Accepted graphicsmagick 1.3.16-1.1+deb7u19 (source amd64 all) into oldoldstable
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sun, 25 Mar 2018 22:41:15 +0200
Source: graphicsmagick
Binary: graphicsmagick libgraphicsmagick3 libgraphicsmagick1-dev libgraphicsmagick++3 libgraphicsmagick++1-dev libgraphics-magick-perl graphicsmagick-imagemagick-compat graphicsmagick-libmagick-dev-compat graphicsmagick-dbg
Architecture: source amd64 all
Version: 1.3.16-1.1+deb7u19
Distribution: wheezy-security
Urgency: high
Maintainer: Daniel Kobras <kobras@debian.org>
Changed-By: Markus Koschany <apo@debian.org>
Description:
graphicsmagick - collection of image processing tools
graphicsmagick-dbg - format-independent image processing - debugging symbols
graphicsmagick-imagemagick-compat - image processing tools providing ImageMagick interface
graphicsmagick-libmagick-dev-compat - image processing libraries providing ImageMagick interface
libgraphics-magick-perl - format-independent image processing - perl interface
libgraphicsmagick++1-dev - format-independent image processing - C++ development files
libgraphicsmagick++3 - format-independent image processing - C++ shared library
libgraphicsmagick1-dev - format-independent image processing - C development files
libgraphicsmagick3 - format-independent image processing - C shared library
Changes:
graphicsmagick (1.3.16-1.1+deb7u19) wheezy-security; urgency=high
.
* Non-maintainer upload by the LTS team.
* Fix CVE-2017-18219: An allocation failure vulnerability was found in the
function ReadOnePNGImage in coders/png.c, which allows attackers to cause a
denial of service via a crafted file that triggers an attempt at a large
png_pixels array allocation.
* Fix CVE-2017-18220: The ReadOneJNGImage and ReadJNGImage functions in
coders/png.c allow remote attackers to cause a denial of service or
possibly have unspecified other impact via a crafted file, a related issue
to CVE-2017-11403
* Fix CVE-2017-18229: An allocation failure vulnerability was found in the
function ReadTIFFImage in coders/tiff.c, which allows attackers to cause a
denial of service via a crafted file, because file size is not properly
used to restrict scanline, strip, and tile allocations.
* Fix CVE-2017-18230: A NULL pointer dereference vulnerability was found in
the function ReadCINEONImage in coders/cineon.c, which allows attackers to
cause a denial of service via a crafted file.
* Fix CVE-2017-18231: A NULL pointer dereference vulnerability was found in
the function ReadEnhMetaFile in coders/emf.c, which allows attackers to cause
a denial of service via a crafted file.
* Fix CVE-2018-9018: There is a divide-by-zero in the ReadMNGImage function
of coders/png.c. Remote attackers could leverage this vulnerability to cause
a crash and denial of service via a crafted mng file.
Checksums-Sha1:
1485cbff3ce055a2765d766b4b577a5877f131f9 2914 graphicsmagick_1.3.16-1.1+deb7u19.dsc
1c51dd1d469f9c17f37ad1bfc7dd63c52fb40b50 181468 graphicsmagick_1.3.16-1.1+deb7u19.debian.tar.xz
a8c612b278ad63d9285ca2f13e2127209bfecd65 1037384 graphicsmagick_1.3.16-1.1+deb7u19_amd64.deb
a0d7c611ec79913476c40d1a922268ddc005dbcb 1328446 libgraphicsmagick3_1.3.16-1.1+deb7u19_amd64.deb
8ffde2c4101f02b4f626a4c3c23fd8999fccf421 1825788 libgraphicsmagick1-dev_1.3.16-1.1+deb7u19_amd64.deb
56d72a049bf2ac8af4401ad411b329825f2dfa02 156028 libgraphicsmagick++3_1.3.16-1.1+deb7u19_amd64.deb
166f1f65d286255b23ece9624a326247a2f531a6 410382 libgraphicsmagick++1-dev_1.3.16-1.1+deb7u19_amd64.deb
320dda50982e7b81ebbcacab426844342c84f0e8 85214 libgraphics-magick-perl_1.3.16-1.1+deb7u19_amd64.deb
6800b17636f02ac3477ba709f2d4e827969ab7ef 3272714 graphicsmagick-dbg_1.3.16-1.1+deb7u19_amd64.deb
