Format: 1.8 Date: Tue, 21 Jan 2020 14:15:33 -0300 Source: graphicsmagick Binary: graphicsmagick libgraphicsmagick-q16-3 libgraphicsmagick1-dev libgraphicsmagick++-q16-12 libgraphicsmagick++1-dev libgraphics-magick-perl graphicsmagick-imagemagick-compat graphicsmagick-libmagick-dev-compat graphicsmagick-dbg Architecture: armhf Version: 1.3.23-1ubuntu0.5 Distribution: xenial Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Eduardo Barretto Description: graphicsmagick - collection of image processing tools graphicsmagick-dbg - format-independent image processing - debugging symbols graphicsmagick-imagemagick-compat - image processing tools providing ImageMagick interface graphicsmagick-libmagick-dev-compat - image processing libraries providing ImageMagick interface libgraphics-magick-perl - format-independent image processing - perl interface libgraphicsmagick++-q16-12 - format-independent image processing - C++ shared library libgraphicsmagick++1-dev - format-independent image processing - C++ development files libgraphicsmagick-q16-3 - format-independent image processing - C shared library libgraphicsmagick1-dev - format-independent image processing - C development files Changes: graphicsmagick (1.3.23-1ubuntu0.5) xenial-security; urgency=medium . * SECURITY UPDATE: DoS in ReadWPGImage() - debian/patches/CVE-2017-16545.patch: Assure that colormapped image is a PseudoClass type with valid colormapped indexes. - CVE-2017-16545 * SECURITY UPDATE: DoS (negative strncpy) in DrawImage() - debian/patches/CVE-2017-16547.patch: Fix pointer computation which leads to large strncpy size request and bad array index. - CVE-2017-16547 * SECURITY UPDATE: Heap-based buffer overflow in coders/wpg.c - debian/patches/CVE-2017-16669-1.patch: Do not call SyncImagePixels() when something fails. - debian/patches/CVE-2017-16669-2.patch: Wrong row count checking. - debian/patches/CVE-2017-16669-3.patch: Detect pending use of null indexes pointer due to programming error and report it. - debian/patches/CVE-2017-16669-4.patch: Fix crash which image fails to produce expected PseudoClass indexes. - debian/patches/CVE-2017-16669-5.patch: Check for InsertRow() return value. - debian/patches/CVE-2017-16669-6.patch: Check InsertRow() return value for all calls. - CVE-2017-16669 * SECURITY UPDATE: Heap-based buffer overflow in WritePNMImage() - debian/patches/CVE-2017-17498.patch: Fix buffer overflow when writing gray+alpha 1-bit/sample. - CVE-2017-17498 * SECURITY UPDATE: Heap-based buffer over-read in ReadRGBImage() - debian/patches/CVE-2017-17500.patch: Fix heap-overflow due to tile outside image bounds. - CVE-2017-17500 * SECURITY UPDATE: Heap-based buffer over-read in WriteOnePNGImage() - debian/patches/CVE-2017-17501.patch: Fix heap read overrun while testing pixels for opacity. - CVE-2017-17501 * SECURITY UPDATE: Heap-based buffer over-read in ReadCMYKImage() - debian/patches/CVE-2017-17502.patch: Fix heap-overflow due to tile outside image bounds. - CVE-2017-17502 * SECURITY UPDATE: Heap-based buffer over-read in ReadGRAYImage() - debian/patches/CVE-2017-17503.patch: Fix heap-overflow due to tile outside image bounds. - CVE-2017-17503 * SECURITY UPDATE: Heap-based buffer over-read in ReadOneJNGImage() - debian/patches/CVE-2017-17782.patch: Fix wrong offset into oFFs chunk which caused heap read overflow. - CVE-2017-17782 * SECURITY UPDATE: Buffer over-read in ReadPALMImage() - debian/patches/CVE-2017-17783.patch: Fix heap buffer overflow in Q8 build while initializing color palette. - CVE-2017-17783 Checksums-Sha1: 202545293920a758ed71741d678efd677e369cf7 3006346 graphicsmagick-dbg_1.3.23-1ubuntu0.5_armhf.deb d4301b68cc6fb8074524b757ead2dcafcb7cb6cc 1292 graphicsmagick-dbgsym_1.3.23-1ubuntu0.5_armhf.ddeb 6b9e09f2a463f75b93fe914161f4edd4edb0b344 591770 graphicsmagick_1.3.23-1ubuntu0.5_armhf.deb 2c3b8eced8ce0eec952f2ade56d7ac6e3b79fb4d 1292 libgraphics-magick-perl-dbgsym_1.3.23-1ubuntu0.5_armhf.ddeb 870ce415ec4dffb3f0613a827bd891727f361770 