Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-devel-changes@lists.debian.org>
Subject: Accepted graphicsmagick 1.4+really1.3.36-1 (source) into unstable
Date: Sun, 27 Dec 2020 08:15:28 +0000
Signed by: Laszlo Boszormenyi <gcs@debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 27 Dec 2020 07:44:36 +0100
Source: graphicsmagick
Architecture: source
Version: 1.4+really1.3.36-1
Distribution: unstable
Urgency: high
Maintainer: Laszlo Boszormenyi (GCS) <gcs@debian.org>
Changed-By: Laszlo Boszormenyi (GCS) <gcs@debian.org>
Changes:
 graphicsmagick (1.4+really1.3.36-1) unstable; urgency=high
 .
   * New upstream release, fixing the following security issues:
     - update almost all of the remaining coders to use the resource-limited
       memory allocator,
     - ReadMPCImage(): heap-buffer-overflow read,
     - EdgeImage(): fix null pointer dereference if edge image failed to be
       created,
     - CompareImageCommand() and CompositeImageCommand(): fix memory leaks when
       an input image failed to be read,
     - fix several null pointer dereference if an image failed to be created,
     - Classify(): remove variables from function global scope that don't need
       outer scope,
     - ReadMIFFImage() and ReadMPCImage(): arbitrarily limit the number of
       header keywords to avoid DOS attempts.
Checksums-Sha1:
 71b815b5c7ee82963f0217e415f8997daf4e7974 2896 graphicsmagick_1.4+really1.3.36-1.dsc
 df45052bf485407ad4fb7d3b9b305d3e5ebb14e5 5600712 graphicsmagick_1.4+really1.3.36.orig.tar.xz
 a0ff9783dd856056e28a999773fb29e83f1091e7 147276 graphicsmagick_1.4+really1.3.36-1.debian.tar.xz
Checksums-Sha256:
 f6efb0de8d246c64eef00d6684854bb3a3c683795ad5cce2cd5022fa9c19f5fc 2896 graphicsmagick_1.4+really1.3.36-1.dsc
 5d5b3fde759cdfc307aaf21df9ebd8c752e3f088bb051dd5df8aac7ba7338f46 5600712 graphicsmagick_1.4+really1.3.36.orig.tar.xz
 8d3d4043a6ce0404f667d5cb3d530957f380739e964fda4e5085057b459ba93c 147276 graphicsmagick_1.4+really1.3.36-1.debian.tar.xz
Files:
 bf47297af0e2e0030b6cc0e06e762189 2896 graphics optional graphicsmagick_1.4+really1.3.36-1.dsc
 3e936b42fd46fb460016f91c1a239e33 5600712 graphics optional graphicsmagick_1.4+really1.3.36.orig.tar.xz
 b154dfdb1fdc09006fa14a01ace3654e 147276 graphics optional graphicsmagick_1.4+really1.3.36-1.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEfYh9yLp7u6e4NeO63OMQ54ZMyL8FAl/oOqcACgkQ3OMQ54ZM
yL83pw/+JnBTBXpqf8WQMuGHJpe+HUgx/CJSxZAdDdTVgNpFqDNjZabutVSKWxlH
yTEQ75dNti66+DHJTZ3RX/l84s5A/4OIE+Z89Z1BdJIiF8fGLUsZ/UaK4FkgNgvo
l9N1pftqXQs4+5fr6sYgnwKGAq4NMoBQrLvuqVx4W9RAcz0qDrdqGOJ/OGDGMcXb
1uEt53Fun/oi2k2NgVA9VynVQiVx7qQir+LQy3H+0XIMj3YwQjind8LXGxbitXMO
Vox0KLjq29NozmUW0Cn/yVTkRl/pczD9lDvafjkbmBjtBGaibWyvwB9U15fL+rHT
BY0hUAFOHdv+2slBiNls3fxReJDe187BmxGItxw1RQaomvIIlqoMc6GvHCgHXBx5
glKdK6+NV6sDbiSnLep4wveid39U/XsINfGPvATbK7kbsZ9wRpX9lpmmV3aBrTOr
kS2vOcPvf9TcZS7IG+F5e+FvEPYr2QG6Nb/M9ccb1TT9wUyXxRvoIpuTjHMnscTp
ddye+BiIhxVq/SRZ8QlZpvzJkCJR6TcPyrmSqOtfz1qT3TjaIejh/TRR9nTbq81G
ei6kVC05JqpDY4mA5L1uJ164xS+cp5kyGtHqFKqW2IcafqfkcsyRu5gYw7OBYwAL
7QA36sy9C7PbkfO7+gDB7kTCQWPVo7XB8q6oTiPB6PScW2+7QmE=
=vvek
-----END PGP SIGNATURE-----

News for package graphicsmagick