Format: 1.8 Date: Thu, 28 Nov 2019 11:36:23 -0300 Source: graphicsmagick Binary: graphicsmagick libgraphicsmagick-q16-3 libgraphicsmagick1-dev libgraphicsmagick++-q16-12 libgraphicsmagick++1-dev libgraphics-magick-perl graphicsmagick-imagemagick-compat graphicsmagick-libmagick-dev-compat graphicsmagick-dbg Architecture: s390x Version: 1.3.23-1ubuntu0.2 Distribution: xenial Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Eduardo Barretto Description: graphicsmagick - collection of image processing tools graphicsmagick-dbg - format-independent image processing - debugging symbols graphicsmagick-imagemagick-compat - image processing tools providing ImageMagick interface graphicsmagick-libmagick-dev-compat - image processing libraries providing ImageMagick interface libgraphics-magick-perl - format-independent image processing - perl interface libgraphicsmagick++-q16-12 - format-independent image processing - C++ shared library libgraphicsmagick++1-dev - format-independent image processing - C++ development files libgraphicsmagick-q16-3 - format-independent image processing - C shared library libgraphicsmagick1-dev - format-independent image processing - C development files Changes: graphicsmagick (1.3.23-1ubuntu0.2) xenial-security; urgency=medium . * SECURITY UPDATE: Allocation failure vulnerability - debian/patches/CVE-2017-13147.patch: deal with too-large MNG chunks in coders/png.c - CVE-2017-13147 * SECURITY UPDATE: Allocation failure vulnerability - debian/patches/CVE-2017-14042.patch: PNM for binary formats, verify sufficient backing file data before memory request. - CVE-2017-14042 * SECURITY UPDATE: DoS (out-of-bounds read and crash) via a small samples per pixel value in a CMYKA TIFF file. - debian/patches/CVE-2017-6335.patch: Fix out of bounds access when reading CMYKA tiff which claims wrong samples/pixel. - CVE-2017-6335 * SECURITY UPDATE: Buffer overflow while processing an RGB TIFF picture with metadata. - debian/patches/CVE-2017-10794.patch: Use a generalized method to enforce that buffer overflow can not happen while importing pixels. - CVE-2017-10794 * SECURITY UPDATE: DoS (out-of-memory) when processing a DPX image with metadata. - debian/patches/CVE-2017-10799.patch: Estimate minimum required file sized based on header, and reject files with insufficient data. - CVE-2017-10799 * SECURITY UPDATE: DoS (crash) while reading a JNG file via a zero-length color_image data structure. - debian/patches/CVE-2017-11102.patch: Stop crash due to zero-length color_image while reading a JNG. - CVE-2017-11102 * SECURITY UPDATE: DoS (resource consumption) via a crafted JPEG file. - debian/patches/CVE-2017-11140.patch: Defer creating pixel cache until first scanline. - CVE-2017-11140 * SECURITY UPDATE: Use-after-free via a crafted MNG file. - debian/patches/CVE-2017-11403-1.patch: Fix out-of-order CloseBlob() and DestroyImageList() that caused a use-after-free crash. - debian/patches/CVE-2017-11403-2.patch: Improve fix of use-after-free. - CVE-2017-11403 * SECURITY UPDATE: Heap overflow when processing multiple frames that have non-identical widths. - debian/patches/CVE-2017-11636.patch: Fixed heap overflow with multiple frames with varying widths. - CVE-2017-11636 * SECURITY UPDATE: NULL pointer deference in the WritePCLImage() function. - debian/patches/CVE-2017-11637.patch: Fix null pointer dereference in writing monochrome images. - CVE-2017-11637 Checksums-Sha1: 2ad891be0b9d090200d3d8c664b5e58d4a942700 3118718 graphicsmagick-dbg_1.3.23-1ubuntu0.2_s390x.deb f4ab8d931594d20a3620e5a0b2ebfdc3aa70a005 1292 graphicsmagick-dbgsym_1.3.23-1ubuntu0.2_s390x.ddeb b85a1ef8a4285c328c91798b6ee61668ef326f54 589444 graphicsmagick_1.3.23-1ubuntu0.2_s390x.deb 0be6d22b1f9647aefb5d23699a265485a0594678 1288 libgraphics-magick-perl-dbgsym_1.3.23-1ubuntu0.2_s390x.ddeb b29b5b9eaf2b4012d36a6bd7ae2b064f4839dda9 48750 libgraphics-magick-perl_1.3.23-1ubuntu0.2_s390x.deb