Format: 1.8 Date: Thu, 28 Nov 2019 11:36:23 -0300 Source: graphicsmagick Binary: graphicsmagick libgraphicsmagick-q16-3 libgraphicsmagick1-dev libgraphicsmagick++-q16-12 libgraphicsmagick++1-dev libgraphics-magick-perl graphicsmagick-imagemagick-compat graphicsmagick-libmagick-dev-compat graphicsmagick-dbg Architecture: ppc64el Version: 1.3.23-1ubuntu0.2 Distribution: xenial Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Eduardo Barretto Description: graphicsmagick - collection of image processing tools graphicsmagick-dbg - format-independent image processing - debugging symbols graphicsmagick-imagemagick-compat - image processing tools providing ImageMagick interface graphicsmagick-libmagick-dev-compat - image processing libraries providing ImageMagick interface libgraphics-magick-perl - format-independent image processing - perl interface libgraphicsmagick++-q16-12 - format-independent image processing - C++ shared library libgraphicsmagick++1-dev - format-independent image processing - C++ development files libgraphicsmagick-q16-3 - format-independent image processing - C shared library libgraphicsmagick1-dev - format-independent image processing - C development files Changes: graphicsmagick (1.3.23-1ubuntu0.2) xenial-security; urgency=medium . * SECURITY UPDATE: Allocation failure vulnerability - debian/patches/CVE-2017-13147.patch: deal with too-large MNG chunks in coders/png.c - CVE-2017-13147 * SECURITY UPDATE: Allocation failure vulnerability - debian/patches/CVE-2017-14042.patch: PNM for binary formats, verify sufficient backing file data before memory request. - CVE-2017-14042 * SECURITY UPDATE: DoS (out-of-bounds read and crash) via a small samples per pixel value in a CMYKA TIFF file. - debian/patches/CVE-2017-6335.patch: Fix out of bounds access when reading CMYKA tiff which claims wrong samples/pixel. - CVE-2017-6335 * SECURITY UPDATE: Buffer overflow while processing an RGB TIFF picture with metadata. - debian/patches/CVE-2017-10794.patch: Use a generalized method to enforce that buffer overflow can not happen while importing pixels. - CVE-2017-10794 * SECURITY UPDATE: DoS (out-of-memory) when processing a DPX image with metadata. - debian/patches/CVE-2017-10799.patch: Estimate minimum required file sized based on header, and reject files with insufficient data. - CVE-2017-10799 * SECURITY UPDATE: DoS (crash) while reading a JNG file via a zero-length color_image data structure. - debian/patches/CVE-2017-11102.patch: Stop crash due to zero-length color_image while reading a JNG. - CVE-2017-11102 * SECURITY UPDATE: DoS (resource consumption) via a crafted JPEG file. - debian/patches/CVE-2017-11140.patch: Defer creating pixel cache until first scanline. - CVE-2017-11140 * SECURITY UPDATE: Use-after-free via a crafted MNG file. - debian/patches/CVE-2017-11403-1.patch: Fix out-of-order CloseBlob() and DestroyImageList() that caused a use-after-free crash. - debian/patches/CVE-2017-11403-2.patch: Improve fix of use-after-free. - CVE-2017-11403 * SECURITY UPDATE: Heap overflow when processing multiple frames that have non-identical widths. - debian/patches/CVE-2017-11636.patch: Fixed heap overflow with multiple frames with varying widths. - CVE-2017-11636 * SECURITY UPDATE: NULL pointer deference in the WritePCLImage() function. - debian/patches/CVE-2017-11637.patch: Fix null pointer dereference in writing monochrome images. - CVE-2017-11637 Checksums-Sha1: d17d8f4be9885891c71bd568b794ada536094841 3095442 graphicsmagick-dbg_1.3.23-1ubuntu0.2_ppc64el.deb a86133d4aa61eda3b5a74c9e94fbaf59e24f751b 1292 graphicsmagick-dbgsym_1.3.23-1ubuntu0.2_ppc64el.ddeb f59992ac52485153c5e6a8066d34abb73e90f0a6 591960 graphicsmagick_1.3.23-1ubuntu0.2_ppc64el.deb ce955a62e20121221fefc5eea312eca08186a491 1288 libgraphics-magick-perl-dbgsym_1.3.23-1ubuntu0.2_ppc64el.ddeb 33c7663a3c6bc8a03fe33a269c4f7f98a150ce25 49420 libgraphics-magick-perl_1.3.23-1ubuntu0.2_ppc64el.deb 12fe677bae105deea674b0e56267385ac3d32bd2 