d34b7715082b7aa784e6a10f86d53b0bda663205 19940 graphicsmagick-imagemagick-compat_1.3.16-1.1+deb7u19_all.deb
4d74d51065d1aedf42c0c6317adae32832bd9626 22878 graphicsmagick-libmagick-dev-compat_1.3.16-1.1+deb7u19_all.deb
Checksums-Sha256:
957961a90ea9ddc652a5dcf2b0c3514b72bf09d1a3bf839d4ca81f61306dc81b 2914 graphicsmagick_1.3.16-1.1+deb7u19.dsc
df51655f60bcae71ffaa252f1d2c1a20219441079abf8d5f28d281ae2ad9a200 181468 graphicsmagick_1.3.16-1.1+deb7u19.debian.tar.xz
cd1e3e53605586bc638eb6a702605018620a6ee08167f283fe361dfca9fa6bc3 1037384 graphicsmagick_1.3.16-1.1+deb7u19_amd64.deb
95fc053127e57ae7cd53ed169f62fd74b8173a6fc4a5c66177b4c1a36f264987 1328446 libgraphicsmagick3_1.3.16-1.1+deb7u19_amd64.deb
862244c2e137217ab5df9acbde5370baea18287b0d291f845bee7388790dbd4f 1825788 libgraphicsmagick1-dev_1.3.16-1.1+deb7u19_amd64.deb
df7612f8e2f14846de50e231ca9ecbed071d58c4ad6d4d1ce99f2935c894743e 156028 libgraphicsmagick++3_1.3.16-1.1+deb7u19_amd64.deb
c3f3b7d9199059632d88d904df77d9a719399246930d95ec2c9ee61b6cd97f6a 410382 libgraphicsmagick++1-dev_1.3.16-1.1+deb7u19_amd64.deb
b57c56c742a4aac63751eeb57c7e0d9391e825e1f94178fd9c92fcb535be48c6 85214 libgraphics-magick-perl_1.3.16-1.1+deb7u19_amd64.deb
cd2bce2498e11982ef8d70b8b55fe72dc8db6f60bdba87af5f4998fd31fd0baa 3272714 graphicsmagick-dbg_1.3.16-1.1+deb7u19_amd64.deb
104b80ddac53a7a0bd4ef1b44fe362db823a139b75a927f84305e77a831c1be3 19940 graphicsmagick-imagemagick-compat_1.3.16-1.1+deb7u19_all.deb
50bbdbe2a9a500cc3bf02efacbb46b555fab8402f4554ca3eceeab04c0806f43 22878 graphicsmagick-libmagick-dev-compat_1.3.16-1.1+deb7u19_all.deb
Files:
df5ef202c676e4ed1b26e4ed74b07e3f 2914 graphics optional graphicsmagick_1.3.16-1.1+deb7u19.dsc
6af61075430df2efd426f601db638734 181468 graphics optional graphicsmagick_1.3.16-1.1+deb7u19.debian.tar.xz
6dba5160676ecca7eb70a099916b376c 1037384 graphics optional graphicsmagick_1.3.16-1.1+deb7u19_amd64.deb
911391fedd69d842b798c1b81c75ee5b 1328446 libs optional libgraphicsmagick3_1.3.16-1.1+deb7u19_amd64.deb
e95989091fece658ffb5edc33f50155c 1825788 libdevel optional libgraphicsmagick1-dev_1.3.16-1.1+deb7u19_amd64.deb
9b2621a267f86ba7e38d115ea1f0d64e 156028 libs optional libgraphicsmagick++3_1.3.16-1.1+deb7u19_amd64.deb
1d5dd38e127fff18d71333378e3ca5f6 410382 libdevel optional libgraphicsmagick++1-dev_1.3.16-1.1+deb7u19_amd64.deb
580dc181ee9c950ca6f434416b2becde 85214 perl optional libgraphics-magick-perl_1.3.16-1.1+deb7u19_amd64.deb
129e2ebf9f973e5863b9035f125da8d2 3272714 debug extra graphicsmagick-dbg_1.3.16-1.1+deb7u19_amd64.deb
88c32ab19f0506d3caaa8466bf835ef1 19940 graphics extra graphicsmagick-imagemagick-compat_1.3.16-1.1+deb7u19_all.deb
ec987a19a2c58fe41914fd602cb4f31b 22878 graphics extra graphicsmagick-libmagick-dev-compat_1.3.16-1.1+deb7u19_all.deb
-----BEGIN PGP SIGNATURE-----
iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAlq7pUpfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp
YW4ub3JnAAoJENmtFLlRO1Hk1iUQAMHEymDpz+QdUP94alN8S1PbrnYw7pyTuZx1
BpWm2M183e5GR2WPyI6QBEksYq+TcdVjmmpHeiSpRw20h/CUuG/KZxAIvg+nBriQ
w3qFml5josNMWOKcgfZsiIjZ7L0p3B1lgv4+If5dBlOAeuue/wpjqnZqirqWzk6i
Xxsv8rILq4QX3RnV7fjtPABE2faHo709WRD0XwreBcavsIEnsm+Hhb+AYT7E8+7U
zu3CnxbmG5EfDfMA8TNj1LD9KuCQRO+MTLBwQI2SfdvcQHwRmtyCInMb1sopDM+N
4dd35DoWW2TjALHttuAmI/BraDYW/mXl9YywJBm2+oaD9HirW/6R4hKgsJtKakdR
ENCUjKXlPuHEh9rtB00z72p7lku2YsdOAE2O+VC2r9QnkhXAZtq3Aj/DeX0h7SPo
MFl+cSv7KsQn6RHSE29D03z3ld9VBJniQovYxr6f/B00Y5JR03a/d7yvjAOkijcU
2P0O1YGe2hOqb9YQHUSGXort/KGngYC1cJ0tiAtJBKqJvpOb2Y+unDxCKx/jZg+A
TPNNLeFt/7BfBbcgYbW92R0JBq/U3huvbemXhglMxjPmW8YQQvVFUEsqIjOMdwyk
FW1q4lk9DpjEjFupBjvzRWNENssMDggcU5c7dIXop6cTehxqf/92nZ7lgYUe07aX
XymCjgMP
=HgeV
-----END PGP SIGNATURE-----