Format: 1.8 Date: Mon, 03 Feb 2020 16:47:01 -0300 Source: graphicsmagick Binary: graphicsmagick libgraphicsmagick-q16-3 libgraphicsmagick1-dev libgraphicsmagick++-q16-12 libgraphicsmagick++1-dev libgraphics-magick-perl graphicsmagick-imagemagick-compat graphicsmagick-libmagick-dev-compat graphicsmagick-dbg Architecture: armhf Version: 1.3.23-1ubuntu0.6 Distribution: xenial Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Eduardo Barretto Description: graphicsmagick - collection of image processing tools graphicsmagick-dbg - format-independent image processing - debugging symbols graphicsmagick-imagemagick-compat - image processing tools providing ImageMagick interface graphicsmagick-libmagick-dev-compat - image processing libraries providing ImageMagick interface libgraphics-magick-perl - format-independent image processing - perl interface libgraphicsmagick++-q16-12 - format-independent image processing - C++ shared library libgraphicsmagick++1-dev - format-independent image processing - C++ development files libgraphicsmagick-q16-3 - format-independent image processing - C shared library libgraphicsmagick1-dev - format-independent image processing - C development files Changes: graphicsmagick (1.3.23-1ubuntu0.6) xenial-security; urgency=medium . * SECURITY UPDATE: Heap-based buffer over-read in ReadNewsProfile() - debian/patches/CVE-2017-17912.patch: ReadNewsProfile() was allowing reading heap data beyond the allocated size. - CVE-2017-17912 * SECURITY UPDATE: Stack-based buffer over-read in WriteWEBPImage() - debian/patches/CVE-2017-17913-1.patch: Add some assertions to verify that the image pointer provided by libwebp is valid. - debian/patches/CVE-2017-17913-2.patch: Fix stack overflow with libwebp 0.5.0+ by disabling progress indication. - CVE-2017-17913 * SECURITY UPDATE: Heap-based buffer over-read in ReadMNGImage() - debian/patches/CVE-2017-17915.patch: Check range limit before accessing byte to avoid minor heap read overflow. - CVE-2017-17915 * SECURITY UPDATE: Allocation failure in ReadOnePNGImage() - debian/patches/CVE-2017-18219.patch: check MemoryResource before attempting to allocate ping_pixels array. - CVE-2017-18219 * SECURITY UPDATE: Allocation failure in ReadTIFFImage() - debian/patches/CVE-2017-18229.patch: Rationalize scanline, strip, and tile memory allocation requests based on file size. - CVE-2017-18229 * SECURITY UPDATE: Null pointer dereference in ReadCINEONImage() - debian/patches/CVE-2017-18230.patch: Validate scandata allocation. - CVE-2017-18230 * SECURITY UPDATE: Null pointer dereference in ReadEnhMetaFile() - debian/patches/CVE-2017-18231.patch: Verify pBits memory allocation. - CVE-2017-18231 Checksums-Sha1: fe12c2e6ec3d257c102ad1fe899486547a0e3432 3006410 graphicsmagick-dbg_1.3.23-1ubuntu0.6_armhf.deb 5a0439b218135fd7789092d9ec0bb2a6a38d2517 1292 graphicsmagick-dbgsym_1.3.23-1ubuntu0.6_armhf.ddeb 36b38616a5bcde93717b688db4d850af7412eccd 592074 graphicsmagick_1.3.23-1ubuntu0.6_armhf.deb 49b3f29a6d4967e9e5c45f38c1cac0a6d0337492 1288 libgraphics-magick-perl-dbgsym_1.3.23-1ubuntu0.6_armhf.ddeb d0000e9463a2d1264a4218030a137f62a2ac9e4d 49818 libgraphics-magick-perl_1.3.23-1ubuntu0.6_armhf.deb 87dc0a9391b34b0cf7ddefaf47f17b41404fc4eb 1256 libgraphicsmagick++-q16-12-dbgsym_1.3.23-1ubuntu0.6_armhf.ddeb 0ce17db0681dc686da84428dba77201168e434a5 87668 libgraphicsmagick++-q16-12_1.3.23-1ubuntu0.6_armhf.deb 9d640f4f91a153cce74625ef59c5099901d82e89 1264 libgraphicsmagick++1-dev-dbgsym_1.3.23-1ubuntu0.6_armhf.ddeb 9ed963eb231729c35d40fe80990ffb25d656596b 252272 