1258 libgraphicsmagick++-q16-12-dbgsym_1.3.23-1ubuntu0.2_ppc64el.ddeb 6a1c3d393172c80c7960c1df70f29c92fe35eb8d 104930 libgraphicsmagick++-q16-12_1.3.23-1ubuntu0.2_ppc64el.deb d14ef418e623845abd1de1552d7b9d4f961b7914 1266 libgraphicsmagick++1-dev-dbgsym_1.3.23-1ubuntu0.2_ppc64el.ddeb cdd7705febc1b2d473b5bda99cd35c3ff34bbdfc 275126 libgraphicsmagick++1-dev_1.3.23-1ubuntu0.2_ppc64el.deb 55c1e236dee6099029dfe8c813c725df852ad144 1248 libgraphicsmagick-q16-3-dbgsym_1.3.23-1ubuntu0.2_ppc64el.ddeb f784f36232b4a70773ac604cef128895cc9cc812 957770 libgraphicsmagick-q16-3_1.3.23-1ubuntu0.2_ppc64el.deb 4634add0243a70ce3162cb7705d929e179eac999 1258 libgraphicsmagick1-dev-dbgsym_1.3.23-1ubuntu0.2_ppc64el.ddeb ad84d03c12514746a231ed604690309f300cbaab 1240278 libgraphicsmagick1-dev_1.3.23-1ubuntu0.2_ppc64el.deb Checksums-Sha256: ae03494c3b42416efe6897b6bd1d3597a9e975a1f3f36fa291c4f1b42b179cde 3095442 graphicsmagick-dbg_1.3.23-1ubuntu0.2_ppc64el.deb 133e3ab89b53941eb3473706a5b35bd5ab51723ce8de310367d3c3691134fa1c 1292 graphicsmagick-dbgsym_1.3.23-1ubuntu0.2_ppc64el.ddeb 797121ff7e349642cbde87ae5540e1f8dfa5a544c28fd35287dda133df9e8ddd 591960 graphicsmagick_1.3.23-1ubuntu0.2_ppc64el.deb d238281199f8ce0f99649f2a74a945272b15aff2b16310838a128b2da91dbfb4 1288 libgraphics-magick-perl-dbgsym_1.3.23-1ubuntu0.2_ppc64el.ddeb ad959e7f69b6cef09f263c383914ad77be181653969b2dbe1a861db628328eac 49420 libgraphics-magick-perl_1.3.23-1ubuntu0.2_ppc64el.deb 6cfcfabe8eee1aed04859d52195e211a210fc8577642f0bfceeeb66fc5f2230f 1258 libgraphicsmagick++-q16-12-dbgsym_1.3.23-1ubuntu0.2_ppc64el.ddeb 754fbeb05e02cfba0c87dac7d051c5b415e3b729d7fe86b732694d588a66d0a9 104930 libgraphicsmagick++-q16-12_1.3.23-1ubuntu0.2_ppc64el.deb 71712eea48e24f38bb19a9a59ff4e13654a6854bdbfd6db9145f53979e3eb7c6 1266 libgraphicsmagick++1-dev-dbgsym_1.3.23-1ubuntu0.2_ppc64el.ddeb bc4996cce47fe9985a4f025e5fb67554d94a6d602b3cf8462c6478e88e1f1b77 275126 libgraphicsmagick++1-dev_1.3.23-1ubuntu0.2_ppc64el.deb e20c3d0bfa234d753830a9273941a50078a937fe8b2c304d4d3c739290e226b6 1248 libgraphicsmagick-q16-3-dbgsym_1.3.23-1ubuntu0.2_ppc64el.ddeb b0160053a4f7d596043990eaa3b8120b1c925a33385956d035cff9fd49838530 957770 libgraphicsmagick-q16-3_1.3.23-1ubuntu0.2_ppc64el.deb 22ea6698d8dd677d4ba1289bba1f393f648a55a47f581cbd7c74e8e455079f1f 1258 libgraphicsmagick1-dev-dbgsym_1.3.23-1ubuntu0.2_ppc64el.ddeb 762dcd30e2aec42424ca0e9d026a8f44ffd8c77254c4e46bc6cdc9169f73bff2 1240278 libgraphicsmagick1-dev_1.3.23-1ubuntu0.2_ppc64el.deb Files: c1af1f405b94912032df825daf583d52 3095442 debug extra graphicsmagick-dbg_1.3.23-1ubuntu0.2_ppc64el.deb 0c3393ef782f8f08e6e194449d9002d6 1292 graphics extra graphicsmagick-dbgsym_1.3.23-1ubuntu0.2_ppc64el.ddeb 23c88c68da52a2d066a50e95571fa498 591960 graphics optional graphicsmagick_1.3.23-1ubuntu0.2_ppc64el.deb e3d6fddc68fd429d2fb022d1c457dfd3 1288 perl extra libgraphics-magick-perl-dbgsym_1.3.23-1ubuntu0.2_ppc64el.ddeb 2aee3fcdf8aa93d918330e5996d47272 49420 perl optional libgraphics-magick-perl_1.3.23-1ubuntu0.2_ppc64el.deb 566c44867bab0bf7b2c9d1531fdb7be2 1258 libs extra libgraphicsmagick++-q16-12-dbgsym_1.3.23-1ubuntu0.2_ppc64el.ddeb 2a7ac2fc90043b91df544edc128cf3c0 104930 libs optional libgraphicsmagick++-q16-12_1.3.23-1ubuntu0.2_ppc64el.deb 8a5ce8f35bfe04e14fe53602e6af0611 1266 libdevel extra libgraphicsmagick++1-dev-dbgsym_1.3.23-1ubuntu0.2_ppc64el.ddeb 1a2cad905c7d963467a02bf952b2db70 275126 libdevel optional libgraphicsmagick++1-dev_1.3.23-1ubuntu0.2_ppc64el.deb 73f40548ddd3c82783b097edb766748c 1248 libs extra libgraphicsmagick-q16-3-dbgsym_1.3.23-1ubuntu0.2_ppc64el.ddeb a2b0bd7a092fe206d170c252bb9ea515 957770 libs optional libgraphicsmagick-q16-3_1.3.23-1ubuntu0.2_ppc64el.deb 9fcc768ca56712f57c084a340581c5ed 1258 libdevel extra libgraphicsmagick1-dev-dbgsym_1.3.23-1ubuntu0.2_ppc64el.ddeb 70b837d670a10ef4196cadb734bbd34d 1240278 libdevel optional libgraphicsmagick1-dev_1.3.23-1ubuntu0.2_ppc64el.deb Original-Maintainer: Laszlo Boszormenyi (GCS)