Accepted graphicsmagick 1.3.16-1.1+deb7u9 (source amd64 all) into oldoldstable
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Thu, 31 Aug 2017 18:06:45 +0200
Source: graphicsmagick
Binary: graphicsmagick libgraphicsmagick3 libgraphicsmagick1-dev libgraphicsmagick++3 libgraphicsmagick++1-dev libgraphics-magick-perl graphicsmagick-imagemagick-compat graphicsmagick-libmagick-dev-compat graphicsmagick-dbg
Architecture: source amd64 all
Version: 1.3.16-1.1+deb7u9
Distribution: wheezy-security
Urgency: high
Maintainer: Daniel Kobras <kobras@debian.org>
Changed-By: Thorsten Alteholz <debian@alteholz.de>
Description:
graphicsmagick - collection of image processing tools
graphicsmagick-dbg - format-independent image processing - debugging symbols
graphicsmagick-imagemagick-compat - image processing tools providing ImageMagick interface
graphicsmagick-libmagick-dev-compat - image processing libraries providing ImageMagick interface
libgraphics-magick-perl - format-independent image processing - perl interface
libgraphicsmagick++1-dev - format-independent image processing - C++ development files
libgraphicsmagick++3 - format-independent image processing - C++ shared library
libgraphicsmagick1-dev - format-independent image processing - C development files
libgraphicsmagick3 - format-independent image processing - C shared library
Changes:
graphicsmagick (1.3.16-1.1+deb7u9) wheezy-security; urgency=high
.
* Non-maintainer upload by the LTS team.
* CVE-2017-13776 and CVE-2017-13777
denial of service issue in ReadXBMImage()
* CVE-2017-12935
The ReadMNGImage function in coders/png.c mishandles large MNG
images, leading to an invalid memory read in the
SetImageColorCallBack function in magick/image.c.
* CVE-2017-12936
The ReadWMFImage function in coders/wmf.c has a use-after-free
issue for data associated with exception reporting.
* CVE-2017-12937
The ReadSUNImage function in coders/sun.c has a colormap
heap-based buffer over-read.
* CVE-2017-13063 and CVE-2017-13064
heap-based buffer overflow vulnerability in the function
GetStyleTokens in coders/svg.c
* CVE-2017-13065
NULL pointer dereference vulnerability in the function
SVGStartElement in coders/svg.c
Checksums-Sha1:
0bf6386bae67469e3ae836729ecebc26ef0f6c0e 2841 graphicsmagick_1.3.16-1.1+deb7u9.dsc
f2ec0392d7a7d5cbe0d5bdff2931edbacedd73e9 8736761 graphicsmagick_1.3.16.orig.tar.gz
65bfd476315a9bf3ce4c855d427857872c012bed 196019 graphicsmagick_1.3.16-1.1+deb7u9.debian.tar.gz
ce1956762674bef1aae496c3744a793e242fcaf3 1034266 graphicsmagick_1.3.16-1.1+deb7u9_amd64.deb
bcc71e2cf11c94346c6bff8f7b5868782510dc1d 1325954 libgraphicsmagick3_1.3.16-1.1+deb7u9_amd64.deb
d02bc7f8637ed904644447bbb0cd4b4747eda814 1821852 libgraphicsmagick1-dev_1.3.16-1.1+deb7u9_amd64.deb
dff8100c5c79a1212bd8164542e87778837ac165 154932 libgraphicsmagick++3_1.3.16-1.1+deb7u9_amd64.deb
d26d48344ef352a68dba354b82a61cbaea812333 406448 libgraphicsmagick++1-dev_1.3.16-1.1+deb7u9_amd64.deb
a9239d343e99f6818a6712141e9f3db53a2027e1 83774 libgraphics-magick-perl_1.3.16-1.1+deb7u9_amd64.deb
659e485932b2a46b3cfa66b7c982fef806af8d8e 3268912 graphicsmagick-dbg_1.3.16-1.1+deb7u9_amd64.deb
743277539bd3ff42e1a5ce0e8c34045353c9a5c1 18414 graphicsmagick-imagemagick-compat_1.3.16-1.1+deb7u9_all.deb
cdc5e024f17184178b9caaaeb80a30c25f937d1b 21922 graphicsmagick-libmagick-dev-compat_1.3.16-1.1+deb7u9_all.deb
Checksums-Sha256:
22f0740bdba984695d7bc3633934cb078a1f6624f00e67ab9c1c3aa62f3a82e8 2841 graphicsmagick_1.3.16-1.1+deb7u9.dsc
ae2229370926dea6c2423cc1adaf551d33f38102677332294439365aaac1514b 8736761 graphicsmagick_1.3.16.orig.tar.gz
