-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Sun, 30 Jul 2017 18:47:55 +0000 Source: graphicsmagick Binary: graphicsmagick libgraphicsmagick-q16-3 libgraphicsmagick1-dev libgraphicsmagick++-q16-12 libgraphicsmagick++1-dev libgraphics-magick-perl graphicsmagick-imagemagick-compat graphicsmagick-libmagick-dev-compat graphicsmagick-dbg Architecture: source amd64 all Version: 1.3.26-4 Distribution: unstable Urgency: high Maintainer: Laszlo Boszormenyi (GCS) <gcs@debian.org> Changed-By: Laszlo Boszormenyi (GCS) <gcs@debian.org> Description: graphicsmagick - collection of image processing tools graphicsmagick-dbg - format-independent image processing - debugging symbols graphicsmagick-imagemagick-compat - image processing tools providing ImageMagick interface graphicsmagick-libmagick-dev-compat - image processing libraries providing ImageMagick interface libgraphics-magick-perl - format-independent image processing - perl interface libgraphicsmagick++-q16-12 - format-independent image processing - C++ shared library libgraphicsmagick++1-dev - format-independent image processing - C++ development files libgraphicsmagick-q16-3 - format-independent image processing - C shared library libgraphicsmagick1-dev - format-independent image processing - C development files Closes: 870149 870153 870154 870155 870156 870157 870158 Changes: graphicsmagick (1.3.26-4) unstable; urgency=high . * Fix CVE-2017-11643: heap overflow in the WriteCMYKImage() function (closes: #870157). * Fix CVE-2017-11636: heap overflow in the WriteRGBImage() function (closes: #870149). * Fix CVE-2017-11638 and CVE-2017-11642: null pointer dereference or SEGV if input is not colormapped (closes: #870154, #870156). * Fix CVE-2017-11641: memory leak while writing Magick Persistent Cache format (closes: #870155). * Fix CVE-2017-11637: NULL pointer dereference in the WritePCLImage() function (closes: #870153). * Fix CVE-2017-11722: denial of service via a crafted file (closes: #870158). * Remove autotools-dev and dh-autoreconf build dependencies. Checksums-Sha1: 12e0f95b125eae52b333c32e664dd9e8dc52218c 2774 graphicsmagick_1.3.26-4.dsc 3726682e10dc66b9ad2500325bd4f5ba26273978 146100 graphicsmagick_1.3.26-4.debian.tar.xz 03c317e36a0eb1a85cdc66bf3cb7fafe840300fc 3174116 graphicsmagick-dbg_1.3.26-4_amd64.deb a892530e1388be13d210f95fdb929a0ceadefa30 23074 graphicsmagick-imagemagick-compat_1.3.26-4_all.deb f15eff5b82863ade94a99baa2a318e2426c83c3d 26512 graphicsmagick-libmagick-dev-compat_1.3.26-4_all.deb d8e16c9f2c853900872093238871802daed0675a 11432 graphicsmagick_1.3.26-4_amd64.buildinfo 00b8817973e63c337a976142c04614feaae9acab 864292 graphicsmagick_1.3.26-4_amd64.deb 206fc93bf28410553bb82c695ccd82aa69a5ae1c 70034 libgraphics-magick-perl_1.3.26-4_amd64.deb f53ab3a21c129f864ab17b6440a194ee0968dde4 117526 libgraphicsmagick++-q16-12_1.3.26-4_amd64.deb 8d79e892c40d0f0ab4d66acc55f9bd4d04e963bf 302300 libgraphicsmagick++1-dev_1.3.26-4_amd64.deb 0d4e0e577100b275e7bcc7ee3e3cb3bdc08ce647 1112214 libgraphicsmagick-q16-3_1.3.26-4_amd64.deb 514c8fd92ba327e628462d9a4e2cf935ea0d36ec 1334842 libgraphicsmagick1-dev_1.3.26-4_amd64.deb Checksums-Sha256: c62cd077bd3e39fbc964bea3b46fa5b4ccf0468545c0a115a8f596651f375c14 2774 graphicsmagick_1.3.26-4.dsc 