Accepted graphicsmagick 1.1.7-13 (source)

Ubuntu Installer archive at ubuntu.com
Wed Mar 14 10:03:44 GMT 2007 

Accepted:
 OK: graphicsmagick_1.1.7-13.dsc
     -> Component: universe Section: graphics
 OK: graphicsmagick_1.1.7-13.diff.gz

Origin: Debian/unstable
Format: 1.7
Date: Wed,  14 Mar 2007 09:55:42 +0000
Source: graphicsmagick
Binary: graphicsmagick-imagemagick-compat, libgraphicsmagick++1, graphicsmagick-libmagick-dev-compat, libgraphics-magick-perl, libgraphicsmagick1-dev, libgraphicsmagick++1-dev, graphicsmagick, libgraphicsmagick1, graphicsmagick-dbg
Architecture: source
Version: 1.1.7-13
Distribution: feisty
Urgency: high
Maintainer: Daniel Kobras <kobras at debian.org>
Changed-By: Michael Bienia <michael at vorlon.ping.de>
Description: 
 graphicsmagick - collection of image processing tools
Closes: 390501 407464 413031 413032 413034 413035 413036 413037 413038 413039 413040 414057 414058 414059
Changes: 
 graphicsmagick (1.1.7-13) unstable; urgency=high
 .
   * The following problems were found thanks to numerous testcases provided
     by Sami Liedes:
     + coders/pcx.c: Fix heap overflow vulnerability of scanline array
       with user-supplied input. Closes: #413034
       Also adds error checks and caps maximum number of colours to prevent
       segfaults with further testcases. Closes: #414058
     + coders/pict.c: Fix integer overflow to prevent overflowing a
       heap buffer with user-supplied input. Closes: #413036
       Validate header information to prevent segfaults with further
       testcases. Closes: #414059
     + coders/xwd.c: Check image data more strictly before passing it on to
       XGetPixel() to circumvent buffer overflow in libX11. Closes: #413040
     + Fix various segfaults with corrupt image data due to insufficient
       validation of return values from SeekBlob(). None of these are
       currently known to allow code injection.
       - coders/bmp.c: Add error checks to SeekBlob() calls. Closes: #413031
       - coders/cineon.c: Likewise. Closes: #413038
       - coders/icon.c: Likewise. Closes: #413032
                        Extend validation checks to prevent segfaults with
                        further testcases. Closes: #414057
       - magick/blob.c: Increase robustness of function ReadBlobStream() to
         mitigate the impact of missing error checks on SeekBlob() calls.
     + coders/png.c: Fix NULL pointer dereference due to insufficient
       validation of image data. Closes: #413035
     + coders/pnm.c: Fix segfault on out-of-bounds read access due to
       insufficient validation of image data. Closes: #413037
     + coders/sun.c: Fix segfaults on out-of-bounds read access due to
       insufficient validation of image data. Closes: #413039
   * utilities/miff.4: Trim name section of man page, and move overlong
     line to description. Closes: #390501
   * debian/graphicsmagick.menu: Show logo on startup from menu, rather
     than quitting immediately. Thanks Justin B. Rye. Closes: #407464
Files: 
 62c16dd1a966cc3703d939e5e631e578 1089 graphics optional graphicsmagick_1.1.7-13.dsc
 34b11738f6ec597cefd284aa17e56728 47181 graphics optional graphicsmagick_1.1.7-13.diff.gz

More information about the feisty-changes mailing list