af038a9cb9099c26db1c97109b2c078b7a6b8c42 1254 libgraphicsmagick++-q16-12-dbgsym_1.3.23-1ubuntu0.2_s390x.ddeb 565e2fb4cf0c078f9351d179c02115108120ed4e 99218 libgraphicsmagick++-q16-12_1.3.23-1ubuntu0.2_s390x.deb 00dc6544aa59d4aca592711ac092ff4238beb857 1264 libgraphicsmagick++1-dev-dbgsym_1.3.23-1ubuntu0.2_s390x.ddeb 8d736581b1434a107b4012d4f8a1d354335129aa 263224 libgraphicsmagick++1-dev_1.3.23-1ubuntu0.2_s390x.deb 030e3196f2224c77fc02e0b8c9782e0ddf97c1ab 1250 libgraphicsmagick-q16-3-dbgsym_1.3.23-1ubuntu0.2_s390x.ddeb 90bcddc85a42cd8a65f3245142cf882b363af09e 999094 libgraphicsmagick-q16-3_1.3.23-1ubuntu0.2_s390x.deb c6a06a926b57bdb866bea4e3b064649f955a8c3a 1256 libgraphicsmagick1-dev-dbgsym_1.3.23-1ubuntu0.2_s390x.ddeb 5fc42616b2bbfc8354ad4418d2106d35565f3387 1251614 libgraphicsmagick1-dev_1.3.23-1ubuntu0.2_s390x.deb Checksums-Sha256: def76495961076a69f3cb54b337e8fe5c61b7cc647ba259a9a439a2f76739f78 3118718 graphicsmagick-dbg_1.3.23-1ubuntu0.2_s390x.deb d2dcad5bbe59c34530c8b9bdcf971d2c00be25a5a56fb9d417bbc7318b5d4842 1292 graphicsmagick-dbgsym_1.3.23-1ubuntu0.2_s390x.ddeb 8663f1787d22ea599f57457282a702ed6aefa29e4eedb69684fbfe7683a0dd96 589444 graphicsmagick_1.3.23-1ubuntu0.2_s390x.deb 0bd94ae34e0d086dd9c5dc8f29f83f7e87950393754064755402cb4692207c91 1288 libgraphics-magick-perl-dbgsym_1.3.23-1ubuntu0.2_s390x.ddeb 1f1b77a9de556290d61e900caf59ac776a2c15c422cfc278558ce12364130392 48750 libgraphics-magick-perl_1.3.23-1ubuntu0.2_s390x.deb ad8138b58c9091dc3ad7acc269b28b691512dca94d916b622e99e2f6933b989b 1254 libgraphicsmagick++-q16-12-dbgsym_1.3.23-1ubuntu0.2_s390x.ddeb 2414ca52712f8d433637fb8c38809e9ca825e5081e6225dbd458ccffed331bdb 99218 libgraphicsmagick++-q16-12_1.3.23-1ubuntu0.2_s390x.deb 602415e3b4c1025abcff73e5d472751dc189cb8017d7d7884818e72c9cb689fb 1264 libgraphicsmagick++1-dev-dbgsym_1.3.23-1ubuntu0.2_s390x.ddeb 09242b33f9709547f4658eaee186c3a2b602291de91946d26111a963ab7499b9 263224 libgraphicsmagick++1-dev_1.3.23-1ubuntu0.2_s390x.deb afab4bd837df812fcbb54e119f4807f06299e471bd756b1d7313f838bd793c84 1250 libgraphicsmagick-q16-3-dbgsym_1.3.23-1ubuntu0.2_s390x.ddeb 742f4516d9c436993bb8efadf58bde5c8c2ed5f09dd6a17851b69df764e11eec 999094 libgraphicsmagick-q16-3_1.3.23-1ubuntu0.2_s390x.deb df82f80a4ede82dc5c859889e796d6ca8847290dea0f6736f73cf8df6a974ffb 1256 libgraphicsmagick1-dev-dbgsym_1.3.23-1ubuntu0.2_s390x.ddeb 20d8b5f2e8cea24efc210d9a691d3aa4ac5292d35718c2636d34a98ee9c0f1ba 1251614 libgraphicsmagick1-dev_1.3.23-1ubuntu0.2_s390x.deb Files: 76029e061b7779df96c74ce0372a55ea 3118718 debug extra graphicsmagick-dbg_1.3.23-1ubuntu0.2_s390x.deb 614c306eb3f6fb3f2a1aa47f64f56ef2 1292 graphics extra graphicsmagick-dbgsym_1.3.23-1ubuntu0.2_s390x.ddeb cc5e0f34135d373e0d2d448a84352d5b 589444 graphics optional graphicsmagick_1.3.23-1ubuntu0.2_s390x.deb b40df2c899ed0e169133b9b2b086adab 1288 perl extra libgraphics-magick-perl-dbgsym_1.3.23-1ubuntu0.2_s390x.ddeb b6726b9e7374b480674936c0a3cc53ca 48750 perl optional libgraphics-magick-perl_1.3.23-1ubuntu0.2_s390x.deb 8f6a696903d28e80d7e557c52604d43c 1254 libs extra libgraphicsmagick++-q16-12-dbgsym_1.3.23-1ubuntu0.2_s390x.ddeb 28818c3d253782eb8fc66ea7afc55045 99218 libs optional libgraphicsmagick++-q16-12_1.3.23-1ubuntu0.2_s390x.deb 26f595a849390dc07b6d7d925cb0302a 1264 libdevel extra libgraphicsmagick++1-dev-dbgsym_1.3.23-1ubuntu0.2_s390x.ddeb 352c5832b18813af117b009a29837d47 263224 libdevel optional libgraphicsmagick++1-dev_1.3.23-1ubuntu0.2_s390x.deb e572a17286c500c4e83d09c506912241 1250 libs extra libgraphicsmagick-q16-3-dbgsym_1.3.23-1ubuntu0.2_s390x.ddeb ab8a78635720d4b00d569c9194a96ab2 999094 libs optional libgraphicsmagick-q16-3_1.3.23-1ubuntu0.2_s390x.deb 37e0b77a7dd776a4d318980a94e3c09c 1256 libdevel extra libgraphicsmagick1-dev-dbgsym_1.3.23-1ubuntu0.2_s390x.ddeb 06550ce5f4a0e63544d3beb167c11122 1251614 libdevel optional libgraphicsmagick1-dev_1.3.23-1ubuntu0.2_s390x.deb Original-Maintainer: Laszlo Boszormenyi (GCS)