49860 libgraphics-magick-perl_1.3.23-1ubuntu0.5_armhf.deb 0a633e89a00d3113c17b1bec90413629c99b1832 1254 libgraphicsmagick++-q16-12-dbgsym_1.3.23-1ubuntu0.5_armhf.ddeb bb6ac52e8bef3c199568735afceb7e93e9946f7a 87658 libgraphicsmagick++-q16-12_1.3.23-1ubuntu0.5_armhf.deb a7e8b5c0e063a20eb1e9f00e06b5ef5752c256aa 1266 libgraphicsmagick++1-dev-dbgsym_1.3.23-1ubuntu0.5_armhf.ddeb 5abb69051c676f22a17d90077b007d7ae6259116 251162 libgraphicsmagick++1-dev_1.3.23-1ubuntu0.5_armhf.deb 6896deea63ba8b76958f9f896ee3b0226d502872 1250 libgraphicsmagick-q16-3-dbgsym_1.3.23-1ubuntu0.5_armhf.ddeb 4a75f77cefab6604391ec07ee96853c8af68391f 1008152 libgraphicsmagick-q16-3_1.3.23-1ubuntu0.5_armhf.deb 84721c3707ad119dd56868d533b1e0d789aa3354 1258 libgraphicsmagick1-dev-dbgsym_1.3.23-1ubuntu0.5_armhf.ddeb 039428516911c99b0e416ba71e7cc199dff714d3 1226230 libgraphicsmagick1-dev_1.3.23-1ubuntu0.5_armhf.deb Checksums-Sha256: 719940bcb615eb50529ebb33ff0dda4e8b9c66dd11b489a656b9ff5504b03fbd 3006346 graphicsmagick-dbg_1.3.23-1ubuntu0.5_armhf.deb 7c332ca7510b98b945fc57d7d4622f16fd277b8094874c2b1d1b4aad6e7158e8 1292 graphicsmagick-dbgsym_1.3.23-1ubuntu0.5_armhf.ddeb 4725a346a729696884e63bdb489852c666233060e5a3737d8d25daf0b0f9a8c5 591770 graphicsmagick_1.3.23-1ubuntu0.5_armhf.deb eaad3b3445572fc6b959634ef806137221e8027a65094f9dfb6f15fc4bca7914 1292 libgraphics-magick-perl-dbgsym_1.3.23-1ubuntu0.5_armhf.ddeb af16a7659387026df0de67ed3fcbba7ae87c1f317ece2711fe20e014bc5df305 49860 libgraphics-magick-perl_1.3.23-1ubuntu0.5_armhf.deb 0afaa4200270dc6242a230b43822e9455d73927af5883467298c2dd932db927c 1254 libgraphicsmagick++-q16-12-dbgsym_1.3.23-1ubuntu0.5_armhf.ddeb 4dddaaf6cadb2ae7d48cc39a33dc2db7bd7e4e27423b38119b53ac6e44536366 87658 libgraphicsmagick++-q16-12_1.3.23-1ubuntu0.5_armhf.deb 82ca4376beea6ac6e30ef4a05feef11b9e0ad307c0801fc2c1622c21b634ee68 1266 libgraphicsmagick++1-dev-dbgsym_1.3.23-1ubuntu0.5_armhf.ddeb b79560e906ba4dbcd8c693c9fdb09b956dd5e7aa1a9fa03da692e3d69d44c2d7 251162 libgraphicsmagick++1-dev_1.3.23-1ubuntu0.5_armhf.deb f539cee17ca3e0ceca640bcb42b81a1f9b6b8b4c2a6fcb84482edb5a073073fe 1250 libgraphicsmagick-q16-3-dbgsym_1.3.23-1ubuntu0.5_armhf.ddeb 5c9b197ac25d9c7e9169939e9f5df141676118fe42e398b15f1d043d729edfc4 1008152 libgraphicsmagick-q16-3_1.3.23-1ubuntu0.5_armhf.deb eb08204ed6269a4fdd775cc47512f59599ba7c6309a427e4afdfd230410bfdec 1258 libgraphicsmagick1-dev-dbgsym_1.3.23-1ubuntu0.5_armhf.ddeb ab1d3e7f9d5a5109bb051a00d51a7d1651296d305a932789d58f9c621e1b2109 1226230 libgraphicsmagick1-dev_1.3.23-1ubuntu0.5_armhf.deb Files: bc21d3b206179cbcdd994aee27a8c359 3006346 debug extra graphicsmagick-dbg_1.3.23-1ubuntu0.5_armhf.deb 1dc67e7097934d5f91a2f4a395ecde73 1292 graphics extra graphicsmagick-dbgsym_1.3.23-1ubuntu0.5_armhf.ddeb 2ab0bdbea666ee5c1987942251b5e067 591770 graphics optional graphicsmagick_1.3.23-1ubuntu0.5_armhf.deb 6236655b571ef13416617bde0b8e6d51 1292 perl extra libgraphics-magick-perl-dbgsym_1.3.23-1ubuntu0.5_armhf.ddeb 34f5867653f487f1fe988671f23407d4 49860 perl optional libgraphics-magick-perl_1.3.23-1ubuntu0.5_armhf.deb ce0db961810473944f60f74d29ae599d 1254 libs extra libgraphicsmagick++-q16-12-dbgsym_1.3.23-1ubuntu0.5_armhf.ddeb f002e383b4a0e8d7c20057ff1ae922d8 87658 libs optional libgraphicsmagick++-q16-12_1.3.23-1ubuntu0.5_armhf.deb 4d95bef206bf42b8075fb3631a452e7b 1266 libdevel extra libgraphicsmagick++1-dev-dbgsym_1.3.23-1ubuntu0.5_armhf.ddeb eb502684ca1bd6390ed8cc98daf020f7 251162 libdevel optional libgraphicsmagick++1-dev_1.3.23-1ubuntu0.5_armhf.deb f351e7970d8b4cfb9e6b5f93608b9713 1250 libs extra libgraphicsmagick-q16-3-dbgsym_1.3.23-1ubuntu0.5_armhf.ddeb 080fa863f7f17138283996e3d528517d 1008152 libs optional libgraphicsmagick-q16-3_1.3.23-1ubuntu0.5_armhf.deb ff6440761e1d079ad22c8ec8b46420bf 1258 libdevel extra libgraphicsmagick1-dev-dbgsym_1.3.23-1ubuntu0.5_armhf.ddeb 54ea5d06adb6a9b6bd92b1c58c1aa5eb 1226230 libdevel optional libgraphicsmagick1-dev_1.3.23-1ubuntu0.5_armhf.deb Original-Maintainer: Laszlo Boszormenyi (GCS)