Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-devel-changes@lists.debian.org>
Subject: Accepted graphicsmagick 1.4+really1.3.35+hg16344-1 (source) into unstable
Date: Sun, 11 Oct 2020 17:35:46 +0000
Signed by: Laszlo Boszormenyi <gcs@debian.org>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 11 Oct 2020 18:16:39 +0200
Source: graphicsmagick
Architecture: source
Version: 1.4+really1.3.35+hg16344-1
Distribution: unstable
Urgency: high
Maintainer: Laszlo Boszormenyi (GCS) <gcs@debian.org>
Changed-By: Laszlo Boszormenyi (GCS) <gcs@debian.org>
Changes:
 graphicsmagick (1.4+really1.3.35+hg16344-1) unstable; urgency=high
 .
   * Mercurial snapshot, fixing the following security issues:
     - integer overflow in DrawImage() ,
     - stack-overflow due to DrawImage() / DrawClipPath() recursion,
     - fix UBSAN integer overflow warning in MagickXVisualColormapSize() ,
     - ExtractTokensBetweenPushPop(): verify that the expected/required pop
       statement is indeed found,
     - DrawImage(): handle the case that ExtractTokensBetweenPushPop() can
       return NULL,
     - ReadTIFFImage(): apply the same resource limits to TIFF tile sizes as
       apply to the image itself,
     - GetImageBoundingBox(): MagickTrimImage() with extreme fuzz can produce
       image with negative width,
     - ReadTIFFImage(): ignore corrupt whitepoint and primary chromaticities
       tags,
     - ResizeImage(): if CloneImage() of resize_image to source_image fails
       then free source_image allocation before returning in order to prevent
       memory leak,
     - CloneImage(): free clone_image allocation if ImgExtra allocation fails
       in order to prevent memory leak.
   * Remove unsafe quotes from mailcap entries.
Checksums-Sha1:
 8d6a1ae55b186d44b80825ed9b09a0a36503aac6 2952 graphicsmagick_1.4+really1.3.35+hg16344-1.dsc
 31e17e9ddd0a180322336c5dfcf53bff1e0c8427 5562556 graphicsmagick_1.4+really1.3.35+hg16344.orig.tar.xz
 143eb54d478a0397396cad369a8e832bd53f6d9f 146296 graphicsmagick_1.4+really1.3.35+hg16344-1.debian.tar.xz
Checksums-Sha256:
 0dd214691c9cc7a03566b8b8b712918439ece25903d78c95fb577d44d55e770c 2952 graphicsmagick_1.4+really1.3.35+hg16344-1.dsc
 6f5387314fb12cbd9ec90fa7864f494929236288554f71ba75458f6dfb95cd74 5562556 graphicsmagick_1.4+really1.3.35+hg16344.orig.tar.xz
 c0d3c410e828b65407ef5f9a5656ed62dcd8c5c5b5e62ea884bbbd7a563fafab 146296 graphicsmagick_1.4+really1.3.35+hg16344-1.debian.tar.xz
Files:
 0b352e2720e7e7fc4fd7b7670190d9ed 2952 graphics optional graphicsmagick_1.4+really1.3.35+hg16344-1.dsc
 dce06ff870f26839933c3902cb988214 5562556 graphics optional graphicsmagick_1.4+really1.3.35+hg16344.orig.tar.xz
 992555b52742126575f43584e587e473 146296 graphics optional graphicsmagick_1.4+really1.3.35+hg16344-1.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEfYh9yLp7u6e4NeO63OMQ54ZMyL8FAl+DPNcACgkQ3OMQ54ZM
yL//SBAApD5mhxv3Y0i39r85oxK7l5CBMyMpJyvmxZSGFgL1hcxy4IfLxJwpfnU/
a0+hJwZ43qm7ja0sAaX/hnYwSksNd9beffWuGsA+hDNJfmhRKFcKCT34i1xIlkDX
AR4ZZ6WnORrZfQJtD/e6H34tjqq2Jf6DitW4L7HeCSYj2cp10OFz/KZIwkQfr0mv
fT4U2+jDPIdl6vsV6C/SWtBbhGh0b4uMqvClMAbmpYYQrutIAzfTbWHn5s/BYU+9
aq4nOqGBvvHUq3dfWUqg6uOMWN4r+hz0UE2p5iR1hLxCxlSO3FD5GgicQJxj1EWB
X7M40U9n+Vo51/WHMhHNG6yAyxsnLGbYha9V5PdtCtk5BHVtIim14xOC4QCejYDX
ci2tW+vXbAyLCb4GgDlXy8dr6a/jYWwh7yBbxuEnsCRAAAtn5le+09TcFhkaX3P6
nmR5YeEiUmje39Jcq31+u0ocSigAlM8xd/JyIkhNaZFqL190blzSL+h3+nAVDZTC
IjoeKUFl4DM40bcVd4sii8eBAt8LtllGqKjnLlF+6yGKynCC9ydwCRe9WDNHDjoF
mUisUWs5/pZI2LriMBz08tCZlW1MiJXCrUX/IX4DuxeZHzcotCFCwcnr9S1hAaiO
Kpo/128V7EEa0dwOeodEajDPgpARFSOh0voF33sMo4HXNqzFtJc=
=5kta
-----END PGP SIGNATURE-----
News for package graphicsmagick
