Format: 1.8 Date: Tue, 21 Jan 2020 14:15:33 -0300 Source: graphicsmagick Binary: graphicsmagick libgraphicsmagick-q16-3 libgraphicsmagick1-dev libgraphicsmagick++-q16-12 libgraphicsmagick++1-dev libgraphics-magick-perl graphicsmagick-imagemagick-compat graphicsmagick-libmagick-dev-compat graphicsmagick-dbg Architecture: powerpc Version: 1.3.23-1ubuntu0.5 Distribution: xenial Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Eduardo Barretto Description: graphicsmagick - collection of image processing tools graphicsmagick-dbg - format-independent image processing - debugging symbols graphicsmagick-imagemagick-compat - image processing tools providing ImageMagick interface graphicsmagick-libmagick-dev-compat - image processing libraries providing ImageMagick interface libgraphics-magick-perl - format-independent image processing - perl interface libgraphicsmagick++-q16-12 - format-independent image processing - C++ shared library libgraphicsmagick++1-dev - format-independent image processing - C++ development files libgraphicsmagick-q16-3 - format-independent image processing - C shared library libgraphicsmagick1-dev - format-independent image processing - C development files Changes: graphicsmagick (1.3.23-1ubuntu0.5) xenial-security; urgency=medium . * SECURITY UPDATE: DoS in ReadWPGImage() - debian/patches/CVE-2017-16545.patch: Assure that colormapped image is a PseudoClass type with valid colormapped indexes. - CVE-2017-16545 * SECURITY UPDATE: DoS (negative strncpy) in DrawImage() - debian/patches/CVE-2017-16547.patch: Fix pointer computation which leads to large strncpy size request and bad array index. - CVE-2017-16547 * SECURITY UPDATE: Heap-based buffer overflow in coders/wpg.c - debian/patches/CVE-2017-16669-1.patch: Do not call SyncImagePixels() when something fails. - debian/patches/CVE-2017-16669-2.patch: Wrong row count checking. - debian/patches/CVE-2017-16669-3.patch: Detect pending use of null indexes pointer due to programming error and report it. - debian/patches/CVE-2017-16669-4.patch: Fix crash which image fails to produce expected PseudoClass indexes. - debian/patches/CVE-2017-16669-5.patch: Check for InsertRow() return value. - debian/patches/CVE-2017-16669-6.patch: Check InsertRow() return value for all calls. - CVE-2017-16669 * SECURITY UPDATE: Heap-based buffer overflow in WritePNMImage() - debian/patches/CVE-2017-17498.patch: Fix buffer overflow when writing gray+alpha 1-bit/sample. - CVE-2017-17498 * SECURITY UPDATE: Heap-based buffer over-read in ReadRGBImage() - debian/patches/CVE-2017-17500.patch: Fix heap-overflow due to tile outside image bounds. - CVE-2017-17500 * SECURITY UPDATE: Heap-based buffer over-read in WriteOnePNGImage() - debian/patches/CVE-2017-17501.patch: Fix heap read overrun while testing pixels for opacity. - CVE-2017-17501 * SECURITY UPDATE: Heap-based buffer over-read in ReadCMYKImage() - debian/patches/CVE-2017-17502.patch: Fix heap-overflow due to tile outside image bounds. - CVE-2017-17502 * SECURITY UPDATE: Heap-based buffer over-read in ReadGRAYImage() - debian/patches/CVE-2017-17503.patch: Fix heap-overflow due to tile outside image bounds. - CVE-2017-17503 * SECURITY UPDATE: Heap-based buffer over-read in ReadOneJNGImage() - debian/patches/CVE-2017-17782.patch: Fix wrong offset into oFFs chunk which caused heap read overflow. - CVE-2017-17782 * SECURITY UPDATE: Buffer over-read in ReadPALMImage() - debian/patches/CVE-2017-17783.patch: Fix heap buffer overflow in Q8 build while initializing color palette. - CVE-2017-17783 Checksums-Sha1: 0841789096cc3654657cba31ba14bad3e12c38f6 3111898 graphicsmagick-dbg_1.3.23-1ubuntu0.5_powerpc.deb 28c4ebe2732416b55bcedcb7d60263ae399502d9 1290 graphicsmagick-dbgsym_1.3.23-1ubuntu0.5_powerpc.ddeb 30673bc632dcf7df34d7783e1916a07df16bfb12 592208 graphicsmagick_1.3.23-1ubuntu0.5_powerpc.deb 750db09deca595292f0ef52ce99e04abfab58df9 1288 libgraphics-magick-perl-dbgsym_1.3.23-1ubuntu0.5_powerpc.ddeb a9703c412f25c318b86aab78da458e48fa4019f0 47090 