25fa73c7e59eef78d9ce5eb8d877e6a48fbf56514c97ffb32b651e986db9b07b 196019 graphicsmagick_1.3.16-1.1+deb7u9.debian.tar.gz
ec1c2d2b11cfdae1e956dc09199289bc5bd3c0704e9b2f7c5986279664a099e4 1034266 graphicsmagick_1.3.16-1.1+deb7u9_amd64.deb
28efc8dcb97fe26f81439d9aabe3ca8493bec5ac858b2a156319b136537868a5 1325954 libgraphicsmagick3_1.3.16-1.1+deb7u9_amd64.deb
a23101e414f358e33ce8a56de4aa853ab1e068df8ae34859c06da5446df83287 1821852 libgraphicsmagick1-dev_1.3.16-1.1+deb7u9_amd64.deb
32fd3bed94bb8a96c493df29f8a61d52162ae18a3ffd8930ee01a3a7cbd41a42 154932 libgraphicsmagick++3_1.3.16-1.1+deb7u9_amd64.deb
ece3b5b5081fdfae0d94bcfc9df0fb9aa49ac6681a5ef1b3fba8e58ea77cd78f 406448 libgraphicsmagick++1-dev_1.3.16-1.1+deb7u9_amd64.deb
b29305e6edc53c3ebccf3a296be228ad4dc8cdf1e29b6af99471e72a7fb279bc 83774 libgraphics-magick-perl_1.3.16-1.1+deb7u9_amd64.deb
211c775699dd571150002cb0ce0d8588328c6aced12bc38cb8ffe6460ea8fc5d 3268912 graphicsmagick-dbg_1.3.16-1.1+deb7u9_amd64.deb
d8e1a6b00997631727f0266289fde935bbc8f835bdd73c5352e1daf2942c7ff2 18414 graphicsmagick-imagemagick-compat_1.3.16-1.1+deb7u9_all.deb
70c3a70dc2090c5607e8c179327054b113d1afdb82d49cc74c1b37f87e139b7f 21922 graphicsmagick-libmagick-dev-compat_1.3.16-1.1+deb7u9_all.deb
Files:
75cd4a2f24736a394a14c7232d29f998 2841 graphics optional graphicsmagick_1.3.16-1.1+deb7u9.dsc
66a4b9c7af6165b5d293fed6ebe04e36 8736761 graphics optional graphicsmagick_1.3.16.orig.tar.gz
7c9f0c7577d055c7a8c9a0ec43cbb44c 196019 graphics optional graphicsmagick_1.3.16-1.1+deb7u9.debian.tar.gz
4809ea6ec48879f90209b33587f21fee 1034266 graphics optional graphicsmagick_1.3.16-1.1+deb7u9_amd64.deb
85d101c27e00858c721a5af26cd0eed4 1325954 libs optional libgraphicsmagick3_1.3.16-1.1+deb7u9_amd64.deb
f073c30fdce50d67787094d1a4c462cd 1821852 libdevel optional libgraphicsmagick1-dev_1.3.16-1.1+deb7u9_amd64.deb
b5b5199c825b03c7733707418887df80 154932 libs optional libgraphicsmagick++3_1.3.16-1.1+deb7u9_amd64.deb
2f0cd27cad79738d1cbd7b439b6f8589 406448 libdevel optional libgraphicsmagick++1-dev_1.3.16-1.1+deb7u9_amd64.deb
e4dafcc47efacf033b5351898d827c6f 83774 perl optional libgraphics-magick-perl_1.3.16-1.1+deb7u9_amd64.deb
67a8811de5f06d019e3818bdf531ce03 3268912 debug extra graphicsmagick-dbg_1.3.16-1.1+deb7u9_amd64.deb
94bac1033c20720f0a55f118daaa3a51 18414 graphics extra graphicsmagick-imagemagick-compat_1.3.16-1.1+deb7u9_all.deb
eed1e644b5aa11ac40b8da86f05b2c09 21922 graphics extra graphicsmagick-libmagick-dev-compat_1.3.16-1.1+deb7u9_all.deb
-----BEGIN PGP SIGNATURE-----
iQKnBAEBCgCRFiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAlmoUdhfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy
MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcTHGRlYmlhbkBh
bHRlaG9sei5kZQAKCRCW/KwNOHtYR3MfD/0eMBZ5XhDlZzH1BYpKBDTiT6jLc+na
xqsds0AkpctJAcmuLI8waROIe2oyHltiE4LN3/aYH3DyDxOrGRdtZeiDzOaA1ZtD
6Qfi25RCNNsJD7KMNO09Rq09LZXQBkEclCr83kL+jPm16cqcic6ldeWWHlupPhYu
nRxqzB5LyGXppSeClXE1CH8T+Ps+G07czsubYvDreUHk3QjPLjJOUPSgPCxEYPCy
E+wTNIPu8LDakS5MxwpdayKaxGE2NIrvVDq+G0eYNwkIF7er9gvODKC95UyDwmND
mgy6hdDpHuo5bk95VYOyY2yay1EqHUy8eSDje3sIsuJ/YVFtcH1SrKntoww2NRj4
HfNXgp/f1JvHNZghSUU9uotbVTLhQAIOxwIn5cGAKF7dk2ZJbNSxLs8P9Gd7Ew1M
bTT/3ek6Oq6xRWt8izZVlhgVtnCNJxkv/+L8Sxd0c/Oxe6APkFz/NMfE9ZSnPa24
/m3dNjCp2ZaJYOZB6OfyyIBFYZpChDVyVOznH8nL9Ckcgsf1PD7VFqkiOxr6v7s+
ELOM9dM4iCKs+ztim/mhSeTw9ywi5DQ7P40Jo3NtVbbZ5TEL6CPsbijc+ph+8XKQ
P8ImGPC19a/jd0iLGXaP/q5zpTENcMuwoRX2M4ZXn9O8nCI28nlzAZWUU2/kgU3p
YV4RIlnHGv6u+A==
=1hMG
-----END PGP SIGNATURE-----