Format: 1.8 Date: Tue, 16 Oct 2018 05:31:05 +0000 Source: graphicsmagick Binary: graphicsmagick libgraphicsmagick-q16-3 libgraphicsmagick1-dev libgraphicsmagick++-q16-12 libgraphicsmagick++1-dev libgraphics-magick-perl graphicsmagick-imagemagick-compat graphicsmagick-libmagick-dev-compat graphicsmagick-dbg Architecture: source Version: 1.3.30+hg15796-1+ubuntu18.04.1+deb.sury.org+2 Distribution: bionic Urgency: high Maintainer: Laszlo Boszormenyi (GCS) Changed-By: Ondřej Surý Description: graphicsmagick - collection of image processing tools graphicsmagick-dbg - format-independent image processing - debugging symbols graphicsmagick-imagemagick-compat - image processing tools providing ImageMagick interface graphicsmagick-libmagick-dev-compat - image processing libraries providing ImageMagick interface libgraphics-magick-perl - format-independent image processing - perl interface libgraphicsmagick++-q16-12 - format-independent image processing - C++ shared library libgraphicsmagick++1-dev - format-independent image processing - C++ development files libgraphicsmagick-q16-3 - format-independent image processing - C shared library libgraphicsmagick1-dev - format-independent image processing - C development files Changes: graphicsmagick (1.3.30+hg15796-1+ubuntu18.04.1+deb.sury.org+2) bionic; urgency=medium . * No-change backport to bionic . graphicsmagick (1.3.30+hg15796-1) unstable; urgency=high . * Mercurial snapshot, fixing the following security issues: - WEBP: Fix compiler warnings regarding uninitialized structure members, - ReadJPEGImage(): Allow libjpeg to use 1/5th of the total memory limit, - ReadJPEGImage(): Make sure that JPEG pixels array is initialized in case libjpeg fails to completely initialize it, - WriteOnePNGImage(): Free png_pixels as soon as possible, - ReadMIFFImage(): Detect EOF when reading using ReadBlobZC() and avoid subsequent heap read overflow, - ReadMVGImage(): Don't assume that in-memory MVG blob is a null-terminated C string, - ReadMVGImage(): Don't allow MVG files to side-load a file as the drawing primitive using '@' syntax, - FileToBlob(): Use confirm access APIs to verify that read access is allowed, and verify that file is a regular file, - ExtractTokensBetweenPushPop() needs to always return a valid pointer into the primitive string, - DrawPolygonPrimitive(): Fix leak of polygon set when object is completely outside image, - SetNexus(): For requests one pixel tall, SetNexus() was wrongly using pixels in-core rather than using a staging area for the case where the nexus rows extend beyond the image raster boundary, - ReadCINEONImage(): Quit immediately on EOF and detect short files, - ReadMVGImage(): Fix memory leak, - Add mechanism to approve embedded subformats in WPG, - ReadXBMImage(): Add validations for row and column dimensions, - MAT InsertComplexFloatRow(): Avoid signed overflow, - InsertComplexFloatRow(): Try not to lose the previous intention while avoiding signed overflow, - XBMInteger(): Limit the number of hex digits parsed to avoid signed integer overflow, - MAT: More aggresive data corruption checking, - MAT: Correctly check GetBlobSize(image) even for zipstreams inside blob, - MAT: Explicitly reject non-seekable streams, - DrawImage(): Add missing error-reporting logic to return immediately upon memory reallocation failure. Apply memory resource limits to PrimitiveInfo array allocation, - MagickAtoFChk(): Add additional validation checks for floating point values. NAN and +/- INFINITY values also map to 0.0 , - ReadMPCImage()/(ReadMIFFImage(): Insist that the format be identified prior to any comment, and that there is only one comment, - ConvertPrimitiveToPath(): Enlarge PathInfo array allocation to avoid possible heap write overflow, - WPG: Fix intentional 64 bit file offset overflow, - DrawImage(): Be more precise about error detection and reporting, - TranslateTextEx(): Fix off-by-one in loop bounds check which allowed a one-byte stack write overflow, - DrawImage(): Fix excessive memory consumption due to