Back to graphicsmagick PTS page

Accepted graphicsmagick 1.3.26-1 (source amd64 all) into unstable



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Wed, 05 Jul 2017 16:14:40 +0000
Source: graphicsmagick
Binary: graphicsmagick libgraphicsmagick-q16-3 libgraphicsmagick1-dev libgraphicsmagick++-q16-12 libgraphicsmagick++1-dev libgraphics-magick-perl graphicsmagick-imagemagick-compat graphicsmagick-libmagick-dev-compat graphicsmagick-dbg
Architecture: source amd64 all
Version: 1.3.26-1
Distribution: unstable
Urgency: high
Maintainer: Laszlo Boszormenyi (GCS) <gcs@debian.org>
Changed-By: Laszlo Boszormenyi (GCS) <gcs@debian.org>
Description:
 graphicsmagick - collection of image processing tools
 graphicsmagick-dbg - format-independent image processing - debugging symbols
 graphicsmagick-imagemagick-compat - image processing tools providing ImageMagick interface
 graphicsmagick-libmagick-dev-compat - image processing libraries providing ImageMagick interface
 libgraphics-magick-perl - format-independent image processing - perl interface
 libgraphicsmagick++-q16-12 - format-independent image processing - C++ shared library
 libgraphicsmagick++1-dev - format-independent image processing - C++ development files
 libgraphicsmagick-q16-3 - format-independent image processing - C shared library
 libgraphicsmagick1-dev - format-independent image processing - C development files
Closes: 867060 867077 867085
Changes:
 graphicsmagick (1.3.26-1) unstable; urgency=high
 .
   * New upstream release, fixing the following security issues among others:
     - META: Fix heap overflow while parsing 8BIM chunk (CVE-2016-7800).
     - WPG: Fix heap overflow (CVE-2016-7996). Fix assertion crash
       (CVE-2016-7997).
     - PNG: Enforce spec requirement that the dimensions of the JPEG embedded
       in a JDAT chunk must match the JHDR dimensions (CVE-2016-9830).
     - TIFF: Fix out of bounds read when reading CMYKA TIFF which claims to
       have only 2 samples per pixel (CVE-2017-6335).
     - JNG: Fix memory leak when reading invalid JNG image (CVE-2017-8350).
     - TIFF: Fix out of bounds read when reading RGB TIFF which claims to have
       only 1 sample per pixel (CVE-2017-10794) (closes: #867085).
     - DPX: Fix excessive use of memory (DOS issue) due to file header claiming
       large image dimensions but insufficient backing data. (CVE-2017-10799)
       (closes: #867077).
     - MAT: Fix excessive use of memory (DOS issue) due to continuing
       processing with insufficient data and claimed large image size. Verify
       each file extent to make sure that it is within range of file size.
       (CVE-2017-10800) (closes: #867060).
   * Remove previously backported security patches.
   * Self-tests build hack no longer needed.
   * Update library symbols for this release.
   * Update Standards-Version to 4.0.0 and debhelper level to 10 .
Checksums-Sha1:
 4129d5473cc8f801b0115dc8657d14d48c461d4a 2804 graphicsmagick_1.3.26-1.dsc
 2cc885d1b157996aa14c98e34f7aa17815d00c41 5400564 graphicsmagick_1.3.26.orig.tar.xz
 24c93cf23a5e5453189340ea40ccc1d205eff684 138488 graphicsmagick_1.3.26-1.debian.tar.xz
 9f7944055dea117b307727ef90f49b6997a75a86 3171326 graphicsmagick-dbg_1.3.26-1_amd64.deb
 750b75f94874d2aee96972a95e1d30267e834004 22042 graphicsmagick-imagemagick-compat_1.3.26-1_all.deb
 716f37a83df7c50530b9de3d9268b953dc898825 25468 graphicsmagick-libmagick-dev-compat_1.3.26-1_all.deb
 e25842e2dd97064c1d4c64b2b42ca4c9ef5ab85c 11529 graphicsmagick_1.3.26-1_amd64.buildinfo
 820e8963d2a56edba06942f5551ab44c517abfff 862990 graphicsmagick_1.3.26-1_amd64.deb
 c1226b02b4a2d7bb362d8218dc04663de9dc691d 69340 libgraphics-magick-perl_1.3.26-1_amd64.deb
 bcc6234553deaa7cbd33a04791362a08a4a8a496 115576 libgraphicsmagick++-q16-12_1.3.26-1_amd64.deb
