Debian Package Tracker

From: Markus Koschany <apo@debian.org>
To: <dispatch@tracker.debian.org> , <debian-lts-changes@lists.debian.org>
Subject: Accepted graphicsmagick 1.3.16-1.1+deb7u16 (source amd64 all) into oldoldstable
Date: Mon, 08 Jan 2018 12:40:29 +0000
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 08 Jan 2018 12:37:44 +0100
Source: graphicsmagick
Binary: graphicsmagick libgraphicsmagick3 libgraphicsmagick1-dev libgraphicsmagick++3 libgraphicsmagick++1-dev libgraphics-magick-perl graphicsmagick-imagemagick-compat graphicsmagick-libmagick-dev-compat graphicsmagick-dbg
Architecture: source amd64 all
Version: 1.3.16-1.1+deb7u16
Distribution: wheezy-security
Urgency: high
Maintainer: Daniel Kobras <kobras@debian.org>
Changed-By: Markus Koschany <apo@debian.org>
Description: 
 graphicsmagick - collection of image processing tools
 graphicsmagick-dbg - format-independent image processing - debugging symbols
 graphicsmagick-imagemagick-compat - image processing tools providing ImageMagick interface
 graphicsmagick-libmagick-dev-compat - image processing libraries providing ImageMagick interface
 libgraphics-magick-perl - format-independent image processing - perl interface
 libgraphicsmagick++1-dev - format-independent image processing - C++ development files
 libgraphicsmagick++3 - format-independent image processing - C++ shared library
 libgraphicsmagick1-dev - format-independent image processing - C development files
 libgraphicsmagick3 - format-independent image processing - C shared library
Changes: 
 graphicsmagick (1.3.16-1.1+deb7u16) wheezy-security; urgency=high
 .
   * Non-maintainer upload by the LTS team.
   * Fix CVE-2017-17498: A vulnerability in coders/pnm.c allows remote
     attackers to cause a denial of service or possibly have unspecified other
     impact via a crafted file.
   * Fix CVE-2017-17500: heap-based buffer over-read in coders/rgb.c via a
     crafted file
   * Fix CVE-2017-17501: heap-based buffer over-read in coders/png.c via a
     crafted file.
   * Fix CVE-2017-17502: heap-based buffer over-read in coders/cmyk.c via a
     crafted file.
   * Fix CVE-2017-17503: heap-based buffer over-read in coders/gray.c via a
     crafted file.
   * Fix CVE-2017-17782: heap-based buffer over-read in coders/png.c via a
     crafted file due to a read one byte beyond the oFFs chunk allocation size.
   * Fix CVE-2017-17912: heap-based buffer over-read in ReadNewsProfile in
     coders/tiff.c, in which LocaleNCompare reads heap data beyond the allocated
     region.
   * Fix CVE-2017-17915: heap-based buffer over-read in ReadMNGImage in
     coders/png.c, related to accessing one byte before testing whether a limit
     has been reached.
Checksums-Sha1: 
 291157b39ec79fedc5dd468dbc0e30a735e51214 2914 graphicsmagick_1.3.16-1.1+deb7u16.dsc
 49e65f002cbe08f9a25f724a320527237a139a55 176060 graphicsmagick_1.3.16-1.1+deb7u16.debian.tar.xz
 498046e0a7b566c98c4b103268bd8fe55dc2df90 1034228 graphicsmagick_1.3.16-1.1+deb7u16_amd64.deb
 df72d67a0f392d0aa735f0714cbc12388036a43f 1328276 libgraphicsmagick3_1.3.16-1.1+deb7u16_amd64.deb
 98b0978cd9f14a0cf4120edb81e61ea54bbd9bbf 1825286 libgraphicsmagick1-dev_1.3.16-1.1+deb7u16_amd64.deb
 67d16e3b1f74108c62385796ba46279a9247c02c 156444 libgraphicsmagick++3_1.3.16-1.1+deb7u16_amd64.deb
 a8f1e71c1f54695efca30cbb59e3ad179769130f 409786 libgraphicsmagick++1-dev_1.3.16-1.1+deb7u16_amd64.deb
 025a4c27ac56319b7e1413c0ac9c2ef8ec9b617f 85466 libgraphics-magick-perl_1.3.16-1.1+deb7u16_amd64.deb
 180eaf9aa32bf90847e157f2d1a897760d66a287 3272316 graphicsmagick-dbg_1.3.16-1.1+deb7u16_amd64.deb
 b327456d0b99fe6882bacd7a6443761cd4f17e6d 19600 graphicsmagick-imagemagick-compat_1.3.16-1.1+deb7u16_all.deb
 4df6254a3257667a32937feb2700d5ab6c35114a 22554 graphicsmagick-libmagick-dev-compat_1.3.16-1.1+deb7u16_all.deb
Checksums-Sha256: 
 4fdce37a4c985f0a82fd542639627a3b1463ec6547c5c7103eebd4c72a6fed4f 2914 graphicsmagick_1.3.16-1.1+deb7u16.dsc
 6b15e2d8ed8cda346e73450888434c4ebcabf517e7b20e75e45d02692a8c82d7 176060 graphicsmagick_1.3.16-1.1+deb7u16.debian.tar.xz
 ac6b8ee051ec812fee36c6155ae6826aed35c338ab836aec689dde9bfc4d78dc 1034228 graphicsmagick_1.3.16-1.1+deb7u16_amd64.deb
 a4e9f26bc59685fb4a71328adf89f80669bb3fcd56feb71d5c2a782fdbb47469 1328276 libgraphicsmagick3_1.3.16-1.1+deb7u16_amd64.deb
 510b33e5592fa6f65ac0c4683594845fbfc6943896fea0c048ba3a91ad3e57d2 1825286 libgraphicsmagick1-dev_1.3.16-1.1+deb7u16_amd64.deb
 6486840392ad8430f4c247a1e6a3d72bbd31bf63a5def247b667807ca84258b7 156444 libgraphicsmagick++3_1.3.16-1.1+deb7u16_amd64.deb
 7c1faac4bcb3c9316b3fb048b224505808adaf6c6083ebc0c8cc6b22d101f4e5 409786 libgraphicsmagick++1-dev_1.3.16-1.1+deb7u16_amd64.deb
 18fc2ad3f3fe2165064770e275f4ee4abf2b327a71bb48d0c6e5fc7e44cf3901 85466 libgraphics-magick-perl_1.3.16-1.1+deb7u16_amd64.deb
 dd1afbce1c78738d323fb128366be1fb5ad71794a1078695ffe61d439bea7d65 3272316 graphicsmagick-dbg_1.3.16-1.1+deb7u16_amd64.deb
 317f2f7bfe0766715cbcb88ccf8817738cc7931f3552f51fcd69f6cd09477a0c 19600 graphicsmagick-imagemagick-compat_1.3.16-1.1+deb7u16_all.deb
 6761b8507051ee007ab13bfe17ef11007c565412819ce7c46b1c7128c59f4a9e 22554 graphicsmagick-libmagick-dev-compat_1.3.16-1.1+deb7u16_all.deb
Files: 
 c1860cc427c7e855175e1d78072e495d 2914 graphics optional graphicsmagick_1.3.16-1.1+deb7u16.dsc
 b826177a020cd80acdb492af3ad725ee 176060 graphics optional graphicsmagick_1.3.16-1.1+deb7u16.debian.tar.xz
 94df0e006e5a2d281405d730f57b4098 1034228 graphics optional graphicsmagick_1.3.16-1.1+deb7u16_amd64.deb
 3cb90c5bb8c9dd1c7a6d963d208d4038 1328276 libs optional libgraphicsmagick3_1.3.16-1.1+deb7u16_amd64.deb
 be3797342f11f6037d5b61860ca07fce 1825286 libdevel optional libgraphicsmagick1-dev_1.3.16-1.1+deb7u16_amd64.deb
 16be9752bb233055c4a775eeea8152b5 156444 libs optional libgraphicsmagick++3_1.3.16-1.1+deb7u16_amd64.deb
 9cd27b2f3ca7e15ec54bebaeb3066264 409786 libdevel optional libgraphicsmagick++1-dev_1.3.16-1.1+deb7u16_amd64.deb
 450e2e488af1679fcbdd98259e7441c1 85466 perl optional libgraphics-magick-perl_1.3.16-1.1+deb7u16_amd64.deb
 8ea9518fb1b8886adbd90699f9bfc271 3272316 debug extra graphicsmagick-dbg_1.3.16-1.1+deb7u16_amd64.deb
 02c91f887fb945d6862a74bf3c129e70 19600 graphics extra graphicsmagick-imagemagick-compat_1.3.16-1.1+deb7u16_all.deb
 ed777c9a845a7ae5716893c18edcc823 22554 graphics extra graphicsmagick-libmagick-dev-compat_1.3.16-1.1+deb7u16_all.deb

