-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Mon, 24 Sep 2018 21:54:36 +0000
Source: graphicsmagick
Binary: graphicsmagick libgraphicsmagick-q16-3 libgraphicsmagick1-dev libgraphicsmagick++-q16-12 libgraphicsmagick++1-dev libgraphics-magick-perl graphicsmagick-imagemagick-compat graphicsmagick-libmagick-dev-compat graphicsmagick-dbg
Architecture: source amd64 all
Version: 1.3.30+hg15796-1
Distribution: unstable
Urgency: high
Maintainer: Laszlo Boszormenyi (GCS) <gcs@debian.org>
Changed-By: Laszlo Boszormenyi (GCS) <gcs@debian.org>
Description:
graphicsmagick - collection of image processing tools
graphicsmagick-dbg - format-independent image processing - debugging symbols
graphicsmagick-imagemagick-compat - image processing tools providing ImageMagick interface
graphicsmagick-libmagick-dev-compat - image processing libraries providing ImageMagick interface
libgraphics-magick-perl - format-independent image processing - perl interface
libgraphicsmagick++-q16-12 - format-independent image processing - C++ shared library
libgraphicsmagick++1-dev - format-independent image processing - C++ development files
libgraphicsmagick-q16-3 - format-independent image processing - C shared library
libgraphicsmagick1-dev - format-independent image processing - C development files
Changes:
graphicsmagick (1.3.30+hg15796-1) unstable; urgency=high
.
* Mercurial snapshot, fixing the following security issues:
- WEBP: Fix compiler warnings regarding uninitialized structure members,
- ReadJPEGImage(): Allow libjpeg to use 1/5th of the total memory limit,
- ReadJPEGImage(): Make sure that JPEG pixels array is initialized in
case libjpeg fails to completely initialize it,
- WriteOnePNGImage(): Free png_pixels as soon as possible,
- ReadMIFFImage(): Detect EOF when reading using ReadBlobZC() and avoid
subsequent heap read overflow,
- ReadMVGImage(): Don't assume that in-memory MVG blob is a
null-terminated C string,
- ReadMVGImage(): Don't allow MVG files to side-load a file as the
drawing primitive using '@' syntax,
- FileToBlob(): Use confirm access APIs to verify that read access is
allowed, and verify that file is a regular file,
- ExtractTokensBetweenPushPop() needs to always return a valid pointer
into the primitive string,
- DrawPolygonPrimitive(): Fix leak of polygon set when object is
completely outside image,
- SetNexus(): For requests one pixel tall, SetNexus() was wrongly using
pixels in-core rather than using a staging area for the case where the
nexus rows extend beyond the image raster boundary,
- ReadCINEONImage(): Quit immediately on EOF and detect short files,
- ReadMVGImage(): Fix memory leak,
- Add mechanism to approve embedded subformats in WPG,
- ReadXBMImage(): Add validations for row and column dimensions,
- MAT InsertComplexFloatRow(): Avoid signed overflow,
- InsertComplexFloatRow(): Try not to lose the previous intention while
avoiding signed overflow,
- XBMInteger(): Limit the number of hex digits parsed to avoid signed
integer overflow,
- MAT: More aggresive data corruption checking,
- MAT: Correctly check GetBlobSize(image) even for zipstreams inside
blob,
- MAT: Explicitly reject non-seekable streams,
- DrawImage(): Add missing error-reporting logic to return immediately
upon memory reallocation failure. Apply memory resource limits to
PrimitiveInfo array allocation,
- MagickAtoFChk(): Add additional validation checks for floating point
values. NAN and +/- INFINITY values also map to 0.0 ,
- ReadMPCImage()/(ReadMIFFImage(): Insist that the format be identified
prior to any comment, and that there is only one comment,
- ConvertPrimitiveToPath(): Enlarge PathInfo array allocation to avoid
possible heap write overflow,
- WPG: Fix intentional 64 bit file offset overflow,
- DrawImage(): Be more precise about error detection and reporting,
- TranslateTextEx(): Fix off-by-one in loop bounds check which allowed a
one-byte stack write overflow,
- DrawImage(): Fix excessive memory consumption due to
SetImageAttribute() appending values,
- QuantumTransferMode(): CIE Log images with an alpha channel are not
supported,
- ConvertPrimitiveToPath(): Second attempt to prevent heap write
overflow of PathInfo array,
- ExtractTileJPG(): Enforce that JPEG tiles are read by the JPEG coder,
- MIFF and MPC, need to avoid leaking value allocation (day-old bug),
- ReadSFWImage(): Enforce that file is read using the JPEG reader,
- FindEXIFAttribute()/GenerateEXIFAttribute(): Change size types from
signed to unsigned and check for unsigned overflow,
- GenerateEXIFAttribute(): Eliminate undefined shift,
- TraceEllipse(): Detect arithmetic overflow when computing the number of
points to allocate for an ellipse,
- ReadMNGImage(): mng_LOOP chunk must be at least 5 bytes long,
- ReadJPEGImage(): Apply a default limit of 100 progressive scans before
the reader quits with an error.
