-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Sat, 20 Jan 2018 20:19:29 +0000 Source: graphicsmagick Binary: graphicsmagick libgraphicsmagick-q16-3 libgraphicsmagick1-dev libgraphicsmagick++-q16-12 libgraphicsmagick++1-dev libgraphics-magick-perl graphicsmagick-imagemagick-compat graphicsmagick-libmagick-dev-compat graphicsmagick-dbg Architecture: source amd64 all Version: 1.3.28-1 Distribution: unstable Urgency: high Maintainer: Laszlo Boszormenyi (GCS) <gcs@debian.org> Changed-By: Laszlo Boszormenyi (GCS) <gcs@debian.org> Description: graphicsmagick - collection of image processing tools graphicsmagick-dbg - format-independent image processing - debugging symbols graphicsmagick-imagemagick-compat - image processing tools providing ImageMagick interface graphicsmagick-libmagick-dev-compat - image processing libraries providing ImageMagick interface libgraphics-magick-perl - format-independent image processing - perl interface libgraphicsmagick++-q16-12 - format-independent image processing - C++ shared library libgraphicsmagick++1-dev - format-independent image processing - C++ development files libgraphicsmagick-q16-3 - format-independent image processing - C shared library libgraphicsmagick1-dev - format-independent image processing - C development files Changes: graphicsmagick (1.3.28-1) unstable; urgency=high . * New upstream release, fixing the following security issues among others: - BMP: Fix non-terminal loop due to unexpected bit-field mask value (DOS opportunity), - PALM: Fix heap buffer underflow in builds with QuantumDepth=8, - SetNexus() Fix heap overwrite under certain conditions due to using a wrong destination buffer, - TIFF: Fix heap buffer read overflow in LocaleNCompare() when parsing NEWS profile. * Remove previously backported security patches. Checksums-Sha1: 2f94f580b3f894209c63c9aa25ea010fa0c1d37c 2797 graphicsmagick_1.3.28-1.dsc f72a8f3f6de27990612ee3e713b2fece1ad898ac 5416660 graphicsmagick_1.3.28.orig.tar.xz 383400f121bc2e431eadda77a99662d9041bdaf7 140144 graphicsmagick_1.3.28-1.debian.tar.xz 2e0ca1932a3892272dc9a10c865a8f6736febb39 3183404 graphicsmagick-dbg_1.3.28-1_amd64.deb 5edff0583f4574c82599dcb08777bfaccd44f67e 21736 graphicsmagick-imagemagick-compat_1.3.28-1_all.deb be5a72304e81e7d14ca876caa6722ebb27f708d3 25168 graphicsmagick-libmagick-dev-compat_1.3.28-1_all.deb dd22d66fcec395fa047e6e3305e2fc0d189c4c13 11434 graphicsmagick_1.3.28-1_amd64.buildinfo 7297b2163bdb3c2f68f27747dc76674eb2db8fc1 874640 graphicsmagick_1.3.28-1_amd64.deb c5efb9a92c0419950ec05aa518b50f8e64b04bcf 68424 libgraphics-magick-perl_1.3.28-1_amd64.deb b12b685a6f9633e8c78b2d68ccb5a70fdb82f159 116172 libgraphicsmagick++-q16-12_1.3.28-1_amd64.deb 4448732c0860e6329b99d1a8c11dcc3c3354346a 300700 libgraphicsmagick++1-dev_1.3.28-1_amd64.deb a285ca88e597566ceeac25b1ff9136153c087783 1116048 libgraphicsmagick-q16-3_1.3.28-1_amd64.deb c5047d5b88dac21eb36ea5e729c74fbe8f252ff9 1340680 libgraphicsmagick1-dev_1.3.28-1_amd64.deb Checksums-Sha256: 35420bb9643081d138d09fbb9a164868d3b5e8e70065f9e9b9d7493afb86a15d 2797 graphicsmagick_1.3.28-1.dsc 942a68a9a8a5af6f682b896fd4f0ad617d8b49907e474acfe59549956bcc994a 5416660 graphicsmagick_1.3.28.orig.tar.xz 0288c641e46d393b548520488e0c64a71fe34a490cd60be7c57870249394758f 140144 