-----BEGIN PGP SIGNATURE-----

iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAlpTYkBfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp
YW4ub3JnAAoJENmtFLlRO1HkAa0P/0ZwIzj6Ig+K2iCmr9DtaAIwjss7Lwo6Ygmq
bNokwfxxUGgWBNg2hElNpLGny6LXbJIsPYP/tT/piAHF3Px9oJwTmi15ls9kxscD
VlYuGIClBtrevI5/de0IKGG/Z4+4PTnMN6TloqGnsvk2rnJezfGE/VrtxZccya4Z
q76xE73WOgTy8tcwCK/yBhiT0abcO9OQCNOvvWadAJYxMYnyKArCPEqVhbTy6Tlr
IJJ9VPFoPeMs5xbk0UMMXWdcpmV/cbnQrPq3URy/JmI4Sh/azc+P6krwwRo05MP5
j6kiXa2jfpbXzwJBDVRmZBFAtGybg1ed6/9CcrlXyzu0JwoNlcbSQq7h07vk41sg
ZGBQev5TLsghJo6CEiC/OG7yinHtCfn19dpVRaNBzw44WccVQlod2rJOfbRTaCWN
tUR1OkcSv1/SgnhbneNMWlKtjVwgAhYIF+4lWtBUOA5Nzj4DYnknMwW+mY73qe+z
0j68jXRxSnegP5mOsLBIKYXkfLhXks9GpSVr1/mxA3was04vttTUKms4zUaP3Pyl
+AYELhd502WhHr3rBckMP3V1eIpEWv7Q9G/3lObZGG3zO0yooAopxAHpKoJFQ+4T
m2Q1hXmxXuIdSNzrpbLYfA/kQlqlxBgRfHQwy5E5Iz2nXqZsKy8ov/pXjr4bGPt0
1fFJzguo
=jlfg
-----END PGP SIGNATURE-----
News for package graphicsmagick