 9dcbb55119a9a1c39bfa1c2d3fd2dd55ca3c7f14 301664 libgraphicsmagick++1-dev_1.3.26-1_amd64.deb
 594b57d5e55aa7daba32aedae153661e0b12a69f 1110570 libgraphicsmagick-q16-3_1.3.26-1_amd64.deb
 653cfe2b23899b664017ef9b9f0ff1bd0bb60c05 1333398 libgraphicsmagick1-dev_1.3.26-1_amd64.deb
Checksums-Sha256:
 9b64964c43fc2b8b531fa301123bc0641938ea40e1f6e70433b548e8f71ad49f 2804 graphicsmagick_1.3.26-1.dsc
 fba015f3d5e5d5f17e57db663f1aa9d338e7b62f1d415b85d13ee366927e5f88 5400564 graphicsmagick_1.3.26.orig.tar.xz
 f5406b60636193a6304597c75a89300c2a87a260bb954d1765c57dae42cd696c 138488 graphicsmagick_1.3.26-1.debian.tar.xz
 dda8e6c27bcec112a95bcb2cd56d797f6885d1a08240298dd4d19171aa9a817b 3171326 graphicsmagick-dbg_1.3.26-1_amd64.deb
 fc9696bc3864196b15e846f01b3c463104d6aa2f4dfb712d0696f74e3d320272 22042 graphicsmagick-imagemagick-compat_1.3.26-1_all.deb
 11aecd5de1a70dc5b51176deeae7962a4de5e8607df5eaf5fb48f85b3b7e965f 25468 graphicsmagick-libmagick-dev-compat_1.3.26-1_all.deb
 9b60b399d7ee505c97a62800f9eb38f3d486fffd7ac1127721b64de2bffc4ad2 11529 graphicsmagick_1.3.26-1_amd64.buildinfo
 bfd8c8b06523906d2be8a995fe82de472ff9f6e2cb413f6ba5e38c6518ddc2b2 862990 graphicsmagick_1.3.26-1_amd64.deb
 d1553acc7f90391788a60287a0af6b54e19a568c7f0c9ecb42a55218c7ae9677 69340 libgraphics-magick-perl_1.3.26-1_amd64.deb
 04e7e11ed3664bbbcbebf53c06d2844f5e1dcb069e2e970a600e66366f8a8f51 115576 libgraphicsmagick++-q16-12_1.3.26-1_amd64.deb
 97f7bff30f6a7a0b42d38d7f94009e9ffc620fdd91a260278abcc2e64cd56e8c 301664 libgraphicsmagick++1-dev_1.3.26-1_amd64.deb
 66485f40602f7b30f45f3930031fc543a963ac162f30843639aff9535550617a 1110570 libgraphicsmagick-q16-3_1.3.26-1_amd64.deb
 0b8cfaba64a136ded1b2cae4e1c11ceb46b627d8d33d35b16c586d1a4b2b5fe0 1333398 libgraphicsmagick1-dev_1.3.26-1_amd64.deb
Files:
 e93fbc3783c92498dd7b625b9a769ef5 2804 graphics optional graphicsmagick_1.3.26-1.dsc
 bf6bd27b6d440ec3b2f6db63fe61845c 5400564 graphics optional graphicsmagick_1.3.26.orig.tar.xz
 7f1acc3d38ed339d49d29b41b9f86e57 138488 graphics optional graphicsmagick_1.3.26-1.debian.tar.xz
 aaac8eec606a82a2c3cbed4a2f74887c 3171326 debug extra graphicsmagick-dbg_1.3.26-1_amd64.deb
 aef87ba579b67c309b3818e4c44c0679 22042 graphics extra graphicsmagick-imagemagick-compat_1.3.26-1_all.deb
 43a1c009e8fd93b40d404e32a533fe91 25468 graphics extra graphicsmagick-libmagick-dev-compat_1.3.26-1_all.deb
 49172bc839412468b5884f3687528b9c 11529 graphics optional graphicsmagick_1.3.26-1_amd64.buildinfo
 9f796567506e366dfd5e11b6a5695b0c 862990 graphics optional graphicsmagick_1.3.26-1_amd64.deb
 a6da6edec70f3336458cb9b9fbed399a 69340 perl optional libgraphics-magick-perl_1.3.26-1_amd64.deb
 4dc996ac8ecc19e6577fd789065cd1fe 115576 libs optional libgraphicsmagick++-q16-12_1.3.26-1_amd64.deb
 2279ef04c0d168a579ff9a4cf20ec9b0 301664 libdevel optional libgraphicsmagick++1-dev_1.3.26-1_amd64.deb
 5e53201581474dc4d0a20609fd2c1eee 1110570 libs optional libgraphicsmagick-q16-3_1.3.26-1_amd64.deb
 1bacb3904a93e61c82406ff950adcb7c 1333398 libdevel optional libgraphicsmagick1-dev_1.3.26-1_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEfYh9yLp7u6e4NeO63OMQ54ZMyL8FAlldyxgACgkQ3OMQ54ZM
yL/d/A//WNl9gLi6iYrEsgN6Of4+Iktv1/5Ch6bm7GKh1735LhDb1R8u1ee2/fEv
aFKhFFqQ6Gs2vtLL2zHWy2oYlxJKhC/fq90Jcg9FRVYA+bHTP6gRlw/s036u0lwp
8t4rnkEcNAS9msEe1mpVULOh4ct/hdmOxcNhroney2CCBSTSDDraTsH7uoXviC4I
mvuwYjz2Ig6Uxzm6w6yM1m769eOIULCj6AW7DuavRAcnDZ8Agh2l3jULtmzAqMHF
gCySkdNzwh1qbuJ2oV+nEwDMhvBRGzARzPdS0Vj0pG8vbvGQ70B0T4wX86aezW/d
xSDZdivNiNi3V0T8NV/WXKN0ORYYVHbjcnD1xMEN8/5yI/PbLi4+tkpBQuu3W/xY
/ltRwWkvF9GUkAfyrtQf97isauDH1VSo3pVzc+M997BATSPSZj5exEmrjh4errkd
dLMC9z2ZCCt969cEwwjTRtDUYhBdLoO47hW9LYsHRuVjhFiBFy3rtmEdKnH+7lYa
Exy6fXlnUdPl3MBBeXZ0JNBCHZH68rSYv+Qs2EBSZ3aSyEDpkgclT274CoVlU87a
a81ztJPs9AMNTetfy4xA9h3uty6aaOpf5XCLo+CSdb0u0O7NauyzbNiEZydRldLb
BkjwOn8qYlY3VeEoq78W8sBi4F6sCZFpE/99OFmARwbV7gS/HG4=
=pyWs
-----END PGP SIGNATURE-----