graphicsmagick_1.3.28-1.debian.tar.xz 2767126901ce9a4ba5bd280f28aee0b43488808f7443b4d9bb6adf60e7ea3f38 3183404 graphicsmagick-dbg_1.3.28-1_amd64.deb c77fefc24c87044540e0a503e2fc36ac1987b32d4773ee8571b2807a78e30abb 21736 graphicsmagick-imagemagick-compat_1.3.28-1_all.deb dc0d2f1c23a5c423df1b69e19823362bdf3728a41a061d98a3f225a2c540b203 25168 graphicsmagick-libmagick-dev-compat_1.3.28-1_all.deb 3f658568deb79e47c53add27a2add9ca8048d72163ef7162ff683897c86eb273 11434 graphicsmagick_1.3.28-1_amd64.buildinfo 8fee0592afff55a86fa9aa75e08daa4304dbf0a9072a09042709fdde1025b6e4 874640 graphicsmagick_1.3.28-1_amd64.deb dae865da9f39538543007474274e23aae81b884ea4f34e8e1cc342e66a39cae2 68424 libgraphics-magick-perl_1.3.28-1_amd64.deb a2bbee483e2f6c51dd468fbb9edf1732e082a8896cffc2028bc12a44dcdc0f3e 116172 libgraphicsmagick++-q16-12_1.3.28-1_amd64.deb c51a1c22c371648c4afc94f5e6ed242c08a2cf6a1e166e89e97bcda5b6ed9d74 300700 libgraphicsmagick++1-dev_1.3.28-1_amd64.deb d78cb017a28f54c608ed45efa5ed42bedcfa623d20ce3629e2ee61c6fd37e239 1116048 libgraphicsmagick-q16-3_1.3.28-1_amd64.deb 593b55b1d2227aaba186ef91369ce016da8d15f33c68c76a8dfc142e3c3850b2 1340680 libgraphicsmagick1-dev_1.3.28-1_amd64.deb Files: 2bbe8fd87173c7f68e95df5ead53e4e4 2797 graphics optional graphicsmagick_1.3.28-1.dsc aec23df5ad1a5bf8f8e1b392f95eed55 5416660 graphics optional graphicsmagick_1.3.28.orig.tar.xz c059c1a55e39b715fb48dc2a18cc8c17 140144 graphics optional graphicsmagick_1.3.28-1.debian.tar.xz fbf0e5827325c8e79b2f16e86576fb74 3183404 debug optional graphicsmagick-dbg_1.3.28-1_amd64.deb 69c007d04f1313f81e8c251310e40a83 21736 graphics optional graphicsmagick-imagemagick-compat_1.3.28-1_all.deb 8bc0cf39cf831c83ff14e419eda71bea 25168 graphics optional graphicsmagick-libmagick-dev-compat_1.3.28-1_all.deb 9757425b3ca1cd7f1b09706aeba0287e 11434 graphics optional graphicsmagick_1.3.28-1_amd64.buildinfo 0c249e4fd9d50018c91fe4165d9a75ea 874640 graphics optional graphicsmagick_1.3.28-1_amd64.deb ee7cc2fd29bf492993d8e4846b2cdbd2 68424 perl optional libgraphics-magick-perl_1.3.28-1_amd64.deb 433ee1e7c2cbd80a5af42018296cd260 116172 libs optional libgraphicsmagick++-q16-12_1.3.28-1_amd64.deb 3668c292580fff47207448484255d0f8 300700 libdevel optional libgraphicsmagick++1-dev_1.3.28-1_amd64.deb a5cfe3866e03faa3c47d87ff671d5c25 1116048 libs optional libgraphicsmagick-q16-3_1.3.28-1_amd64.deb ff7785c9e0dc0ea38c9efd3575f9c081 1340680 libdevel optional libgraphicsmagick1-dev_1.3.28-1_amd64.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEfYh9yLp7u6e4NeO63OMQ54ZMyL8FAlpjrKUACgkQ3OMQ54ZM yL9XzA/8CGXYj8rlHipPY936oo+CLPirVCsRVHpL8+6RHHuKRi2rpYJBcLuOGUpZ /K0av0c3eqEV9CTgjp3k0SCGGzb4P6QaOJrWtVy+LBE0aRiSnPFmwgzCX3atz0S7 gmTwt4hDRgDxxi0KjVLUK/xDZaf8okn5EdCUSH1+4KHs6UuA6TB1m6kDxGo2txZ2 YfL1NCEN+inYy4fHfhhAcgD1BaX8Us1JDmU+AsjOlwpII2Ej5r42n7wdgBvo0bWI m3F+CfiB3otsbH2h/v17HVdmdOY5n/+eZKdlOyRfjeOz6MZuOhq32Pc7K8yWA+ZD /8cmDCcmUKHfAeQeAVprud0cQtICqNzZExY5N3hvme6uTsqaKXeZ1tNHqftCUVvw WT2SWCmyXbxszPFsp36ENJwwcO5fdCTvrTWQZcpGdswc6OgaBjwuPkYobdm5ORcs kld+nLgyarK1GTC+YjEP6VkziGsxoW5sPIiyltaUHjTvfV7x80vE8gv9jU+WsQRm BZC8CN6YZWQ+HlkzvHK4y36BRuyvD3EgC/PYAhfg234tIo+RzjAOzl8JPTmucPtC /+Fio1mKlenBwcwaxUP8E3Wtf3nIRwGMYud05JB0UxQ49VITGmAZPtbgscJAq8t9 3TV9TFOp91WrDIX+KCvXEtWrqg/KgONncqvJ6lXiGPRvF29GqV8= =KJfB -----END PGP SIGNATURE-----