libgraphicsmagick++1-dev_1.3.23-1ubuntu0.6_armhf.deb b84b3a9026405f7f32d46be123920909cd83e044 1248 libgraphicsmagick-q16-3-dbgsym_1.3.23-1ubuntu0.6_armhf.ddeb 067f5a33cb60db9ab9737e3cdc445b169f9513fc 1008972 libgraphicsmagick-q16-3_1.3.23-1ubuntu0.6_armhf.deb 436e5fc28929d19b65a3f2bbcaa36f5b8958162b 1256 libgraphicsmagick1-dev-dbgsym_1.3.23-1ubuntu0.6_armhf.ddeb 7107ce9fcfc2378ca422e72495655d9716359960 1232770 libgraphicsmagick1-dev_1.3.23-1ubuntu0.6_armhf.deb Checksums-Sha256: 0bb884bd91d32b0c57aec6ccaf8003a7593dcb6ab1d656f2908a9a000dd362f4 3006410 graphicsmagick-dbg_1.3.23-1ubuntu0.6_armhf.deb bba8a782bcab7cc42102a361984a8be26476bb9be3814b0fc3c8d4ea2f739f05 1292 graphicsmagick-dbgsym_1.3.23-1ubuntu0.6_armhf.ddeb 5734f67f0c609b832601854260335b6bbd3ea1643da1eb6f616b6d7bfc5a122d 592074 graphicsmagick_1.3.23-1ubuntu0.6_armhf.deb b30cb5e47feb645f08def65c28010ebbffefe895ccf2fcd9728aba2eb101b3c3 1288 libgraphics-magick-perl-dbgsym_1.3.23-1ubuntu0.6_armhf.ddeb 995a4573aaa3165fcad4529786a271adfb6212dc491dfc14f136106bdc99cecf 49818 libgraphics-magick-perl_1.3.23-1ubuntu0.6_armhf.deb 3ec66fc2990e58ae120c46133fe3c6eb17c0e45ea84f9388dafbbd8ca59aa828 1256 libgraphicsmagick++-q16-12-dbgsym_1.3.23-1ubuntu0.6_armhf.ddeb 5e46548f0cdc71602013f784af91758c5f8f122f9305469cd8a6e1515815e9c2 87668 libgraphicsmagick++-q16-12_1.3.23-1ubuntu0.6_armhf.deb 4b00ba878ae4bb0771d059534079b5dd6bd50a78d6804eb6ebf63c7adf675b14 1264 libgraphicsmagick++1-dev-dbgsym_1.3.23-1ubuntu0.6_armhf.ddeb 8f659dc8da2c25443a51f53dfda4482e785367faca72a1a4c9273b269b108f55 252272 libgraphicsmagick++1-dev_1.3.23-1ubuntu0.6_armhf.deb a91b50947a1db4833ceb9edbfb9c1050997c9eab9f445f7c80a8b235a7441b91 1248 libgraphicsmagick-q16-3-dbgsym_1.3.23-1ubuntu0.6_armhf.ddeb f02bca803b16da3c7695e75b85fd1221924b0507d617c4ca59f3cce76cf7cf85 1008972 libgraphicsmagick-q16-3_1.3.23-1ubuntu0.6_armhf.deb dbee6b55d4ab45463424380cb91e3948a82767a1f39443db0fcd82dca841268c 1256 libgraphicsmagick1-dev-dbgsym_1.3.23-1ubuntu0.6_armhf.ddeb 602b7fb2fe4f373fdbe24ed62cfad4831d0e2ddf0f4296f854f92aee02f06788 1232770 libgraphicsmagick1-dev_1.3.23-1ubuntu0.6_armhf.deb Files: 68ee147dac9cb0b30c9d3bf24ccb962f 3006410 debug extra graphicsmagick-dbg_1.3.23-1ubuntu0.6_armhf.deb ede79b25a1ddeb69610cf4bbec29f1a8 1292 graphics extra graphicsmagick-dbgsym_1.3.23-1ubuntu0.6_armhf.ddeb b9e5168487f5a096edb6efc0bf442821 592074 graphics optional graphicsmagick_1.3.23-1ubuntu0.6_armhf.deb e771feb58e936f2689e589dbd890c24b 1288 perl extra libgraphics-magick-perl-dbgsym_1.3.23-1ubuntu0.6_armhf.ddeb 98ceeca60d35d71ca8ff7c133c37daed 49818 perl optional libgraphics-magick-perl_1.3.23-1ubuntu0.6_armhf.deb 0a4cfc8ebbc2bffb872f9ab279e7837c 1256 libs extra libgraphicsmagick++-q16-12-dbgsym_1.3.23-1ubuntu0.6_armhf.ddeb bae1198aae7c50a681777ec52f8ff194 87668 libs optional libgraphicsmagick++-q16-12_1.3.23-1ubuntu0.6_armhf.deb b250d1e25f4fc6bff925b1cdfa06d82e 1264 libdevel extra libgraphicsmagick++1-dev-dbgsym_1.3.23-1ubuntu0.6_armhf.ddeb 43ff1c3c1bce99c53b6ab15282f46811 252272 libdevel optional libgraphicsmagick++1-dev_1.3.23-1ubuntu0.6_armhf.deb 57f1d33d86fa1127fe3a888255505645 1248 libs extra libgraphicsmagick-q16-3-dbgsym_1.3.23-1ubuntu0.6_armhf.ddeb 3d3dbd2e56ce2281af254b1f85b73965 1008972 libs optional libgraphicsmagick-q16-3_1.3.23-1ubuntu0.6_armhf.deb 1ae2e43006b1747b8dd175237db220e2 1256 libdevel extra libgraphicsmagick1-dev-dbgsym_1.3.23-1ubuntu0.6_armhf.ddeb 983b09ca9a5e8e011b451d1a03cb9952 1232770 libdevel optional libgraphicsmagick1-dev_1.3.23-1ubuntu0.6_armhf.deb Original-Maintainer: Laszlo Boszormenyi (GCS)