-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Wed, 05 Oct 2016 17:24:05 +0000 Source: graphicsmagick Binary: graphicsmagick libgraphicsmagick3 libgraphicsmagick1-dev libgraphicsmagick++3 libgraphicsmagick++1-dev libgraphics-magick-perl graphicsmagick-imagemagick-compat graphicsmagick-libmagick-dev-compat graphicsmagick-dbg Architecture: source amd64 all Version: 1.3.20-3+deb8u2 Distribution: jessie-security Urgency: high Maintainer: Laszlo Boszormenyi (GCS) <gcs@debian.org> Changed-By: Laszlo Boszormenyi (GCS) <gcs@debian.org> Description: graphicsmagick - collection of image processing tools graphicsmagick-dbg - format-independent image processing - debugging symbols graphicsmagick-imagemagick-compat - image processing tools providing ImageMagick interface graphicsmagick-libmagick-dev-compat - image processing libraries providing ImageMagick interface libgraphics-magick-perl - format-independent image processing - perl interface libgraphicsmagick++1-dev - format-independent image processing - C++ development files libgraphicsmagick++3 - format-independent image processing - C++ shared library libgraphicsmagick1-dev - format-independent image processing - C development files libgraphicsmagick3 - format-independent image processing - C shared library Closes: 814732 825800 847055 Changes: graphicsmagick (1.3.20-3+deb8u2) jessie-security; urgency=high . * Fix CVE-2015-8808: denial of service (uninitialized memory access) via a crafted GIF file. * Fix CVE-2016-2317: segmentation violation when reading SVG files (closes: #814732). * Fix CVE-2016-2318: make SVG path and other primitive parsing more robust. * Fix CVE-2016-5240: endless loop problem caused by negative stroke-dasharray arguments. * Fix CVE-2016-3714: remove delegates support for Gnuplot files. * Fix CVE-2016-3715: remove undocumented "TMP" magick prefix. * Fix CVE-2016-5118: remove support for reading input from a shell command, or writing output to a shell command (closes: #825800). * Fix CVE-2016-7996: possible heap overflow of colormap in Q8 build. * Fix CVE-2016-7997: correctly flip image->blob and rotated_image->blob. * Fix CVE-2016-8682: stack-based buffer overflow in ReadSCTImage (sct.c). * Fix CVE-2016-8684: memory allocation failure in MagickMalloc (memory.c). * Fix CVE-2016-8683: memory allocation failure in ReadPCXImage (pcx.c). * Fix CVE-2016-7800: unsigned underflow leading to heap overflow when parsing 8BIM chunk. * Fix CVE-2016-9830: memory allocation failure in MagickRealloc (closes: #847055). * Add new MagickGetToken@Base symbol to libgraphicsmagick3. Checksums-Sha1: 3437b00286cf7f9ef7d3641879ed705bb2502af4 2770 graphicsmagick_1.3.20-3+deb8u2.dsc 73042eee48e17d074f68f6f70fc81b221481255a 5206616 graphicsmagick_1.3.20.orig.tar.xz 30297e3ee05442e830249fe19cfbfdb11356638a 165788 graphicsmagick_1.3.20-3+deb8u2.debian.tar.xz 501cfb2e182bf17fa89de46c2fcebb6b8433205d 788610 graphicsmagick_1.3.20-3+deb8u2_amd64.deb 3dd6fc6f4a7748eb02e6c98e1ddbaa75dc9e430f 1096642 libgraphicsmagick3_1.3.20-3+deb8u2_amd64.deb b87802aca76967bb1a6166af2fe72d2b06413d5a 1282514 libgraphicsmagick1-dev_1.3.20-3+deb8u2_amd64.deb 098480beda1ebf1655163a3a8e016cf6387ae369 115374 libgraphicsmagick++3_1.3.20-3+deb8u2_amd64.deb 868e434fc3a1b7efd573d302d4ad393cc5b51f2f 297568 libgraphicsmagick++1-dev_1.3.20-3+deb8u2_amd64.deb 7058af5c0dcb96eca1700e899cbef786d233d240 72902 libgraphics-magick-perl_1.3.20-3+deb8u2_amd64.deb 89661e59fd6dfc0ecad754e1ef094e5887c10c3b 2223630 graphicsmagick-dbg_1.3.20-3+deb8u2_amd64.deb b46e50c40c09719cef299acae03f8dddc4acf7b1 24960 graphicsmagick-imagemagick-compat_1.3.20-3+deb8u2_all.deb 