SetImageAttribute() appending values, - QuantumTransferMode(): CIE Log images with an alpha channel are not supported, - ConvertPrimitiveToPath(): Second attempt to prevent heap write overflow of PathInfo array, - ExtractTileJPG(): Enforce that JPEG tiles are read by the JPEG coder, - MIFF and MPC, need to avoid leaking value allocation (day-old bug), - ReadSFWImage(): Enforce that file is read using the JPEG reader, - FindEXIFAttribute()/GenerateEXIFAttribute(): Change size types from signed to unsigned and check for unsigned overflow, - GenerateEXIFAttribute(): Eliminate undefined shift, - TraceEllipse(): Detect arithmetic overflow when computing the number of points to allocate for an ellipse, - ReadMNGImage(): mng_LOOP chunk must be at least 5 bytes long, - ReadJPEGImage(): Apply a default limit of 100 progressive scans before the reader quits with an error. * Update library symbols for this release. . graphicsmagick (1.3.30-1) unstable; urgency=high . * New upstream release, including many security fixes. * Build with all hardening enabled. . graphicsmagick (1.3.29+hg15665-1) unstable; urgency=high . * Mercurial snapshot, fixing the following security issues: - use of uninitialized value in IsMonochromeImage() , - divide by zero in GetPixelOpacity() , - write beyond array bounds in TraceStrokePolygon() , - use of uninitialized value in format8BIM() , - assertion failure in WriteBlob() , - out of bounds write in TraceEllipse() , - memory leak and use of uninitialized memory when handling eXIf chunk in png_malloc() , - floating point exception in WriteTIFFImage() , - leak of Image when TIFFReadRGBAImage() reports failure, - potentional leak when compressed object is corrupted, - floating point exception in WriteTIFFImage() , - heap double free in Magick::BlobRef::~BlobRef() , - direct leak in TIFFClientOpen() , - indirect leak in CloneImage() , - direct leak in ReadOneJNGImage() , - heap buffer overflow in put1bitbwtile() , - use of uninitialized value in SyncImageCallBack() , - validate tile memory requests for TIFFReadRGBATile() . * Remove profiles/sRGB Color Space Profile.ICM and jp2/data/colorprofiles/srgb.icm for being non-free. * Remove zlib/contrib/dotzlib/DotZLib.chm for no source available. . graphicsmagick (1.3.29-1) unstable; urgency=high . * New upstream release, including many security fixes. * Remove previously backported security patches. * Update library symbols for this release. * Update debhelper level to 11 . * Update Standards-Version to 4.1.4 . Checksums-Sha1: 6635725696445c9f3f481e15f082504f645255f8 3132 graphicsmagick_1.3.30+hg15796-1+ubuntu18.04.1+deb.sury.org+2.dsc e2a3a50bb3c609f4625b6a2a38de46357b881fe6 27390756 graphicsmagick_1.3.30+hg15796.orig.tar.xz 1527aea814ec21082df90a5b50791d54c536806c 142416 graphicsmagick_1.3.30+hg15796-1+ubuntu18.04.1+deb.sury.org+2.debian.tar.xz 5d0c9e9c459529512cbadaa4c31bf6cdcb2b2590 8975 graphicsmagick_1.3.30+hg15796-1+ubuntu18.04.1+deb.sury.org+2_source.buildinfo Checksums-Sha256: 36dc492152c10fcc6a954e544ff41124abcec3f3f13feaee6d8cd9a809458c58 3132 graphicsmagick_1.3.30+hg15796-1+ubuntu18.04.1+deb.sury.org+2.dsc b6748d7368f686c346c90b9077699568d1b60a25e820b7fe2d68168bad4c80b7 27390756 graphicsmagick_1.3.30+hg15796.orig.tar.xz df1e40c155b5e2c8c8656392a1d26436ee54d12ac884ea5a77414c1cc80dcd8d 142416 graphicsmagick_1.3.30+hg15796-1+ubuntu18.04.1+deb.sury.org+2.debian.tar.xz a33acb428b1f4e5728b5e4d29cf0f214936573fdfcc9cfde184c74463591374e 8975 graphicsmagick_1.3.30+hg15796-1+ubuntu18.04.1+deb.sury.org+2_source.buildinfo Files: 3aede5360a93a87376fe52c761bc9887 3132 graphics optional graphicsmagick_1.3.30+hg15796-1+ubuntu18.04.1+deb.sury.org+2.dsc a03ab1fdd46b33ad7d45a56289ec7ba2 27390756 graphics optional graphicsmagick_1.3.30+hg15796.orig.tar.xz 41ddd4c495151f81add591ed55d7e7c0 142416 graphics optional graphicsmagick_1.3.30+hg15796-1+ubuntu18.04.1+deb.sury.org+2.debian.tar.xz 6abdd824720cfe8d0bdcf2941611e0c3 8975 graphics optional graphicsmagick_1.3.30+hg15796-1+ubuntu18.04.1+deb.sury.org+2_source.buildinfo