Debian Package Tracker
Register | Log in
Subscribe

freeimage

Choose email to subscribe with

general
  • source: freeimage (main)
  • version: 3.18.0+ds2-6
  • maintainer: Debian Science Maintainers (archive) (DMD)
  • uploaders: Ghislain Antony Vaillant [DMD] – Anton Gladky [DMD]
  • arch: all any
  • std-ver: 4.5.0
  • VCS: Git (Browse, QA)
versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]
[pool directory]
  • o-o-stable: 3.15.4-4.2+deb8u1
  • o-o-sec: 3.15.4-4.2+deb8u2
  • oldstable: 3.17.0+ds1-5+deb9u1
  • old-sec: 3.17.0+ds1-5+deb9u1
  • stable: 3.18.0+ds2-1+deb10u1
  • stable-sec: 3.18.0+ds2-1+deb10u1
  • testing: 3.18.0+ds2-6
  • unstable: 3.18.0+ds2-6
versioned links
  • 3.15.4-4.2+deb8u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 3.15.4-4.2+deb8u2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 3.17.0+ds1-5+deb9u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 3.18.0+ds2-1+deb10u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 3.18.0+ds2-6: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
binaries
  • libfreeimage-dev
  • libfreeimage3 (1 bugs: 0, 1, 0, 0)
  • libfreeimageplus-dev
  • libfreeimageplus-doc
  • libfreeimageplus3
action needed
2 security issues in sid high
There are 2 open security issues in sid.
2 important issues:
  • CVE-2019-12212: When FreeImage 3.18.0 reads a special JXR file, the StreamCalcIFDSize function of JXRMeta.c repeatedly calls itself due to improper processing of the file, eventually causing stack exhaustion. An attacker can achieve a remote denial of service attack by sending a specially constructed file.
  • CVE-2019-12214: In FreeImage 3.18.0, an out-of-bounds access occurs because of mishandling of the OpenJPEG j2k_read_ppm_v3 function in j2k.c. The value of l_N_ppm comes from the file read in, and the code does not consider that l_N_ppm may be greater than the size of p_header_data.
Please fix them.
Created: 2019-05-20 Last update: 2021-01-11 00:05
Multiarch hinter reports 3 issue(s) normal
There are issues with the multiarch metadata for this package.
  • libfreeimageplus-doc could be marked Multi-Arch: foreign
  • libfreeimage-dev could be marked Multi-Arch: same
  • libfreeimageplus-dev could be marked Multi-Arch: same
Created: 2016-09-14 Last update: 2021-01-20 21:47
lintian reports 1 warning normal
Lintian reports 1 warning about this package. You should make the package lintian clean getting rid of them.
Created: 2020-07-29 Last update: 2020-08-22 06:03
2 ignored security issues in stretch low
There are 2 open security issues in stretch.
2 issues skipped by the security teams:
  • CVE-2019-12212: When FreeImage 3.18.0 reads a special JXR file, the StreamCalcIFDSize function of JXRMeta.c repeatedly calls itself due to improper processing of the file, eventually causing stack exhaustion. An attacker can achieve a remote denial of service attack by sending a specially constructed file.
  • CVE-2019-12214: In FreeImage 3.18.0, an out-of-bounds access occurs because of mishandling of the OpenJPEG j2k_read_ppm_v3 function in j2k.c. The value of l_N_ppm comes from the file read in, and the code does not consider that l_N_ppm may be greater than the size of p_header_data.
Please fix them.
Created: 2019-05-20 Last update: 2021-01-11 00:05
2 ignored security issues in buster low
There are 2 open security issues in buster.
2 issues skipped by the security teams:
  • CVE-2019-12212: When FreeImage 3.18.0 reads a special JXR file, the StreamCalcIFDSize function of JXRMeta.c repeatedly calls itself due to improper processing of the file, eventually causing stack exhaustion. An attacker can achieve a remote denial of service attack by sending a specially constructed file.
  • CVE-2019-12214: In FreeImage 3.18.0, an out-of-bounds access occurs because of mishandling of the OpenJPEG j2k_read_ppm_v3 function in j2k.c. The value of l_N_ppm comes from the file read in, and the code does not consider that l_N_ppm may be greater than the size of p_header_data.
Please fix them.
Created: 2019-05-20 Last update: 2021-01-11 00:05
2 ignored security issues in bullseye low
There are 2 open security issues in bullseye.
2 issues skipped by the security teams:
  • CVE-2019-12212: When FreeImage 3.18.0 reads a special JXR file, the StreamCalcIFDSize function of JXRMeta.c repeatedly calls itself due to improper processing of the file, eventually causing stack exhaustion. An attacker can achieve a remote denial of service attack by sending a specially constructed file.