9b294f353a56a0cdf4a46ec4924724232acef03b 28420 graphicsmagick-libmagick-dev-compat_1.3.20-3+deb8u2_all.deb Checksums-Sha256: b71f3ddae323822fc0cae74ba0988ee19ab1e58a2e690a903da7c04b5d0a1aee 2770 graphicsmagick_1.3.20-3+deb8u2.dsc 35fa21da4c1479e08da8351c5b1e363adaca803a0064cfc83084363adce387c9 5206616 graphicsmagick_1.3.20.orig.tar.xz d4d8f32a04dd0cdddae7182feba04a4e5dd48020b84cb0f1266afe678069238b 165788 graphicsmagick_1.3.20-3+deb8u2.debian.tar.xz 56ca4fd5f9246acdf892e7d5fd069a93c9938a792bc1160fad80a59334bc98a1 788610 graphicsmagick_1.3.20-3+deb8u2_amd64.deb f33737e2cd1367f52c5252dffcf6e5b88e7dbbafd053d60845ee4b580a597e88 1096642 libgraphicsmagick3_1.3.20-3+deb8u2_amd64.deb d7f0f6e1f8554a2ad030d0d225fadb20589fd2f66a97bb9d8b8e30c60854b3a2 1282514 libgraphicsmagick1-dev_1.3.20-3+deb8u2_amd64.deb 00d0b1c7bbbc5be756ea296bb94424f1160754025843c3dfc25b3dee8dd2478d 115374 libgraphicsmagick++3_1.3.20-3+deb8u2_amd64.deb 734bc412140ae371f4a56d0ac492afc05b037e499a47b0b4bcb01ddc68b4330f 297568 libgraphicsmagick++1-dev_1.3.20-3+deb8u2_amd64.deb 973d2a636fb5b0ac8de3a024b1cf276dfed0727726d6ffc24f9ad8c00c112ad9 72902 libgraphics-magick-perl_1.3.20-3+deb8u2_amd64.deb 85fcbe41b679b6b24938214bbd1f1bb06c99981237f05984509a29616d7bc1dd 2223630 graphicsmagick-dbg_1.3.20-3+deb8u2_amd64.deb d6aaf4d0dd0aadfeb1e7831503e6c5b19fbdc06582342e9c0721b6d05d9c94ee 24960 graphicsmagick-imagemagick-compat_1.3.20-3+deb8u2_all.deb e01a3a51a12cb3e9a3e836ecb4e06f0844c41eab35024a07a1f23b75e3505f62 28420 graphicsmagick-libmagick-dev-compat_1.3.20-3+deb8u2_all.deb Files: 613b1b3da30e548a6729d3815b0cff09 2770 graphics optional graphicsmagick_1.3.20-3+deb8u2.dsc 5bb456e3466026ada6f12cc53c9776dc 5206616 graphics optional graphicsmagick_1.3.20.orig.tar.xz ed25be6f611f4e507c1dde86908a73f7 165788 graphics optional graphicsmagick_1.3.20-3+deb8u2.debian.tar.xz c4e6882d5ae7a6cad6844d58fe27b1cf 788610 graphics optional graphicsmagick_1.3.20-3+deb8u2_amd64.deb 54afa64dc2972d959368a61772066614 1096642 libs optional libgraphicsmagick3_1.3.20-3+deb8u2_amd64.deb d9bf9bd195f657a47eaa042cc89a9702 1282514 libdevel optional libgraphicsmagick1-dev_1.3.20-3+deb8u2_amd64.deb 72aedbeb71c22971fc5832f8cd51805b 115374 libs optional libgraphicsmagick++3_1.3.20-3+deb8u2_amd64.deb 33a385b9a484c638e9ec83e0f0bc6089 297568 libdevel optional libgraphicsmagick++1-dev_1.3.20-3+deb8u2_amd64.deb ab8b42ffabb0f6c6b44acd8a13ba298d 72902 perl optional libgraphics-magick-perl_1.3.20-3+deb8u2_amd64.deb 9eac3c9fe43b6be21454285a255226ea 2223630 debug extra graphicsmagick-dbg_1.3.20-3+deb8u2_amd64.deb 5afe52174066661de3e665149ea4cbf8 24960 graphics extra graphicsmagick-imagemagick-compat_1.3.20-3+deb8u2_all.deb f99d69ace0747b010183b76f9c440781 28420 graphics extra graphicsmagick-libmagick-dev-compat_1.3.20-3+deb8u2_all.deb -----BEGIN PGP SIGNATURE----- iQIcBAEBCAAGBQJYXuxBAAoJEG7C3vaP/jd0BqgP/j1+DL4jW7ckWO2inOCeF53y 3vBMqXzshGAPqLKTsTYX38RMbPrDVK82o2I1UiXAzJotGA2bpNRRlLOzhJ7qMRPS M5xHwzCqw3E6j4iiD12ELeq+ho01JEORW1iLNu4ppmNREz0WUKfcvYAc9bBToK7j f1jFoXN/s5eidLKRWcyXhLes1TUsRclu75OpKA7soPBOkWniqSys/vwz4ZAcyKUq ISqddD3U3tOge3E35Vn7BZoPu9rrvDctwSDzt+k8AFLnq97Dn+ts8ZOCI7LGmStW P2tObEXQX9d0yqQyQL65wx96M+VApXeEJf1PJ++KAUQyQj1DobjgNP4WE9jvFqQI edlTNbot7HsvAvy0e47MyCHnzhO9Plz19QnNoOONGzrn95hK34Qp4Fz/P/x4AT49 g8QoBkZ0XBnNcQIYajlb9ZDe1W4hI742oToUbRpQGufPme6QGYXrH9bxd2bb+sk/ veLGB6M57xy27/C8ketX3ePUNQYhODw+yD31SOerJmkLPtCvRUDOEMqtxP7aQ+nn 5sPqRUn6amWlB6IiYPik7TNmF9ZoyKqjSt1YvlIAjERv8WtfdJ7WFgMWZgWNDnCa EVLi9NVl32zLEMtQ13I5w6fPWlatQhUHG70ZxMtK6ISiU0bcikJk/qrVnNzk0W/a dQ8Yw0qkrR6/2/Cf3MKF =Pg3P -----END PGP SIGNATURE-----
