Format: 1.8 Date: Sat, 31 Mar 2018 11:05:51 +0000 Source: graphicsmagick Binary: graphicsmagick libgraphicsmagick-q16-3 libgraphicsmagick1-dev libgraphicsmagick++-q16-12 libgraphicsmagick++1-dev libgraphics-magick-perl graphicsmagick-imagemagick-compat graphicsmagick-libmagick-dev-compat graphicsmagick-dbg Architecture: ppc64el Version: 1.3.28-2 Distribution: bionic-proposed Urgency: high Maintainer: Launchpad Build Daemon Changed-By: Laszlo Boszormenyi (GCS) Description: graphicsmagick - collection of image processing tools graphicsmagick-dbg - format-independent image processing - debugging symbols graphicsmagick-imagemagick-compat - image processing tools providing ImageMagick interface graphicsmagick-libmagick-dev-compat - image processing libraries providing ImageMagick interface libgraphics-magick-perl - format-independent image processing - perl interface libgraphicsmagick++-q16-12 - format-independent image processing - C++ shared library libgraphicsmagick++1-dev - format-independent image processing - C++ development files libgraphicsmagick-q16-3 - format-independent image processing - C shared library libgraphicsmagick1-dev - format-independent image processing - C development files Closes: 894396 Changes: graphicsmagick (1.3.28-2) unstable; urgency=high . * Backport security fixes: - don't use rescale map if it was not allocated, - validate number of colormap bits to avoid undefined shift behavior, - defend against partial scanf() expression matching, resulting in benign use of uninitialized data, - don't use rescale map if it was not allocated, - fix tile index overflow, - reject XPM if it contains non-whitespace control characters, - fix forged amount of frames 6755, - validate header length and offset properties, - fixed memory leak when tile overflows, - fix forged amount of frames 7076, - check for forged image that overflows file size, - validate size request prior to allocation, - validate that file size is sufficient for claimed image properties, - fix signed integer overflow when computing pixels size, - include number of FITS scenes in file size validations, - allocate space for null termination and null terminate string, - validate that samples per pixel is in valid range, - check whether datablock is really read, - verify that sufficient backing data exists before allocating memory to read it, - duplicate image check for data with fixed geometry, - CVE-2018-9018: avoid divide-by-zero if delay or timeout properties changed while ticks_per_second is zero (closes: #894396), - add checks for EOF, - validate that PICT rectangles do not have zero dimensions, - check image pixel limits before allocating memory for tile. * Backport patch to redesign ReadBlobDwordLSB() to be more effective. * Backport patch to destroy tile_image in ThrowPICTReaderException() macro to simplify logic. * Backport patch to remove shadowed tile_image variable which defeats new ThrowPICTReaderException() implementation. Checksums-Sha1: ae99c1f269c661995175f6fc9489fd1b873036e5 3408340 graphicsmagick-dbg_1.3.28-2_ppc64el.deb 7d1b7d2e31587b6b0f3aa6ac10154532a1cf747f 10807 graphicsmagick_1.3.28-2_ppc64el.buildinfo b542cbb3568ea1ec832e2ad778655dbb341cdd4c 634112 graphicsmagick_1.3.28-2_ppc64el.deb 599f3ea6ee8570a2c78b909891f44bd92236a3c2 51452 libgraphics-magick-perl_1.3.28-2_ppc64el.deb 43289d2e26bee1c2af1bcfe72bd2176a66fd4632 106796 libgraphicsmagick++-q16-12_1.3.28-2_ppc64el.deb 964cf9318f60c8ed145743e8a96943c847becbe6 278268 libgraphicsmagick++1-dev_1.3.28-2_ppc64el.deb e756abc9fe6a87b648bf523c6f97ea789ca58a0e 1012392 libgraphicsmagick-q16-3_1.3.28-2_ppc64el.deb da6d309e7c7ebd67b2a9af17ca82501ab7002d9f 1306184 libgraphicsmagick1-dev_1.3.28-2_ppc64el.deb Checksums-Sha256: f600226c7b86b571cb85ecaacd0fe67a3572bbdcf1cc4405b08a9774d4fdc7e0 3408340 graphicsmagick-dbg_1.3.28-2_ppc64el.deb 0a3adee78decbcdcd4cfbe9b666bc107153a0c01c4dd2cc042039d53dc48db6a 10807 graphicsmagick_1.3.28-2_ppc64el.buildinfo 473fd82234bca06e9df9bc231569c779f371147454fd9e5cb7dd1d9eece102aa 634112 graphicsmagick_1.3.28-2_ppc64el.deb 9d1160d62aa3b25d642009c393efaf0e2b0c0f317e2232eb528081164bc1824f 51452 libgraphics-magick-perl_1.3.28-2_ppc64el.deb 8bac9628a7318f8698828f43d6b79ae701e3ce9818134c821d10129d60c53ec8 106796 libgraphicsmagick++-q16-12_1.3.28-2_ppc64el.deb f09a326e64483cbb8c299554a462aeb4e04f6a75b31f85257aa5e752fe1e4502 278268 libgraphicsmagick++1-dev_1.3.28-2_ppc64el.deb 44b2f1018fff22d27250ffb06613da5e6b63478abc169a1ae4aa8e94d3dff53a 1012392 libgraphicsmagick-q16-3_1.3.28-2_ppc64el.deb 05871d19a315b722268f9fd50da03301234d1a0e8e56b9c9e7c58bbd387a3a3f 1306184 libgraphicsmagick1-dev_1.3.28-2_ppc64el.deb Files: de677dd01a4a89af7fb86d5bbbaba0b4 3408340 debug optional graphicsmagick-dbg_1.3.28-2_ppc64el.deb ca9c73f5b22e3fd52a7d9189ddc458d2 10807 graphics optional graphicsmagick_1.3.28-2_ppc64el.buildinfo 935b43ffaa0b5e55e6b8d11774c851f5 634112 graphics optional graphicsmagick_1.3.28-2_ppc64el.deb edef343226a3a9618012ceea851c7cf2 51452 perl optional libgraphics-magick-perl_1.3.28-2_ppc64el.deb a597c34400d81e12d22eacb943f409ab 106796 libs optional libgraphicsmagick++-q16-12_1.3.28-2_ppc64el.deb 5b6a07280466aec8f14b84f2f9d0a848 278268 libdevel optional libgraphicsmagick++1-dev_1.3.28-2_ppc64el.deb a1fb8d6f61abe32b52976998cee816d7 1012392 libs optional libgraphicsmagick-q16-3_1.3.28-2_ppc64el.deb 300979247b1c3fd86a4a140dac2cb126 1306184 libdevel optional libgraphicsmagick1-dev_1.3.28-2_ppc64el.deb