* Update library symbols for this release.
Checksums-Sha1:
24229d5afab48728e4d48473e2ba9534b7794c99 2856 graphicsmagick_1.3.30+hg15796-1.dsc
e2a3a50bb3c609f4625b6a2a38de46357b881fe6 27390756 graphicsmagick_1.3.30+hg15796.orig.tar.xz
6ff6ede2555c2e66c428a79e4870736f9c7ca210 142420 graphicsmagick_1.3.30+hg15796-1.debian.tar.xz
164bccb1f0b837273981078025478790b04a513b 4119640 graphicsmagick-dbg_1.3.30+hg15796-1_amd64.deb
0e0ca592a9099333a6aafcea62f29365432258d2 50364 graphicsmagick-imagemagick-compat_1.3.30+hg15796-1_all.deb
43d6eb9a1da0987ee8fb14f31d91e258bc60172d 53800 graphicsmagick-libmagick-dev-compat_1.3.30+hg15796-1_all.deb
f6feb862c1c6e290b88b05f9d01ca93873f55404 12975 graphicsmagick_1.3.30+hg15796-1_amd64.buildinfo
8737935fdbc61430f5fc91439b5b896a5bb4e52c 952752 graphicsmagick_1.3.30+hg15796-1_amd64.deb
76526d20abc2d885c08cb83476fa89eac60a7d93 98152 libgraphics-magick-perl_1.3.30+hg15796-1_amd64.deb
918ac3d46ed22eccc9ab9f40ff5633f804f27657 149488 libgraphicsmagick++-q16-12_1.3.30+hg15796-1_amd64.deb
ffff5cbedbcb2bd6b1d20d579dc3e688d2982e75 337060 libgraphicsmagick++1-dev_1.3.30+hg15796-1_amd64.deb
926111bf927bc164d9ba10d0861c4527789f8888 1188268 libgraphicsmagick-q16-3_1.3.30+hg15796-1_amd64.deb
0cf1375c23bfbf5035edeca397ea7b10bdff264f 1416872 libgraphicsmagick1-dev_1.3.30+hg15796-1_amd64.deb
Checksums-Sha256:
f3a23feb7d6b177115f97af4f4b22ddde077e5afaa09375b03a44b5af10fb654 2856 graphicsmagick_1.3.30+hg15796-1.dsc
b6748d7368f686c346c90b9077699568d1b60a25e820b7fe2d68168bad4c80b7 27390756 graphicsmagick_1.3.30+hg15796.orig.tar.xz
4174b0d655d497447fbd43dd1a60f5b9936d6052ffa934d59d3a5d7e8b0afb15 142420 graphicsmagick_1.3.30+hg15796-1.debian.tar.xz
50fce2eb5aba6cd85d48a911940f459e6f3a228efe93c0ca60b6ec0ce73f85a2 4119640 graphicsmagick-dbg_1.3.30+hg15796-1_amd64.deb
f667737b1736075d7298f8300a32e44b9180bd71cc9f9c80203beec033da7911 50364 graphicsmagick-imagemagick-compat_1.3.30+hg15796-1_all.deb
31838c9de0738e1c009ad08940e8a36ee916a973d59940031f5e5744b7b278ff 53800 graphicsmagick-libmagick-dev-compat_1.3.30+hg15796-1_all.deb
485562eaef77039eddb138140fffe198496e1393d1714b63a9fd2a83b1007476 12975 graphicsmagick_1.3.30+hg15796-1_amd64.buildinfo
93263a0b4423fd7efbce5b4ef281389e2ccc21cfa405c7604526dacb68d1a013 952752 graphicsmagick_1.3.30+hg15796-1_amd64.deb
7a6eaa8c2d700f2ee3fcca07b97ae1a4cba81104e7836acddfd5569ed242d4e4 98152 libgraphics-magick-perl_1.3.30+hg15796-1_amd64.deb
42d768793ebb56c0fc7b951ca97d61aa670ce801f003cf7e31b986ea2dbf78b7 149488 libgraphicsmagick++-q16-12_1.3.30+hg15796-1_amd64.deb
