdb038156ae2a02168e19b2897db1863c5bb27fc
imagemagick_6.8.9.9.orig.tar.xz 7.5 MiB a4cccc70179ff2c67550e063cdcb2e62907338ef3e68b45bb1c41931e515b3eb
imagemagick_6.8.9.9-4.debian.tar.xz 197.6 KiB 41f939fe631107d51b8bb086b8ef9c5e0def6ee6a74728e0f8858b3d6cdcfb2a

Available diffs

No changes file available.

Binary packages built by this source