  • CVE-2019-12214: In FreeImage 3.18.0, an out-of-bounds access occurs because of mishandling of the OpenJPEG j2k_read_ppm_v3 function in j2k.c. The value of l_N_ppm comes from the file read in, and the code does not consider that l_N_ppm may be greater than the size of p_header_data.
Please fix them.
Created: 2019-07-07 Last update: 2021-01-11 00:05
Build log checks report 1 warning low
Build log checks report 1 warning
Created: 2020-08-19 Last update: 2020-08-19 16:33
Standards version of the package is outdated. wishlist
The package should be updated to follow the last version of Debian Policy (Standards-Version 4.5.1 instead of 4.5.0).
Created: 2020-11-17 Last update: 2020-11-17 05:41
news
[rss feed]
  • [2020-08-30] freeimage 3.18.0+ds2-6 MIGRATED to testing (Debian testing watch)
  • [2020-08-30] freeimage 3.18.0+ds2-6 MIGRATED to testing (Debian testing watch)
  • [2020-08-27] Accepted freeimage 3.18.0+ds2-6 (source) into unstable (Anton Gladky)
  • [2020-07-19] freeimage 3.18.0+ds2-5 MIGRATED to testing (Debian testing watch)
  • [2020-07-16] Accepted freeimage 3.18.0+ds2-5 (source) into unstable (Anton Gladky)
  • [2020-07-15] Accepted freeimage 3.18.0+ds2-4 (source) into unstable (Anton Gladky)
  • [2020-01-03] freeimage 3.18.0+ds2-3 MIGRATED to testing (Debian testing watch)
  • [2020-01-01] Accepted freeimage 3.18.0+ds2-3 (source) into unstable (Anton Gladky)
  • [2019-12-29] Accepted freeimage 3.17.0+ds1-5+deb9u1 (source amd64 all) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates (Hugo Lefeuvre)
  • [2019-12-29] Accepted freeimage 3.18.0+ds2-1+deb10u1 (source amd64 all) into proposed-updates->stable-new, proposed-updates (Hugo Lefeuvre)
  • [2019-12-27] Accepted freeimage 3.18.0+ds2-1+deb10u1 (source amd64 all) into stable->embargoed, stable (Hugo Lefeuvre)
  • [2019-12-27] Accepted freeimage 3.17.0+ds1-5+deb9u1 (source amd64 all) into oldstable->embargoed, oldstable (Hugo Lefeuvre)
  • [2019-12-10] Accepted freeimage 3.15.4-4.2+deb8u2 (source amd64) into oldoldstable (Hugo Lefeuvre)
  • [2019-01-08] freeimage 3.18.0+ds2-1 MIGRATED to testing (Debian testing watch)
  • [2019-01-05] Accepted freeimage 3.18.0+ds2-1 (source) into unstable (Anton Gladky)
  • [2019-01-05] Accepted freeimage 3.18.0+ds2-1~exp1 (source) into experimental (Anton Gladky)
  • [2017-01-23] freeimage 3.17.0+ds1-5 MIGRATED to testing (Debian testing watch)
  • [2017-01-12] Accepted freeimage 3.17.0+ds1-5 (source) into unstable (Anton Gladky)
  • [2016-12-24] freeimage 3.17.0+ds1-4 MIGRATED to testing (Debian testing watch)
  • [2016-12-13] Accepted freeimage 3.17.0+ds1-4 (source) into unstable (Ghislain Antony Vaillant) (signed by: Anton Gladky)
  • [2016-10-14] Accepted freeimage 3.15.4-4.2+deb8u1 (source) into proposed-updates->stable-new, proposed-updates (Anton Gladky)
  • [2016-10-12] freeimage 3.17.0+ds1-3 MIGRATED to testing (Debian testing watch)
  • [2016-10-11] Accepted freeimage 3.17.0+ds1-3 (source) into unstable (Ghislain Antony Vaillant) (signed by: Anton Gladky)
  • [2016-10-06] Accepted freeimage 3.15.1-1.1+deb7u1 (source amd64) into oldstable (Chris Lamb)
  • [2016-03-11] freeimage 3.17.0+ds1-2 MIGRATED to testing (Debian testing watch)
  • [2016-03-05] Accepted freeimage 3.17.0+ds1-2 (source amd64 all) into unstable (Ghislain Antony Vaillant) (signed by: Micha Lenk)
  • [2016-02-02] freeimage 3.17.0+ds1-1.1 MIGRATED to testing (Debian testing watch)
  • [2016-01-27] Accepted freeimage 3.17.0+ds1-1.1 (source amd64 all) into unstable (Tobias Frost)
  • [2016-01-23] freeimage 3.17.0+ds1-1 MIGRATED to testing (Debian testing watch)
  • [2016-01-18] Accepted freeimage 3.17.0+ds1-1 (source) into unstable (Anton Gladky)
  • 1
  • 2
bugs [bug history graph]
  • all: 4
  • RC: 0
  • I&N: 4
  • M&W: 0
  • F&P: 0
  • patch: 0
links
  • homepage
  • lintian (0, 1)
  • buildd: logs, checks, clang, reproducibility, cross
  • popcon
  • browse source code
  • edit tags
  • other distros
  • security tracker
  • debci
ubuntu Ubuntu logo [Information about Ubuntu for Debian Developers]
  • version: 3.18.0+ds2-6ubuntu2
  • 3 bugs (2 patches)
  • patches for 3.18.0+ds2-6ubuntu2

Debian Package Tracker — Copyright 2013-2018 The Distro Tracker Developers
Report problems to the tracker.debian.org pseudo-package in the Debian BTS.
Documentation — Bugs — Git Repository — Contributing