fbd589873547702cf9dc596c58dc0264a51a5ed0d7ff5fe9906a036f22700004 337060 libgraphicsmagick++1-dev_1.3.30+hg15796-1_amd64.deb
586f5672caef810371ba2aecc9631040a25d6591fa995472d26a674ae1878466 1188268 libgraphicsmagick-q16-3_1.3.30+hg15796-1_amd64.deb
e22195d7aa85ee6bc123b557c2303b3c9db43c8e68fc8814ccdadf4683282c2c 1416872 libgraphicsmagick1-dev_1.3.30+hg15796-1_amd64.deb
Files:
0a655385f0b18045face49f68178add4 2856 graphics optional graphicsmagick_1.3.30+hg15796-1.dsc
a03ab1fdd46b33ad7d45a56289ec7ba2 27390756 graphics optional graphicsmagick_1.3.30+hg15796.orig.tar.xz
d34368aa8ebd065729afd2c3248384df 142420 graphics optional graphicsmagick_1.3.30+hg15796-1.debian.tar.xz
2361f2c4bc2fcecddf40096c916e2503 4119640 debug optional graphicsmagick-dbg_1.3.30+hg15796-1_amd64.deb
55f61efb86782d11cf665deb0c5d6457 50364 graphics optional graphicsmagick-imagemagick-compat_1.3.30+hg15796-1_all.deb
556922236081b7230f40c9cee8726a00 53800 graphics optional graphicsmagick-libmagick-dev-compat_1.3.30+hg15796-1_all.deb
ce040c3b2a6ad347f49ac77bd2e288c5 12975 graphics optional graphicsmagick_1.3.30+hg15796-1_amd64.buildinfo
c14432a6c571146af460d1d2002e5936 952752 graphics optional graphicsmagick_1.3.30+hg15796-1_amd64.deb
7212e68a03f71e753c69fc45796b6084 98152 perl optional libgraphics-magick-perl_1.3.30+hg15796-1_amd64.deb
ff879232d3d2832452fd79d14e7d124d 149488 libs optional libgraphicsmagick++-q16-12_1.3.30+hg15796-1_amd64.deb
b30ed8bd42905578d5b6b5535f197259 337060 libdevel optional libgraphicsmagick++1-dev_1.3.30+hg15796-1_amd64.deb
5d70eee958721a2948490a3b5b0c65a0 1188268 libs optional libgraphicsmagick-q16-3_1.3.30+hg15796-1_amd64.deb
d38cc99b2f1be52eb6da7df32cebace8 1416872 libdevel optional libgraphicsmagick1-dev_1.3.30+hg15796-1_amd64.deb
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEfYh9yLp7u6e4NeO63OMQ54ZMyL8FAlupdnQACgkQ3OMQ54ZM
yL+GjBAAigEemTyMlrNIeHatChY8D+pgAS58p7Id67ef0IGhnritIP4DmWXzqjxX
mI+2immhJHlyNiF/6/dJnCD021mQjD/q2dx7KDma/73mbbMDGr+DHpLLPbR0KsiZ
uvvE02y/48aDLU6zIzt/qcInaYCX59hORlt4aBJhECgoA/ozKWp2yDJKkSgVDl9d
PODAqO2QpImEJXhft0PP3e7dBwCNpYsgXhbDXgycaQGoXk1iFEIAPuvXSch7K5sm
+A/O4KUwYMp771DCrGR3pCk6ry82fLK8iplncA8C1Di0yTSKg0DDNJIWMMMnbFE0
f/dTsogxDmeGOqd+Eg/1PcdfE3cVvaAhZEZbuUSDYK72D3boe8lT2SLtHRiXqBb7
4X42mn/rbo/IejfgQ8G/LbP0DmpyiBiPx23x1yUA2S6gbIt4GBrdzysbd1aKvWgm
0f4r0x2QkbWmCCjCdUAykHC13iZexhMM7IVwBPT7CC1RSEJ5qSSFTijOUCNwuMGl
C7RWntjGrIUcInaes4Q5qS7mYxNIOR5jL9HRDQZ/dp6hvF4cGjk2ckhF3RtdTN88
XhU6JoN4B2LCMucDcL6Avg8bk/Q8/Ez7FGcJskZEbgZOdeh0H5axEk4S68NVEKDS
Zk4ii2PTanMtnAzogU1CJxd7COqMCryrubhI3dZjswBtb3hZM0o=
=+gZw
-----END PGP SIGNATURE-----