6645c18f68a27053bdb8bce2f147320541c085e15ae0e147828a648d2e30c18e 146100 graphicsmagick_1.3.26-4.debian.tar.xz c5af28a0721c4f26fbb23c1e127d888ce7e58ee6b8bbf111a15ca97b80bf8093 3174116 graphicsmagick-dbg_1.3.26-4_amd64.deb 07d273efe9e4a381af7641ebd6d9a2342444b3dde1fe87e0d03599cfbff4e818 23074 graphicsmagick-imagemagick-compat_1.3.26-4_all.deb 07e70a7c941f56336a075aa111a55e378b16955823aca2d96842596fb12feecb 26512 graphicsmagick-libmagick-dev-compat_1.3.26-4_all.deb be5aa5e91debeceae2a77409043be70686285e245ee477ee3dc43493b420e997 11432 graphicsmagick_1.3.26-4_amd64.buildinfo bfc1ee0365f195e20d4d108d390dfad8d5ee5e77ff93dca1923fcccf13c01cf9 864292 graphicsmagick_1.3.26-4_amd64.deb c252e0cb6a4b421e8bf9661462969ad34fec32201be91d2cd6e4160780236535 70034 libgraphics-magick-perl_1.3.26-4_amd64.deb e4dab6dd7a606d33d9349306cf13092afe8b5eabee0a6f96473ba71f0d02a57c 117526 libgraphicsmagick++-q16-12_1.3.26-4_amd64.deb f0ebd80d7836bbb7f00eb2e44e71d8e809c489180166076475d48c83633bc32f 302300 libgraphicsmagick++1-dev_1.3.26-4_amd64.deb 4c8c4ec4c415ad69e0ccdd87cd151abbf88538f8d59b4f230a63eaa615a01020 1112214 libgraphicsmagick-q16-3_1.3.26-4_amd64.deb 72ebfdd8358a1b2ff0df7949bf3a18b8857b41ba22775ed23884b6ffa9e1c166 1334842 libgraphicsmagick1-dev_1.3.26-4_amd64.deb Files: 5dac87409dedd003328fc4fb1925e10d 2774 graphics optional graphicsmagick_1.3.26-4.dsc 4421b266e5a9932a93c16c38dec3c96d 146100 graphics optional graphicsmagick_1.3.26-4.debian.tar.xz df1c42b55a600b604868ba42ac6f322b 3174116 debug extra graphicsmagick-dbg_1.3.26-4_amd64.deb 4e418ea3fc373ac9c9f6ce4b5e7151c1 23074 graphics extra graphicsmagick-imagemagick-compat_1.3.26-4_all.deb 18bfb5fa56d5810dc2fa561fff581234 26512 graphics extra graphicsmagick-libmagick-dev-compat_1.3.26-4_all.deb a5d1061fbee9c1d68bd8c2ac47f7b32d 11432 graphics optional graphicsmagick_1.3.26-4_amd64.buildinfo 1496eacdf31e9362b70792e5990e7ece 864292 graphics optional graphicsmagick_1.3.26-4_amd64.deb f77f01aab175d563fd13e6f01e2e30d8 70034 perl optional libgraphics-magick-perl_1.3.26-4_amd64.deb d0b18c9529afa2840ad489dca8514da6 117526 libs optional libgraphicsmagick++-q16-12_1.3.26-4_amd64.deb 7891e1a8d370a56970a13e3565a90d68 302300 libdevel optional libgraphicsmagick++1-dev_1.3.26-4_amd64.deb 2755e409c5da7b88894cfc8a4d97a7b5 1112214 libs optional libgraphicsmagick-q16-3_1.3.26-4_amd64.deb 127b354307dbe71c7f214d5b12ff2605 1334842 libdevel optional libgraphicsmagick1-dev_1.3.26-4_amd64.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEfYh9yLp7u6e4NeO63OMQ54ZMyL8FAll+Rl0ACgkQ3OMQ54ZM yL/QXA//Z7NajGCqQg1njS7lXpTm5Y4U+AfOpzI+6WhxuTKjcp89rrmpN/ZLJdt8 ksiPHHPseEJVRlqv6YwTlzXPz08ZRRDwz0GRHRQudze2bvPI9wwAKgzAlX84LUx6 4eyM9oK1f6QwpyFiXz81cybT4sHrzbA2BEAld2bgG9/j8xKak6yVOCana/1rtOiG EPPLqg5+TNd2dp7gWFkS3FDnTqugHzTIjdsxSe0BeGZrL/czSWhxDK5kBHAgLPOS UaZ3/fSDcjZDOMDKY6vB9dZxtwtH9Qz/j07CJWZAifo9TkfwGibIDRrZrrPcgNMb UNHBWC/dxgT/LmVp7ZvPUDjbIB7gAu3xaq3aIlzbRdw7JIrRjxQp2kFsvRGI5icG bk/HyU/R2DcScJF9wYcRTxlJVtC2TyNnb6IaM2Y2fIKjnVGyv//pFDhvaJ0xaDdp T3HmbFPN3/8JK+01L3UsQG1rd2nNvjAI4R9rGA2lFSvbKi4ZTWUnKLTzcBbGzh9o 82H8yOU+OQykTJp1i5z2w3m7sT1EODnNTugyWsvlgW4YVAno4pTozA6tQE57VGlH dFa53drROTxmqaFmpk1+nNz0quEvuSQqpz7w/YT9B/wxseTF4Jg+d1WFpPdElhba 5XiRTp1s8e2yrYhrdJKUwmngzBi/qMkYFkrW8VmJ4u085ZOtjE0= =QBaD -----END PGP SIGNATURE-----