libgraphics-magick-perl_1.3.23-1ubuntu0.5_powerpc.deb 39adf04cf9757a043a8d9b8a9be743fb8ac27bd4 1256 libgraphicsmagick++-q16-12-dbgsym_1.3.23-1ubuntu0.5_powerpc.ddeb c094e6cb079481798c75c112f23d754bf1f3bc05 102688 libgraphicsmagick++-q16-12_1.3.23-1ubuntu0.5_powerpc.deb ad594c37cabb92bd723579f611697ca93928eb5e 1266 libgraphicsmagick++1-dev-dbgsym_1.3.23-1ubuntu0.5_powerpc.ddeb 24730e32dff5f8caad4c979239dd50b6d1662cb0 266026 libgraphicsmagick++1-dev_1.3.23-1ubuntu0.5_powerpc.deb 6877a517869ab4207fd31958e31eea8f43354e55 1248 libgraphicsmagick-q16-3-dbgsym_1.3.23-1ubuntu0.5_powerpc.ddeb 79f4c0e3293b3d3a7c19b166ad4f67d19628024b 950486 libgraphicsmagick-q16-3_1.3.23-1ubuntu0.5_powerpc.deb deefe4c0a5db19ab8f3ad6fe401851537746f600 1258 libgraphicsmagick1-dev-dbgsym_1.3.23-1ubuntu0.5_powerpc.ddeb 40fcfeb9971f97bed1d3f0f2012b02d71178c55a 1222010 libgraphicsmagick1-dev_1.3.23-1ubuntu0.5_powerpc.deb Checksums-Sha256: 98ce942e1b1d77abe155ba5d7b0820b8081d2d8b569cbe2a1b1a8400c3866c67 3111898 graphicsmagick-dbg_1.3.23-1ubuntu0.5_powerpc.deb 94b3fb67d2696ff3ba26a2b6e8b7736dc01da44e5cad66cf855ff30576892cca 1290 graphicsmagick-dbgsym_1.3.23-1ubuntu0.5_powerpc.ddeb b85eeec5de1930d32f69ea68896bdbaf65221bf48b4d76c99190f13965a4c4cd 592208 graphicsmagick_1.3.23-1ubuntu0.5_powerpc.deb 19ad9deec40cffc4cd3964ca8faba3b7cd1e11fb16306f694624170d3d451e0c 1288 libgraphics-magick-perl-dbgsym_1.3.23-1ubuntu0.5_powerpc.ddeb a1c62af12be4188036ac0b0b9b023630870df15da3186e2107ee5754e48635e9 47090 libgraphics-magick-perl_1.3.23-1ubuntu0.5_powerpc.deb 7f5e82c46a32b0d756a3c72ac8763e6572d2d9ba3d8a69eda838d054e6750913 1256 libgraphicsmagick++-q16-12-dbgsym_1.3.23-1ubuntu0.5_powerpc.ddeb 71f4001984aacad1857cec9c1be6afc5d86932cc903841aa34c81ba352cd6cb0 102688 libgraphicsmagick++-q16-12_1.3.23-1ubuntu0.5_powerpc.deb 2a812cc066f494d43b8d525b9831ce5aa7075d7925a6541bda75a1195a7a031c 1266 libgraphicsmagick++1-dev-dbgsym_1.3.23-1ubuntu0.5_powerpc.ddeb 8e1524cc4df621e3263aef49fd747f549a8d2eaf3fad1e01b9a489e542510082 266026 libgraphicsmagick++1-dev_1.3.23-1ubuntu0.5_powerpc.deb c6b502679d2858828c55e04220d898f3560196c32187cd51556f87f3a5c46d6f 1248 libgraphicsmagick-q16-3-dbgsym_1.3.23-1ubuntu0.5_powerpc.ddeb c14c86825dd5dd147e28d64b3a6e482a75688b9ce88c0552349e25a50d40685a 950486 libgraphicsmagick-q16-3_1.3.23-1ubuntu0.5_powerpc.deb 3e8aac40b2f258d8ec8c0ef6030b1714b9b788998fe92691a4501825c620dbd2 1258 libgraphicsmagick1-dev-dbgsym_1.3.23-1ubuntu0.5_powerpc.ddeb 8bf299baab78a74756aa4d2ed1b1bc60b381486138decb3bcf09c13f8514b3ea 1222010 libgraphicsmagick1-dev_1.3.23-1ubuntu0.5_powerpc.deb Files: a395d75c2179fe3793162b8e27fa42ae 3111898 debug extra graphicsmagick-dbg_1.3.23-1ubuntu0.5_powerpc.deb c2ed1019c6bc8699cab0e0ed69e148e5 1290 graphics extra graphicsmagick-dbgsym_1.3.23-1ubuntu0.5_powerpc.ddeb c8ceb8f08af2cf9bb633d89c67979096 592208 graphics optional graphicsmagick_1.3.23-1ubuntu0.5_powerpc.deb b9027a1aafd69752690d1574105f9fd3 1288 perl extra libgraphics-magick-perl-dbgsym_1.3.23-1ubuntu0.5_powerpc.ddeb ddc1a3aef1c706844f7bcfc68208d51a 47090 perl optional libgraphics-magick-perl_1.3.23-1ubuntu0.5_powerpc.deb 69aeada2e177dbcf09568d13479030fb 1256 libs extra libgraphicsmagick++-q16-12-dbgsym_1.3.23-1ubuntu0.5_powerpc.ddeb 393b7a5318ec85222e701fe14d8b6cd7 102688 libs optional libgraphicsmagick++-q16-12_1.3.23-1ubuntu0.5_powerpc.deb 3bb62b523cfda3734be288460dc1a13e 1266 libdevel extra libgraphicsmagick++1-dev-dbgsym_1.3.23-1ubuntu0.5_powerpc.ddeb c205c90dba068b736ce67383dfbac75f 266026 libdevel optional libgraphicsmagick++1-dev_1.3.23-1ubuntu0.5_powerpc.deb 7fcbfe752bafd6c9bc0ff7cd7a897f1b 1248 libs extra libgraphicsmagick-q16-3-dbgsym_1.3.23-1ubuntu0.5_powerpc.ddeb 340e60bae88cb1d720c5ad5b307eb619 950486 libs optional libgraphicsmagick-q16-3_1.3.23-1ubuntu0.5_powerpc.deb d0d2bb3fa579d79623a2082b6bd65968 1258 libdevel extra libgraphicsmagick1-dev-dbgsym_1.3.23-1ubuntu0.5_powerpc.ddeb c2b9fd07a65681e8669d40965983eeb8 1222010 libdevel optional libgraphicsmagick1-dev_1.3.23-1ubuntu0.5_powerpc.deb Original-Maintainer: Laszlo Boszormenyi (GCS)