-
imagemagick (8:6.7.7.10-5+deb7u4) wheezy-security; urgency=high
* Null pointer access in magick/constitute.c (closes: #811308)
https://github.com/ImageMagick/ImageMagick/pull/34
0071-Prevent-null-pointer-access-in-magick-constitute.c.patch
* IM 6.9.2 crash with some PNG (closes: #811308, LP: #1492881)
http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=28466
0072-Fixed-out-of-bounds-error-in-SpliceImage.patch
* Add fix-overflow-in-icon-parsing.patch to fix an integer overflow
that can lead to a buffer overrun in the icon parsing code.
* Add fix-overflow-in-pict-parsing.patch to fix an integer overflow
that can lead to a double free.
-- Brian May <email address hidden> Sun, 06 Mar 2016 15:43:39 +1100
-
imagemagick (8:6.7.7.10-5+deb7u3) wheezy-security; urgency=high
* Fix three security bugs (Closes: #740250):
- Fix CVE-2014-1958 and CVE-2014-2030, two buffer overflow
in psd file handling.
- Fix CVE-2014-1947 a buffer overflow in log handling.
-- Bastien Roucariès <email address hidden> Sun, 02 Mar 2014 18:23:16 +0100
-
imagemagick (8:6.7.7.10-5+deb7u2) wheezy-security; urgency=high
* Bump version to get on the right side of dak
-- Vincent Fourmond <email address hidden> Sun, 01 Sep 2013 23:18:27 +0200
-
imagemagick (8:6.7.7.10-5) unstable; urgency=high
* Fix three security bug (Closes: #692367):
- Fix a memory leak: after setjmp used variable need to be volatile.
Fix jpeg and png coder.
- Fix a memory leak: in webp handling add a forgotten WebPPictureFree
- Fix another memory leak in case of corrupted image in magick++ read method.
-- Bastien Roucariès <email address hidden> Mon, 05 Nov 2012 13:55:44 +0100
-
imagemagick (8:6.7.7.10-4) unstable; urgency=high
* Security Bug fix: "Fails an assertion due to OpenMP related problem",
thanks to Willi Mann (Closes: #685903).
-- Bastien Roucariès <email address hidden> Mon, 27 Aug 2012 11:50:22 +0200
-
imagemagick (8:6.7.7.10-3) unstable; urgency=high
* Bug fix: "CVE-2012-3437", ImageMagick: Magick_png_malloc() size
argument thanks to Moritz Muehlenhoff (Closes: #683285).
-- Bastien Roucariès <email address hidden> Mon, 30 Jul 2012 22:47:47 +0200
-
imagemagick (8:6.7.7.10-2) unstable; urgency=low
* Really solve the upgrade problem (Closes: #679188, #679063).
* Build-depend on debhelper >= 9~
-- Vincent Fourmond <email address hidden> Fri, 29 Jun 2012 23:18:39 +0200
-
imagemagick (8:6.7.7.2-1) unstable; urgency=low
[ Bastien Roucariès ]
* New upstream version:
- Drop previous patches: merged upstream.
- Bug fix: "identify -verbose reports incorrect Class (correct w/o
-verbose)", thanks to Jason Woofenden (Closes: #656942).
- Bug fix: "conversion to postscript is missing grestore in DisplayImage
definition", thanks to Daniel Kahn Gillmor (Closes: #655762).
* Bug fix: "mailcap still broken (as #589887)", thanks to Felix
Salfelder (Closes: #619667):
- revert bug fix #562959.
- replace display by display.im6
* Bug fix: "Please add imagemagick.desktop", thanks to Sérgio Cipolla
(Closes: #621799).
* Add xz support.
* Bug fix: "Obsolete conffile /etc/ImageMagick/sRGB.icm not cleaned up
on upgrade", thanks to Josh Triplett (Closes: #669964).
[ Vincent Fourmond ]
* Improve the new hook scripts
* Fix (very) minor typo in package description (closes: #675011)
-- Bastien Roucariès <email address hidden> Tue, 29 May 2012 11:23:50 +0200
-
imagemagick (8:6.7.4.0-5) unstable; urgency=high
* Bug fix when converting from pdf to png, thanks to Thomas
Preud'homme (Closes: #668214).
* Provides: libmagickcore-extra in order to avoid broken depends. Thanks
to Julien Cristau (closes: #667826). Urgency high to make sure the
FTBS-inducing bug is closed fast...
-- Bastien Roucariès <email address hidden> Mon, 16 Apr 2012 11:18:10 +0200
-
imagemagick (8:6.7.4.0-4) unstable; urgency=high
* Fix CVE-2012-0259 / CVE-2012-0260 / CVE-2012-1798 /
CVE-2012-1610 (Closes: #667635)
- Vulnerability CVE-2012-0259 can cause a DoS in a system
via handing JPEG files with invalid EXIF XResolution tag.
- Vulnerability CVE-2012-0260 can lead to excessive use of
memory in target system, when processing a malicious JPEG file.
Excessive use of memory can lead to denial of service.
- Vulnerability CVE-2012-1798 can cause program to crash when
reading invalid memory, while parsing EXIF IFD in a TIFF file.
- Vulnerability CVE-2012-1610 Fix a Potential EXIF Integer Overflow
* Fix menu file to run display.im6 instead of display (fix lintian warning)
-- Bastien Roucariès <email address hidden> Tue, 10 Apr 2012 17:24:02 +0200
-
imagemagick (8:6.6.9.7-7) unstable; urgency=high
* Fix "Invalid validation DoS CVE-2012-1185 / CVE-2012-1186"
(Closes: #665007)
* Bumping urgency to high to fix open security issue in testing
-- Bastien Roucariès <email address hidden> Tue, 27 Mar 2012 16:47:41 +0200
-
imagemagick (8:6.6.9.7-6) unstable; urgency=high
* Security bug fix: "Invalid validation DoS
CVE-2012-0247/CVE-2012-02478", thanks to Henri Salo (Closes: #659339).
* Bumping urgency to high to fix open security issue in testing
* Apply patch from revision r6606 to fix compilation with newer zlib.
-- Vincent Fourmond <email address hidden> Wed, 22 Feb 2012 23:08:56 +0100
-
imagemagick (8:6.6.9.7-5) unstable; urgency=low
* Replace a overlapped memcopy by a memmove * Fix a PNG reduction bug "Corrupted (?) icons", thanks to Torbjörn Andersson <email address hidden> (Closes: #630619). * Fix parallel build issue. Make debian/rules install target depend on check. Thanks Colin Watson <email address hidden> (Closes: #593041). -- Bastien Roucariès <email address hidden> Thu, 16 Jun 2011 00:18:36 +0200
-
imagemagick (8:6.6.0.4-3) unstable; urgency=medium
* Apply fix for reading config files from current directory, found by
Jakub Wilk <email address hidden> (Closes: #601824).
Thanks to Andreas Metzler <email address hidden> for the nicely
formatted patch.
-- Nelson A. de Oliveira <email address hidden> Tue, 16 Nov 2010 10:53:04 -0200
